English

Svenska

English

Svenska

Appearance

Creditor and User Management Example

The diagram below shows the basic sequence of API calls for managing users within a new creditor, with each step described in the following sections.

An account API user creates a new creditor with all required activation fields. When a creditor is created, access groups are automatically generated for that creditor based on account (or partnert, when applicable). The flow then shows how to retrieve these access groups and use them to create two types of users: a creditor admin who can create new users, and a regular creditor user who can handle cases for the creditor.


Step-by-Step Guide

All API requests require a valid authentication token in the X-API-Key header. For details about the authentication process and token management, see the Authentication documentation.

In this guide, we will use the AuthTokenProvider class (documented in the authentication guide) to handle token management.

1. Create a Creditor

Create a new creditor using the Creditor endpoint. While a creditor is inactive, no case registrations can be created for it. In order to activate a creditor, the following fields are mandatory: payout_details, sender_address, invoice_address, and standard_debt_description.

typescript
const creditorData = {
  account: '6662fb1df4d1eaf404cb08de',
  name: 'Acme Inc',
  organization_no: '1122334455',
  is_active: true,
  standard_debt_description: 'Standard skuldbeskrivning på Konto',
  description: 'Testing',
  sender_address: {
    address_line_1: 'Redaregatan 50',
    zip_code: '25236',
    city: 'Helsingborg',
    country: 'SE',
  },
  invoice_address: {
    address_line_1: 'Redaregatan 50',
    zip_code: '25236',
    city: 'Helsingborg',
    country: 'SE',
  },
  payout_details: {
    sek: {
      bankgiro: '12312312',
    },
  },
}

const token = await auth.getValidToken()
const response = await axios.post(
  'https://api-sandbox.amili.se/creditors',
  creditorData,
  {
    headers: {
      'X-API-Key': token,
      'Content-Type': 'application/json',
    },
  }
)
python
creditor_data = {
    "account": "6662fb1df4d1eaf404cb08de",
    "name": "Acme Inc",
    "organization_no": "1122334455",
    "is_active": True,
    "standard_debt_description": "Standard skuldbeskrivning på Konto",
    "description": "Testing",
    "sender_address": {
        "address_line_1": "Redaregatan 50",
        "zip_code": "25236",
        "city": "Helsingborg",
        "country": "SE"
    },
    "invoice_address": {
        "address_line_1": "Redaregatan 50",
        "zip_code": "25236",
        "city": "Helsingborg",
        "country": "SE"
    },
    "payout_details": {
        "sek": {
            "bankgiro": "12312312"
        }
    }
}

token = auth.get_valid_token()
response = requests.post(
    'https://api-sandbox.amili.se/creditors',
    json=creditor_data,
    headers={
        'X-API-Key': token,
        'Content-Type': 'application/json'
    }
)
response.raise_for_status()
result = response.json()

The response will be:

json
{
  "_updated": "Tue, 11 Nov 2025 12:22:34 GMT",
  "_created": "Tue, 11 Nov 2025 12:22:34 GMT",
  "_etag": "2646bc714fe277d4e317cfaddaeb450a34f28053",
  "_id": "69132a8bc9ea54f691cc407c",
  "_status": "OK"
}

2. Get Available Access Groups

Get the available access groups by filtering on your account or on the newly created creditor. This will give you a list of access groups with type: api_user, account_admin, admin, and user. The available groups are usually set account level. When a creditor is created, access groups for admin and user are automatically created for that creditor. For more details, see the Access Group documentation.

typescript
const token = await auth.getValidToken()
const query = encodeURIComponent(
  JSON.stringify({ account: '6662fb1df4d1eaf404cb08de' })
)

const response = await axios.get(
  `https://api-sandbox.amili.se/access--groups?where=${query}`,
  {
    headers: {
      'X-API-Key': token,
    },
  }
)
python
import json

token = auth.get_valid_token()
query = json.dumps({'account': '6662fb1df4d1eaf404cb08de'})

response = requests.get(
    'https://api-sandbox.amili.se/access--groups',
    params={'where': query},
    headers={'X-API-Key': token}
)
response.raise_for_status()
result = response.json()

The response will be:

json
{
  "_items": [
    {
      "_id": "6662fb1df4d1eaf404cb08e0",
      "account": "6662fb1df4d1eaf404cb08de",
      "name": "account_admin",
      "type": "account_admin",
      "access_group_template": "65a961d89cbd399b9a0c7693",
      "access_rights": {
        // Omitted for readability
      },
      "_updated": "Wed, 05 Nov 2025 19:07:19 GMT",
      "_created": "Fri, 07 Jun 2024 12:20:45 GMT",
      "_etag": "32f9bf44c64a4491893cfef2d77541e1",
      "account_name": "API integrationstester AB"
    },
    {
      "_id": "6662fb1df4d1eaf404cb08e1",
      "account": "6662fb1df4d1eaf404cb08de",
      "name": "api_user",
      "type": "api_user",
      "access_group_template": "65a961d89cbd399b9a0c7693",
      "access_rights": {
        // Omitted for readability
      },
      "_updated": "Wed, 05 Nov 2025 19:07:20 GMT",
      "_created": "Fri, 07 Jun 2024 12:20:45 GMT",
      "_etag": "4ec054f2713045e8a1475a64241839ee",
      "account_name": "API integrationstester AB"
    },
    {
      "_id": "69132a8bc9ea54f691cc407e",
      "account": "6662fb1df4d1eaf404cb08de",
      "creditor": "69132a8bc9ea54f691cc407c",
      "name": "admin",
      "type": "admin",
      "access_group_template": "65a961d89cbd399b9a0c7693",
      "access_rights": {
        // Omitted for readability
      },
      "_updated": "Tue, 11 Nov 2025 12:22:35 GMT",
      "_created": "Tue, 11 Nov 2025 12:22:35 GMT",
      "_etag": "37c057233c9644f499fe69ad35244a88",
      "account_name": "API integrationstester AB",
      "creditor_name": "Acme Inc"
    },
    {
      "_id": "69132a8bc9ea54f691cc407f",
      "account": "6662fb1df4d1eaf404cb08de",
      "creditor": "69132a8bc9ea54f691cc407c",
      "name": "user",
      "type": "user",
      "access_group_template": "65a961d89cbd399b9a0c7693",
      "access_rights": {
        // Omitted for readability
      },
      "_updated": "Tue, 11 Nov 2025 12:22:35 GMT",
      "_created": "Tue, 11 Nov 2025 12:22:35 GMT",
      "_etag": "2e59604d1cbd4707babe30e7fbeeb1c3",
      "account_name": "API integrationstester AB",
      "creditor_name": "Acme Inc"
    }
  ],
  "_meta": {
    "page": 1,
    "max_results": 25,
    "total": 4
  }
}

3. Create a Creditor Admin

Create a creditor admin user who has access to create new users on the creditor using the Users endpoint. Use the access group ID with type: admin from the previous step.

typescript
const adminUserData = {
  account: '6662fb1df4d1eaf404cb08de',
  name: 'Jon Doe',
  email_data: {
    email: 'jon.doe@google.com',
  },
  is_enabled: true,
  oauth_type: 'google',
  email_oauth: 'jon.doe@google.com',
  data_access: [
    {
      access_group: '69132a8bc9ea54f691cc407e',
    },
  ],
}

const token = await auth.getValidToken()
const response = await axios.post(
  'https://api-sandbox.amili.se/users',
  adminUserData,
  {
    headers: {
      'X-API-Key': token,
      'Content-Type': 'application/json',
    },
  }
)
python
admin_user_data = {
    "account": "6662fb1df4d1eaf404cb08de",
    "name": "Jon Doe",
    "email_data": {
        "email": "jon.doe@google.com"
    },
    "is_enabled": True,
    "oauth_type": "google",
    "email_oauth": "jon.doe@google.com",
    "data_access": [{
        "access_group": "69132a8bc9ea54f691cc407e"
    }]
}

token = auth.get_valid_token()
response = requests.post(
    'https://api-sandbox.amili.se/users',
    json=admin_user_data,
    headers={
        'X-API-Key': token,
        'Content-Type': 'application/json'
    }
)
response.raise_for_status()
result = response.json()

The response will be:

json
{
  "_updated": "Tue, 11 Nov 2025 12:58:28 GMT",
  "_created": "Tue, 11 Nov 2025 12:58:28 GMT",
  "_etag": "8f24ed684144a3572083739483e0c3bf05571f8b",
  "_id": "691332f4f22afe6587de55ea",
  "_status": "OK"
}

4. Create a Creditor User

Create a regular creditor user who has access to handle cases for the creditor using the Users endpoint. Use the access group ID with type: user from step 2.

typescript
const userData = {
  account: '6662fb1df4d1eaf404cb08de',
  name: 'Jane Doe',
  email_data: {
    email: 'jane.doe@google.com',
  },
  is_enabled: true,
  oauth_type: 'google',
  email_oauth: 'jane.doe@google.com',
  data_access: [
    {
      access_group: '69132a8bc9ea54f691cc407f',
    },
  ],
}

const token = await auth.getValidToken()
const response = await axios.post(
  'https://api-sandbox.amili.se/users',
  userData,
  {
    headers: {
      'X-API-Key': token,
      'Content-Type': 'application/json',
    },
  }
)
python
user_data = {
    "account": "6662fb1df4d1eaf404cb08de",
    "name": "Jane Doe",
    "email_data": {
        "email": "jane.doe@google.com"
    },
    "is_enabled": True,
    "oauth_type": "google",
    "email_oauth": "jane.doe@google.com",
    "data_access": [{
        "access_group": "69132a8bc9ea54f691cc407f"
    }]
}

token = auth.get_valid_token()
response = requests.post(
    'https://api-sandbox.amili.se/users',
    json=user_data,
    headers={
        'X-API-Key': token,
        'Content-Type': 'application/json'
    }
)
response.raise_for_status()
result = response.json()

The response will be:

json
{
  "_updated": "Tue, 11 Nov 2025 12:59:48 GMT",
  "_created": "Tue, 11 Nov 2025 12:59:48 GMT",
  "_etag": "ee7b9a1da5bb6d04f0792f9ffda1ee3d609e0001",
  "_id": "69133344698d69d986cbad08",
  "_status": "OK"
}