Hello Community,

I’m working on an InterSystems IRIS production that needs to call an external API using OAuth client credentials (client_id and client_secret). For security reasons, I must pass these credentials via environment variables in my Docker container.

Dear community, I have a confession to make. I have not gotten over Zen yet. Alas, all good things must come to an EOF, so I am currently learning about Angular. I am working on proving to myself that with the right back end and Angular components, I can deliver to myself and my team a very Zen-like experience in this environment.

I have built a REST operation to submit a JSON Request Body, and in the JSON Response Object, I need to pull out certain values like pureID, portalURL, and under the identifiers array the ClassifiedID that has a term."en_US" = "Scopus Author ID"

Introduction

InterSystems IRIS allows you to build REST APIs using ObjectScript classes and the %CSP.REST framework. This enables the development of modern services to expose data for web apps, mobile apps, or system integrations.

In this article, you'll learn how to create a basic REST API in InterSystems IRIS, including:

Hi developers. Just want to share with you a finding that might save you a few important minutes of your developer life with InterSystems IRIS.

But!

It should work; you deployed the REST API correctly, and everything is just in place.

What can go wrong?

Foreword

InterSystems IRIS versions 2022.2 and newer feature the ability to authenticate to a REST API using JSON web tokens (JWTs). This feature enhances security by limiting where and how often passwords transfer over the network in addition to setting an expiration time on access.

The goal of this article is to serve as a tutorial on how to implement a mock REST API using InterSystems IRIS and lock access to it behind JWTs.

I am trying to replicate a REST call that I am able to make via a Postman call within a EnsLib.REST.GenericOperation.

It's been a while since I have messed around with trying to make external REST calls. When I execute my REST call, tSC is coming back with an error and I am trying to pinpoint why. I tried turning on ISCLOG = 5 but when calling the REST Operation from the Testing tool it is not logging anything to the ISC log.

Hi developers!

While developing web apps the security practice I consider safe and convenient is to create a special Role (e.g. equal application name) which contains security resources which application will need (SQL tables, priviledges, database access, etc) and assign it to the Web Application.
So the user gets this role once it loggs in to the application (via password, no password or delegated).

Convenient, right?

So, the question is, when I deploy the app as an IPM module what should I put as a database access?

Surely you wanted to use the OpenAPI Specification (OAS) JSON you used for your spec class on the iris-web-swagger-ui iris package. The generated OAS from the ##class(%REST.API).GetWebRESTApplication(...) method is very crude, with no description on the parameters or the expected response structure.

So after creating your REST application from an OAS you should have:

I deployed an IRIS REST application using Installer class. I think I created the namespace FEEDER database with %DB_Default resource and I used the same resource in Web Application roles. I allowed Unauthenticated Authentication method. I used ^%ISCLOG and reviewed ^ISCLOG. I do not understand why I get 403 Forbidden response.

Background:

This guideline provides an overview of how to design and implement a REST API interface for querying patient demographic data from an Electronic Patient Record (EPR) system using HealthConnect. The process involves sending a query request with the patient's identification number, retrieving the response from the EPR system, extracting the required patient demographic data from the HL7 message, and sending it as a JSON response to the supplier. The high-level process diagram is shown below (Screenshot 1).

Hi Community,

Enjoy the new video on InterSystems Developers YouTube:

⏯ Rapidly Create and Deploy Secure REST Services on InterSystems IRIS @ Global Summit 2024

https://www.youtube.com/embed/YofM-dHoK8s
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

We are calling a REST web-service from Ensemble using EnsLib.HTTP.OutboundAdapter and redefining the adapter class to set custom headers as described by @Eduard Lebedyuk here: How to set Content-Type

Monitoring your IRIS deployment is crucial. With the deprecation of System Alert and Monitoring (SAM), a modern, scalable solution is necessary for real-time insights, early issue detection, and operational efficiency. This guide covers setting up Prometheus and Grafana in Kubernetes to monitor InterSystems IRIS effectively.

This guide assumes you already have an IRIS cluster deployed using the InterSystems Kubernetes Operator (IKO), which simplifies deployment, integration and mangement.