Skip to main content
Leaf connects to Agvance using an API key combined with username/password credentials. Once connected, Leaf syncs growers, farms, and fields from the Agvance system.

Prerequisites

  1. Access to an Agvance instance with API access enabled.
  2. Your apiKey from Agvance.
  3. The username, password, and databaseId for the target Agvance database.
  4. Optional: clientEnvironment if you need to override the default environment.

Setup steps

POST the credentials to Leaf: 
curl -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'Content-Type: application/json' \
    -d '{
      "apiKey": "your-api-key",
      "clientEnvironment": "PRODUCTION",
      "databaseId": "target-database-id",
      "password": "your-password",
      "username": "your-username"
    }' \
    'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/agvance-credentials'

Credentials schema

Create request body:
FieldTypeRequiredDescription
apiKeystringYesYour Agvance API key
clientEnvironmentstringNoSTAGE or PRODUCTION. Defaults to STAGE if omitted.
databaseIdstringYesThe target Agvance database ID
usernamestringYesAgvance username
passwordstringYesAgvance password
Response: 
{
  "id": "uuid",
  "status": "str",
  "createdTime": "yyyy-MM-dd'T'HH:mm:ss.SSSSSS'Z'",
  "clientEnvironment": "PRODUCTION",
  "username": "str",
  "password": "str",
  "databaseId": "str",
  "sessionId": "str",
  "apiKey": "str"
}
Leaf generates a sessionId after successful authentication. If you omit clientEnvironment, Leaf defaults it to STAGE.

Confirm the credentials are attached

Check the stored credentials for the Leaf user: 
curl "https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/agvance-credentials" \
  -H "Authorization: Bearer YOUR_TOKEN"
If this worked, Leaf returns the Agvance credential object with the resolved sessionId.

Endpoints

Base URL: https://api.withleaf.io/services/usermanagement/api
ActionMethodPath
Get credentialsGET/users/{leafUserId}/agvance-credentials
Create credentialsPOST/users/{leafUserId}/agvance-credentials
Delete credentialsDELETE/users/{leafUserId}/agvance-credentials
Get credential eventsGET/users/{leafUserId}/agvance-credentials/events

Troubleshooting

Use the events endpoint to inspect credential health: 
curl -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/agvance-credentials/events'
Event logs are retained for 30 days. Once the credential is deleted or disassociated from the Leaf user, the logs are no longer available.
Common issues:
  • Invalid credentials: If the password changes in Agvance, delete and recreate the credentials with the new password.
  • Wrong database ID: Verify the databaseId matches the target Agvance database.
  • STAGE vs. PRODUCTION mismatch: If you set clientEnvironment explicitly, make sure it matches the Agvance instance you’re connecting to.

What to do next

Last modified on March 19, 2026