In this 3-part series of articles, is shown how you can use IAM to simply add security, according to OAuth 2.0 standards, to a previously unauthenticated service deployed in IRIS.

In the first part, was provided some OAuth 2.0 background together with some IRIS and IAM initial definitions and configurations in order to facilitate the understanding of the whole process of securing your services.

40
0 0 491

What if you could serialize/deserialize objects in whatever format: JSON, XML, CSV,...; attending different criteria: export/import some properties and not others, transform values in this or that way before exporting/importing,...; and all of this without having to change the class definition? Wouldn't that be great??

Well, perhaps it's a goal too ambitious to reach 100% but, exploring this idea, I've developed a bunch of classes that I thought it was good to share. If you want to test, change, modify or improve the code, or just take a look at it, you can do it here. There you'll find a more detailed explanation (see Readme.md)

Be aware, this is a proof of concept for myself done in spare times, sure it's not robust enough or it can be done much better... but, I was just playing...ok, I could just wait to the new JSON Adaptor (coming soon!) that sure is going to resolve much more scenarios in a cleaner way, but... meanwhile... :-) ...

90
4 4 1,552

Hi Developers!

I stuck with one interesting problem. 

For example, let's use this template repo. If you build this container A using docker-compose and then run the container it exposes REST-API  which is available on:

localhost:52773/person/all

The question is how to make this REST-API accessible from another docker container B running on the same machine? E.g. with IRIS 2019.4 Community from this repo?

The problem is that for the second container localhost it's something which belongs to container B.

I think I need to set up a network between containers somehow. E.g. using docker-compose. But is there any simpler way?

00
0 2 159

 

Hi everyone,

I am very pleased to announce that the Readmission Demo has been released as open source. Many thanks to the Solution Factory team that worked hard on making this possible.

Here are the changes:

80
2 0 317
Article
Eduard Lebedyuk · Mar 14, 2018 10m read
REST Design and Development

Intro

For many in today's interoperability landscape, REST reigns supreme. With the overabundance of tools and approaches to REST API development, what tools do you choose and what do you need to plan for before writing any code?
This article focuses on design patterns and considerations that allow you to build highly robust, adaptive, and consistent REST APIs. Viable approaches to challenges of CORS support and authentication management will be discussed, along with various tips and tricks and best tools for all stages of REST API development. Learn about the open-source REST APIs available for InterSystems IRIS Data Platform and how they tackle the challenge of ever-increasing API complexity.
The article is a write-up for a recent webinar on the same topic.

60
4 5 2,166

I am writing an API that sends over a very large JSON object. 

The code I'm using to get the data is actually used in our production system today for the use of writing a report.

However when I call the code using the API (using SoapUI) I am getting 'Error getting response; java.net.SocketTimeoutException: Read timed out'

The web applications settings have a session timeout setting at 15 minutes, but this is timing out within just a few minutes, so I know it's not hitting this mark.

00
0 3 193

Hello community,

I have a very simple REST API connection doing a POST of JSON messages via AZURE APIM. 

It worked successfully for few weeks until a day ago when i started receiving a bad response as below.

<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><meta name="format-detection" content="telephone=no"><meta name="viewport" content="initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"><script type="text/javascript" src="/_Incapsula_Resource?......................................
 

00
0 2 230

This quick guide shows how to serve HTTPS requests with InterSystems API Management. Advantage here is that you have your certs on one separated server and you don't need to configure each backend web-server separately.

Here's how:

1. Buy the domain name.

2. Adjust DNS records from your domain to the IAM IP address.

3. Generate HTTPS certificate and private key. I use Let's Encrypt - it's free.

4. Start IAM if you didn't already.

5. Send this request to IAM:

21
1 2 283

Hi developers!

I just want to share with you the knowledge aka experience which could save you a few hours someday. 

If you are building REST API with IRIS which contains more than 1 level of "/", e.g. '/patients/all'  don't forget to add parameter 'recurse=1' into your deployment script in %Installer, otherwise all the second and higher entries won't work. And all the entries of level=1 will work.

/patients

- will work,  but

/patients/all

- won't.  

Here is an example of CSPApplicatoin section which fix the issue and which you may want to use in your %Installer class:

    <CSPApplication Url="${CSPAPP}"
      Recurse="1"
      Directory="${CSPAPPDIR}"
      Grant="${RESOURCE},%SQL"
      AuthenticationMethods="96"
      />

20
1 0 133

First webinar on  InterSystems API Management!


We are pleased to invite you to the upcoming webinar in Russian: Introduction to InterSystems API Management on November 21 at 10:00 Moscow time (GMT+3)!

As you might have heard, we recently introduced the InterSystems API Manager (IAM) - a new feature of the InterSystems IRIS Data Platform,
enabling you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure.

In this webinar I will highlight some of the many capabilities IAM allows you to leverage. InterSystems API Manager brings everything you need:

  • to monitor your HTTP-based API traffic and understand who is using your APIs; what are your most popular APIs and which could require a rework.
  • to control who is using your APIs and restrict usage in various ways. From simple access restrictions to throttling API traffic and fine-tuning request payloads, you have fine-grained control and can react quickly.
  • to protect your APIs with central security mechanisms like OAuth2.0 or Key Token Authentication.
  • to onboard third-party developers and provide them with a superb developer experience right from the start by providing a dedicated Developer Portal for their needs.
  • to scale your API demands and deliver low-latency responses

There would be a live demo.

This webinar is for System Architects, Developers and DevOps Engineers.
Time: November 21 at 10:00 Moscow time (GMT+3)!

The language of the webinar is Russian.


Register!

00
0 5 247

Hi Community,

Please join the upcoming InterSystems Israel Meetup in Herzelia which will be held on November 21st, 2019! 

It will take place in the Spaces Herzliya Oxygen Ltd from 9:00 a.m. to 5:30 p.m.

The event will be focused on the InterSystems IRIS: it will be divided into IRIS for Healthcare and IRIS Data Platform. A joint lunch will be also included.

Please check the draft of the agenda below:

30
0 2 265
Question
Larry Pinsky · Oct 21, 2019
How to send a file via JSON

I have a text file that I pick up in a Business Service and need to send it to our vendor via JSON.  I assumed (probably wrongly) that I could just create a RESTful Business Operation, plug in the server IP and URL as well as complete some of the other fields on the BO to send the file.  When I do this, I get the following error:

00
0 4 391
Question
Chris Paraskiv · Mar 20, 2017
AWS API calls

This question is about calling AWS REST APIs. Based on:

http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html

AWS requires REST clients to call their APIs using Signature Version 4 which in case you don't know what I am talking about is a pain in the neck.  Here comes the question:

Has anybody, by any chance implemented the v4 signing alg. in COS? If yes, would she or he have the kind heart to share?

Thanks,

Chris

 

 

00
0 11 733
Article
Stefan Wittmann · Aug 14, 2019 9m read
Introducing InterSystems API Manager

As you might have heard, we just introduced the InterSystems API Manager (IAM); a new feature of the InterSystems IRIS Data Platform™, enabling you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure. In case you missed it, here is the link to the announcement.

In this article, I will show you how to set up IAM and highlight some of the many capabilities IAM allows you to leverage.

140
10 7 2,647
Question
Eduard Lebedyuk · Oct 12, 2019
How do you search with REST

The question is pretty much in title. I'm developing a REST API, it has a search endpoint with 10 optional parameters. How do I pass them and stay RESTFul?

To ease the question a bit let's agree that:

  • all parameters are AND parameters, user can't make combos, ORs, etc. User can only provide values
  • all values are integers so I don't have to think about URL limits
  • all values are atomic
  • all conditions are about equivalency

Some options I know of:

1. URL parameters.

00
0 9 726

Hi Community!

We are pleased to invite you to the upcoming webinar in Spanish "Desarrollar y gestionar APIs con InterSystems IRIS Data Platform" / "Developing and managing APIs with InterSystems IRIS Data Platform" on October 15 at 16:00 CET!

Are you a backend developer? Or a Systems integration specialist? If so… this webinar is for you!

10
0 0 147