Create a service account for Message Hub communications
1. Create standard UBW user in User Master File (we commonly use name & id WSUSER, as it will help us distinguish it from other users if something goes wrong, but it's up to the customer to decide), must-haves:
- Password never expires
- Default company must be set
- Super/System roles, or if the customer is using different role-based access – roles that provide access to Objects and Web API
The user doesn't need Administrator or Menu Access. User must not have Unit4 ID value!
2. Go to TAG200 screen in Web and create the same user here with Basic Auth (name, id, and password must be same, it's case sensitive!):
Make sure that Basic authentication is enabled. Otherwise, you will get "unauthorized" messages in the logs
3. To check if the user has enough privileges, you can go to XAG005 and XAG002 screens in Web – select created user in the filter and see if it has access on Objects and API (accessible objects are blue, not gray). Please assign Read access to all objects (by applying it on the Root). In the screenshots below, you can see an example:
Important notice – if WSUSER doesn't have enough privileges, communication will not work properly.