Foreword

InterSystems IRIS versions 2022.2 and newer feature the ability to authenticate to a REST API using JSON web tokens (JWTs). This feature enhances security by limiting where and how often passwords transfer over the network in addition to setting an expiration time on access.

The goal of this article is to serve as a tutorial on how to implement a mock REST API using InterSystems IRIS and lock access to it behind JWTs.

NOTE I am NOT a developer.I make no claims as to the efficiency, scalability, or quality of the code samples I use in this article.

I have a rest API Class used for getting data from Cache 2018 version.
I have single route '/callfuntions'
I send the following parameters to the API :-  className, methodName, params
I use $CLASSMETHODto execute and send the result back to the client.

If I make more that 10 to 12 requests in quick succession, then it stops sending data.

if I wait for over 10 seconds it allows me to send more requests to the API.  How do I resolve this?

I am trying to replicate a REST call that I am able to make via a Postman call within a EnsLib.REST.GenericOperation.

It's been a while since I have messed around with trying to make external REST calls. When I execute my REST call, tSC is coming back with an error and I am trying to pinpoint why. I tried turning on ISCLOG = 5 but when calling the REST Operation from the Testing tool it is not logging anything to the ISC log.

How do we see the RAW request being sent out to verify that my request is formatted properly? tSC is coming back with an error as the message displayed in the error is "Err

Hi devs!

What is the best way to return JSON in IRIS for a GET request in a REST app?

This is how I do it now:

ClassMethod GetAllPersons() As%Stream.Object
{
    d ..%SetContentType("application/json")
    Set rset = ##class(dc.Sample.Person).ExtentFunc()

    set stream=##class(%Stream.TmpCharacter).%New()
    d stream.Write("[")
    if rset.%Next() {
        Set person = ##class(dc.Sample.Person).%OpenId(rset.ID)
        Do person.%JSONExportToStream(.stream)
    }
    While rset.%Next() {
        d stream.Write(",")
        Set person = ##class(dc.Sample.Person).%OpenId(rset.ID)

Hi developers!

While developing web apps the security practice I consider safe and convenient is to create a special Role (e.g. equal application name) which contains security resources which application will need (SQL tables, priviledges, database access, etc) and assign it to the Web Application.
So the user gets this role once it loggs in to the application (via password, no password or delegated).

Convenient, right?

So, the question is, when I deploy the app as an IPM module what should I put as a database access?

For example I develop the app in the USER namespace so I list the access to

Hi Community,

How Can I do to return ID when I call %JSONExport()?

Hi Community,

I would like to present my last package OpenAPI-Suite, this is a set of tools to generate ObjectScript code from an OpenAPI specification version 3.0.  In short, these packages allow to: 

• Generate server-side class.  It’s pretty similar to the generated code by ^%REST but the added value is the version 3.0 support.
• Generate HTTP client classes.
• Generate client production (business services, business operation, business process, Ens.Request, Ens.Response) classes.
• A web interface to generate and download the code or generate and compile directly on the server.
• Convert specification from version 1.x, 2.x to version 3.0.

I deployed an IRIS REST application using Installer class. I think I created the namespace FEEDER database with %DB_Default resource and I used the same resource in Web Application roles. I allowed Unauthenticated Authentication method. I used ^%ISCLOG and reviewed ^ISCLOG. I do not understand why I get 403 Forbidden response.

Background:

This guideline provides an overview of how to design and implement a REST API interface for querying patient demographic data from an Electronic Patient Record (EPR) system using HealthConnect. The process involves sending a query request with the patient's identification number, retrieving the response from the EPR system, extracting the required patient demographic data from the HL7 message, and sending it as a JSON response to the supplier. The high-level process diagram is shown below (Screenshot 1).

Has anyone tried using Server-Sent Events with Caché/HealthShare/Ensemble and angularjs?

Hi Community,

Enjoy the new video on InterSystems Developers YouTube:

⏯  Rapidly Create and Deploy Secure REST Services on InterSystems IRIS @ Global Summit 2024

Hi, 

i'm with a trouble to take the api/monitor/alerts using prometheus.

i'm using prometheus 3.2.1 with IRIS 2022.1, the api metrics is working fine, but with the alerts, i'm receiving the following error:
 

and this is the answer in the request:

it apears the iris is not using the right way to answer the OpenMetrics the way Prometheus want.

Someone already see this?

We are calling a REST web-service from Ensemble using EnsLib.HTTP.OutboundAdapter and redefining the adapter class to set custom headers as described by @Eduard Lebedyuk here: How to set Content-Type

During development we accidentally stumbled across puzzling behaviour - we now suspect that the %Net.HttpRequest object created in the linked example is being reused in the following scenario:

1. request is created as described and sent to web-service, so an instance of a %Net.HttpRequest object exists and is known to the EnsLib.HTTP.OutboundAdapter
2. we modify our code to test what happens if

Introduction

A REST API (Representational State Transfer) is an interface that allows different applications to communicate with each other through the HTTP protocol, using standard operations such as GET, POST, PUT, and DELETE. REST APIs are widely used in software development to expose services accessible by other applications, enabling integration between different systems.

However, to ensure that APIs are easy to understand and use, good documentation is essential. This is where OpenAPI comes in.

OpenAPI is a standard for describing RESTful APIs.

Using SQL Gateway with Python, Vector Search, and Interoperability in InterSystems Iris

Part 3 – REST and Interoperability

Now that we have finished the configuration of the SQL Gateway and we have been able to access the data from the external database via python, and we have set up our vectorized base, we can perform some queries. For this in this part of the article we will use an application developed with CSP, HTML and Javascript that will access an integration in Iris, which then performs the search for data similarity, sends it to LLM and finally returns the generated SQL. The CSP page calls an API in Iris that receives the data to be used in the query, calling the integration. For more information about REST in the Iris see the documentation available at https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cl…

Hello everyone!

I have set up an EnsLib.REST.GenericService with an  EnsLib.HTTP.InboundAdapter which forwards the http requests received by a web app to my Business Process. 

I would like to parse HTTP multipart/form messages I am receving and be able to iterate over the various fields within the request body, accessing its content type and the content itself.

As far as I understand I should use the %Net.MIMEReader class which should return a list of %Net.MIMEPart, one for each field within the request. However if I do : 

Set mimeReader = ##class(%Net.MIMEReader).%New()
Set sc =

Hi Community,

Watch this short exercise in writing basic code snippets in InterSystems ObjectScript using Copilot in VSCode and the GPT-4.0 engine. This screencast covers "Hello, World," global manipulation, class creation, and building a simple REST API application.

>> Coding InterSystems ObjectScript with Copilot <<

🗣 Presenter: @Evgeny Shvarov, Senior Manager of Developer and Startup Programs, InterSystems

📌 The related code can be found here: objectscript-copilot-demo.

Hi folks!

I'm building a very simple REST API.

But before testing it via a Web Server what I want to make sure that REST API methods work in principle.

Is it an easy way to "fake" the web-server request and get a result e.g. of the method with signature like that?

ClassMethod GetAllRecords(pRequest As %CSP.Request, pResponse As %CSP.Response) As %Status

e.g. calling it in Terminal?

REST API with Swagger in InterSystems IRIS

Hello

The HTTP protocol allows you to obtain resources, such as HTML documents. It is the basis of any data exchange on the Web and a client-server protocol, meaning that requests are initiated by the recipient, usually a Web browser.

REST APIs take advantage of this protocol to exchange messages between client and server. This makes REST APIs fast, lightweight, and flexible. REST APIs use the HTTP verbs GET, POST, PUT, DELETE, and others to indicate the actions they want to perform.

Using Flask, REST API, and IAM with InterSystems IRIS

Part 3 – IAM

InterSystems API Manager (IAM) is a component that allows you to monitor, control, and manage traffic from HTTP-based APIs. It also acts as an API gateway between InterSystems IRIS applications and servers.

Using Flask, REST API, and IAM with InterSystems IRIS

Part 2 – Flask App

Flask is a web development microframework written in Python. It is known for being simple, flexible, and enabling rapid application development.

Installing Flask is very simple. Once you have python installed correctly on your operating system, we need to install the flask library with the pip command. For REST API consumption, it is advisable to use the requests library. The following link provides a guide to installing flask: https://flask.palletsprojects.com/en/stable/installation/

Using Flask, REST API, and IAM with InterSystems IRIS

Part 1 - REST API

Hello

In this article we will see the implementation of a REST API to perform the maintenance of a CRUD, using Flask and IAM.

In this first part of the article we will see the construction and publication of the REST API in Iris.

First, let's create our persistent class to store the data. To do this, we go to Iris and create our class:

As you might have heard, we just introduced the InterSystems API Manager (IAM); a new feature of the InterSystems IRIS Data Platform™, enabling you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure. In case you missed it, here is the link to the announcement.

In this article, I will show you how to set up IAM and highlight some of the many capabilities IAM allows you to leverage.

Hi all,

I have a passthru REST setup using EnsLib.HTTP.GenericService and EnsLib.HTTP.GenericOperation. Works well.

I am adding some logic to the Operation and for some scenarios I want to return an HTTP 40x response status code.

I create an httpResponse object within the Business Operation, but I can't figure out how to set the http response status code that is returned to my Posstman client that initiated the request. I set StatusCode=400, and StatusLine and ReasonPhrase properties - but when the ultimate requestor (Postman) receives the response back it is a 200 status code.

Using SQL Gateway with Python, Vector Search, and Interoperability in InterSystems Iris

Part 2 – Python and Vector Search

Since we have access to the data from our external table, we can use everything that Iris has to offer with this data. Let's, for example, read the data from our external table and generate a polynomial regression with it.

For more information on using python with Iris, see the documentation available at https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls?KEY=AFL_epython

Let's now consume the data from the external database to calculate a polynomial regression. To do this, we will use a python code to run a SQL that will read our MySQL table and turn it into a pandas dataframe:

Using SQL Gateway with Python, Vector Search, and Interoperability in InterSystems Iris

Part 1 - SQL Gateway

Hello

In this article we will look at the use of SQL Gateway in Iris. SQL Gateway allows Iris to have access to tables from other (external) database via ODBC or JDBC. We can access Tables or Views from various databases, such as Oracle, PostgreSQL, SQL Server, MySQL and others.

I have a scenario where I send a GET request to a broker and receive a FHIR response. When I attempted to use the built-in InterSystems functions to convert this FHIR response into SDA, the transformation failed—likely because it is not a standard FHIR request.

How should I handle this situation? Is there a recommended approach to processing FHIR responses in this context?

Additionally, if I manage to convert the FHIR response into a request format, I noticed that the broker sends a Task resource.

I understand that InterSystems provides functions to facilitate transactions between FHIR and HL7 via the SDA segment. My question is:

• Does this transformation only work when InterSystems receives FHIR requests and converts them into HL7, or does it also support responses?
• Specifically, if our operation sends a GET request to a broker and receives a FHIR response, does InterSystems support transforming this response into an SDA segment automatically?
• Or should we manually parse and modify the response to handle it according to our needs?

What would be the best approach in this scenario?

Hello, I have a problem with a call and I would need some help.

When I call an API with the SendFormDataArray method of the EnsLib.HTTP.OutboundAdapter adapter, I pass it a %Net.HttpRequest object and I receive the following error:

ERROR #5002: ObjectScript error: <SUBSCRIPT>MatchSuffix+1^%Net.HttpRequest.1 ^%qPublicSuffix("")

I have correctly entered the url in my business operation and I pass it in the last parameter of the SendFormDataArray method. Do you have any idea, please?

Method XRPUAuthentification(pInput As ANCV.msg.BO.XRPUAuthentificationDmde, Output pOutput As ANCV.msg.BO.XRPUAuthent

My main goal of this article was to prove the use of InterSystems IRIS for Health for REST FHIR interoperability between multiple applications. In this use case, some initiating application makes a REST call to IRIS for Health (which is merely a passthrough for REST calls) to retrieve FHIR data from an Oracle Health R4 FHIR repository. Ideally, it simplifies the syntax for calling the Oracle Health APIs. 

In this article, I will demonstrate a means for implementing a REST Dispatch Class in InterSystems IRIS, where multiple endpoints can have an optional number of arguments, and all endpoints