New post

#REST API

19

Representational state transfer (REST) is a software architectural style that defines a set of constraints to be used for creating Web services. Web services that conform to the REST architectural style, called RESTful Web services (RWS), provide interoperability between computer systems on the Internet. RESTful Web services allow the requesting systems to access and manipulate textual representations of Web resources by using a uniform and predefined set of stateless operations. Other kinds of Web services, such as SOAP Web services, expose their own arbitrary sets of operations.

Learn More.

Hi developers!

I just want to share with you the knowledge aka experience which could save you a few hours someday.

If you are building REST API with IRIS which contains more than 1 level of "/", e.g. '/patients/all' don't forget to add parameter 'recurse=1' into your deployment script in %Installer, otherwise all the second and higher entries won't work. And all the entries of level=1 will work.

/patients

- will work, but

/patients/all

- won't.

Here is an example of CSPApplicatoin section which fix the issue and which you may want to use in your %Installer class:

    <CSPApplication Url="${CSPAPP}"
      Recurse="1"
      Directory="${CSPAPPDIR}"
      Grant="${RESOURCE},%SQL"
      AuthenticationMethods="96"
      />

2 0
1 229

InterSystems API Management (IAM) - a new feature of the InterSystems IRIS Data Platform, enables you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure. In case you missed it, here is the link to the announcement. And here's an article explaining how to start working with IAM.

In this article, we would use InterSystems API Management to Load Balance an API.

In our case, we have 2 InterSystems IRIS instances with /api/atelier REST API that we want to publish for our clients.

There are many different reasons why we might want to do that, such as:

  • Load balancing to spread the workload across servers
  • Blue-green deployment: we have two servers, one "prod", other "dev" and we might want to switch between them
  • Canary deployment: we might publish the new version only on one server and move 1% of clients there
  • High availability configuration
  • etc.
7 3
4 777

In this article, we will explore the development of an IRIS client for consuming RESTful API services that have been developed to the OData API standard.

We will be exploring a number of built-in IRIS libraries for making HTTP requests, reading and writing to JSON payloads, and seeing how we can use them in combination to build a generic client adaptor for OData. We will also explore the new JSON adapter for deserializing JSON into persistent objects.

Open Exchange app
4 3
2 986

Object Synchronization is a feature that has been around for a while, since Caché days, but I wanted to explore a bit more how it works. I've always thought that database automatic synchronization is complex by nature but, for some particular scenarios shouldn't be so hard. So I considered a very simple use case (OK, perhaps the typical one, I'm not discovering anything... but if it's common and it works, it's good wink ).

Open Exchange app
6 1
2 456
Article
· Aug 14, 2019 9m read
Introducing InterSystems API Manager

As you might have heard, we just introduced the InterSystems API Manager (IAM); a new feature of the InterSystems IRIS Data Platform™, enabling you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure. In case you missed it, here is the link to the announcement.

In this article, I will show you how to set up IAM and highlight some of the many capabilities IAM allows you to leverage.

16 9
12 3.7K
Article
· Jul 31, 2019 2m read
Anti CSRF Methods

IRIS provides us with anti login CSRF attack mitigation, however this is not the same as a CSRF attack, as login attacks only occur on the login form. There are currently no built-in tools to mitigate CSRF attacks on api calls and other forms, so this is a step in mitigating these attacks.

See the following link from OWASP for the definition of a CSRF attack:

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)

Open Exchange app
4 5
1 636

There's a new and exciting enhancement to QEWD that has just been released - it's an additional layer of abstraction known as QEWD-Up. QEWD-Up hides away all the mechanics of QEWD itself, allowing you to focus on just your REST APIs and the code that implements them.

Additionally, and importantly, QEWD-Up simplifies the maintenance of your REST APIs, allowing you (and others) to quickly and easily understand their life-cycle and implementation.

3 3
4 773

In this article, I would show how you can upload and download files from InterSystems products via http.

The questions about working with files over http arise fairly often on community and I'm usually linking to my FileServer project which demonstrates file upload/download but I'd like to talk a bit more on how we can serve and receive files from InterSystems products.

8 3
5 2.6K

I already talked about GraphQL and the ways of using it in this article. Now I am going to tell you about the tasks I was facing and the results that I managed to achieve in the process of implementing GraphQL for InterSystems platforms.

What this article is about

  • Generation of an AST for a GraphQL request and its validation
  • Generation of documentation
  • Generation of a response in the JSON format
6 2
2 1K

What if you could serialize/deserialize objects in whatever format: JSON, XML, CSV,...; attending different criteria: export/import some properties and not others, transform values in this or that way before exporting/importing,...; and all of this without having to change the class definition? Wouldn't that be great??

Well, perhaps it's a goal too ambitious to reach 100% but, exploring this idea, I've developed a bunch of classes that I thought it was good to share. If you want to test, change, modify or improve the code, or just take a look at it, you can do it here. There you'll find a more detailed explanation (see Readme.md)

Be aware, this is a proof of concept for myself done in spare times, sure it's not robust enough or it can be done much better... but, I was just playing...ok, I could just wait to the new JSON Adaptor (coming soon!) that sure is going to resolve much more scenarios in a cleaner way, but... meanwhile... :-) ...

9 4
4 2.3K

Hi, Community!

I’m sure you are using Developer Community analytics built with InterSystems Analytics technology DeepSee:

You can find DC analytics n InterSystems->Analytics menu.

DC Analytics shows interactive dashboards on key figures of DC entities: Posts, Comments, and Members.

Since the last week, this analytics project is available for everyone with source code and data on DC Github!

2 1
1 542
Article
· Mar 14, 2018 10m read
REST Design and Development

Intro

For many in today's interoperability landscape, REST reigns supreme. With the overabundance of tools and approaches to REST API development, what tools do you choose and what do you need to plan for before writing any code?
This article focuses on design patterns and considerations that allow you to build highly robust, adaptive, and consistent REST APIs. Viable approaches to challenges of CORS support and authentication management will be discussed, along with various tips and tricks and best tools for all stages of REST API development. Learn about the open-source REST APIs available for InterSystems IRIS Data Platform and how they tackle the challenge of ever-increasing API complexity.
The article is a write-up for a recent webinar on the same topic.

6 5
6 2.8K

Some time ago I got a WRC case transferred where a customer asks for the availability of a raw DEFLATE compression/decompression function built-in Caché.

When we talk about DEFLATE we need to talk about Zlib as well, since Zlib is the de-facto standard free compression/decompression library developed in the mid-90s.

Zlib works on particular DEFLATE compression/decompression algorithm and the idea of encapsulation within a wrapper (gzip, zlib, etc.).
https://en.wikipedia.org/wiki/Zlib

9 6
1 2.5K
Article
· Dec 7, 2017 3m read
Asynchronous REST

In this article I'd like to discuss asynchronous REST and approaches to implementing it.

Why do we need asynchronous REST? Simply put - answering the request takes too much time. While most requests usually can be satisfied immediately, some can't. The reasons are varied:

  • You need to perform time-consuming calculations
  • Performing action actually takes time (for example container creation)
  • etc.

The solution to these problems is asynchronous REST. Asynchronous REST works by separating request and real response. Here's an example, let's consider the following simple async REST broker:

3 9
0 1.5K

This series of articles aims to address the following topics:

  • Creation of a web application based on REST pages;
  • Overview of some tools for tracing (debugging) HTTP requests;
  • Switching from hyperevents to... hyperevents;
  • Integration with jQuery File Upload;
  • Conversion of JSON from the {id:1,parentId:1} format to the {id:1,children:[{}]} format for tree visualization;
  • Integration with jQuery EasyUI (using datagrid and tree as examples);
  • Other topics.

5 1
1 938

As many of you, our partners, are more widely using modern UI frameworks to create client front-end, you may have encountered a question, "So how do I secure my data when I just finished developing all new fancy browser based client experience?"

The answer is easy. Use a standard, proven OAuth2 and OpenID!

"OK, but how can I do it? I have never done it before."

No problem, just have a look here, if your client is Angular (not AngularJS) based, there is a demo project available for you to review and get inspired!

6 1
0 1.2K

Hello again and welcome to the next tutorial on this series: Part 4 - Sharing data across router methods. Here we are going to learn how to share a object containing data that is available for read across every router methods.

You're required to complete at least the Part 1 before entering this one. Still, this is supposed to be a really short tutorial, since there isn't much to be said about data sharing.

2 0
0 483

Hello again and welcome to the Part 3 - Using the SQL API!

If you have been wondering about how to use SQL along with Frontier, you came to the right place. That's because since Frontier wraps the common Caché SQL API within it's own, you need to use the API provided from it. But you don't need to worry about its learning curve, because the Frontier SQL API is really simple.

2 0
0 772