Security architecture
Secure accounting API access without opening inbound ports
AcctBridge uses an outbound tunnel model so accounting machines do not need inbound firewall rules, static IPs, or public database exposure.
Why this matters
Accounting systems often sit on Windows machines that were never meant to be exposed directly to the public internet.
AcctBridge keeps remote API access practical by using local connectors and outbound tunnel connectivity instead of inbound port forwarding.
No inbound opening on the accounting network
Directly exposing an accounting server creates operational risk. Static IPs change, router access is inconsistent, and firewall exceptions become hard to audit across many sites.
AcctBridge keeps the accounting side simpler: the local connector establishes outbound HTTPS connectivity, and the public API gateway routes connection traffic through that controlled path.
- No inbound port forwarding requirement for the accounting site router.
- No public SQL Server or accounting application endpoint.
- Connection-specific gateway access instead of shared remote access credentials.
Gateway authentication stays separate from local accounting credentials
Your upstream software authenticates to AcctBridge with API credentials. The local connector handles the accounting-system-specific work near the accounting installation.
That separation keeps the integration surface clearer: external systems call REST endpoints, while local accounting access remains inside the accounting environment.
Support can inspect connection state before payloads
Operational status matters when an accounting PC goes offline, a tunnel disconnects, or a local connector cannot reach the accounting runtime. AcctBridge exposes tunnel and connector status so support can distinguish infrastructure availability from request validation issues.