In this 3-part series of articles, is shown how you can use IAM to simply add security, according to OAuth 2.0 standards, to a previously unauthenticated service deployed in IRIS.

In the first part, was provided some OAuth 2.0 background together with some IRIS and IAM initial definitions and configurations in order to facilitate the understanding of the whole process of securing your services.

0 1 339

Earlier this year, the AppS.REST package was released. AppS.REST is a framework for easily exposing existing persistent classes in IRIS as REST resources. AppS.REST-enabled classes support CRUD operations with little effort from the developer, bridging the gap between persistent data in IRIS and data consumers, such as an Angular front end application.

But IRIS classes are much more than just a definition for loading and saving individual records! This article aims to highlight a few ways to leverage the power of IRIS in your REST applications.  Using the Phone.Contact sample app, we'll look at out-of-the-box query support, use of class queries and finally ObjectScript methods.

1 6 181

I have a vendor that is sending an HL7 message. But when I asked for more detail about their mapping tables, they told me they typically don't supply that but supply an API for customers to call so they don't have to define tables and it is more dynamic.

So with that being said I am creating my first REST operation. I understand the gist of how a REST operation works in working with other types out Non HL7 Operations (SOAP, SQL) before. You send a request and get a response back, that part I understand.

0 14 136

Hello Everyone,

We are currently in process of implementing REST APIs using IRIS and we are also looking at using Intersystems API Manager. 

Our aim is to implement a Microservices Architechture where Services are small in size,  bounded by contexts, autonomously developed, and independently deployable. 

We are following a spec first approach where we are first defining the API specs into Swagger Hub and using IRIS API Management Service to build the REST classes i.e. the Specification class, Dispatch class and Implementation Class.

0 8 158


I am trying to figure out if we can extend a business process in IRIS. My Use Case is that I am developing RESTful Interfaces and my each REST Interface needs to go through certain processes before getting to the actual action.  

e.g. I have 2 REST Interfaces, GetPatient and GetEncounter. Both of these need to invoke "GetToken" Business Operation to go to the Authentication server to get an authentication token before they go ahead and hit the Business Operation to Get the data i.e. Patient or Encounter.  

1 1 59

FIrst of all thank you for your time in reading this question and writing a response,

We would need some help,

-> Our objective is to control which method is being used in the service: GET POST PUT

We have tried to understand the example REST Service: Demo.REST.DirectoryService


After that we have tried to create our own custom rest service,

please take a few minutes to examine the following code:

0 12 121

Hi All,
I am implementing REST API's in IRIS using the below link as a guide. 
I chose this approach so i could have a single entry point for requests regardless of namespace 

a sample form the HIHLib.REST.Server class i am using is below. my question is does IRIS and CSP cache responses for requests to the CSP.REST class?
and if so what parameters or properties do i need to enable?

0 2 135

I'm trying to setup a REST server with CORS support. I have created a class that handles a specific part of the service (printer control). This class I have referenced in my main REST class by adding <Map Prefix="/print" Forward="myClass.PrintAPI" />

My main class does have its own <Route>s and handles CORS requests perfectly. But in my subclass OnHandleCorsRequest() is only run when requesting from same origin and never run when making a CORS request. I have set Parameter HandleCorsRequest = "true" in both my main REST class and the subclass.


1 4 104

In this article, I would like to talk about the spec-first approach to REST API development.

While traditional code-first REST API development goes like this:

  • Writing code
  • REST-enabling it
  • Documenting it (as a REST API)

Spec-first follows the same steps but reverse. We start with a spec, also doubling as documentation, generate a boilerplate REST app from that and finally write some business logic.

This is advantageous because:

  • You always have relevant and useful documentation for external or frontend developers who want to use your REST API
  • Specification created in OAS (Swagger) can be imported into a variety of tools allowing editing, client generation, API Management, Unit Testing and automation or simplification of many other tasks
  • Improved API architecture.  In code-first approach, API is developed method by method so a developer can easily lose track of the overall API  architecture, however with the spec-first developer is forced to interact with an API from the position if API consumer which usually helps with designing cleaner API architecture
  • Faster development - as all boilerplate code is automatically generated you won't have to write it, all that's left is developing business logic.
  • Faster feedback loops - consumers can get a view of the API immediately and they can easier offer suggestions simply by modifying the spec

Let's develop our API in a spec-first approach!

6 4 1,382

InterSystems API Management (IAM) - a new feature of the InterSystems IRIS Data Platform, enables you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure. In case you missed it, here is the link to the announcement. And here's an article explaining how to start working with IAM.

In this article, we would use InterSystems API Management to Load Balance an API.

In our case, we have 2 InterSystems IRIS instances with /api/atelier REST API that we want to publish for our clients.

There are many different reasons why we might want to do that, such as:

  • Load balancing to spread the workload across servers
  • Blue-green deployment: we have two servers, one "prod", other "dev" and we might want to switch between them
  • Canary deployment: we might publish the new version only on one server and move 1% of clients there
  • High availability configuration
  • etc.
4 3 418

Hi All,

I hope someone can help me with the following, it's about the usage of the class EnsLib.HL7.Service.HTTPService.

Working situation right know.

In IIS we've got a site configured who is dealing with the client certificate, etc and redirect the full request to http://localhost/csp/healthshare/NAMEPSACE/EnsLib.HL7.Service.HTTPServic... and the web gateway redirects the request to Business Service 'EnsLib.HL7.Service.HTTPService.cls'.

0 2 100

Hello fellow community members,

I would like to offer my services as an Intersystems Professional and am available to work on projects. 

I have more than a decade experience into  Intersystems stack of technologies including IRIS, Ensemble, Healthshare, Healthconnect, Cache Objectscript, Mumps, Zen, Analytics etc. with companies spread over US and UK  involved in multiple domains.

0 0 120