#REST API

I'm currently re-engineering an application from CSP pages directly accessing COS Methods, to an Angular/Material front end accessing a REST DAL. Both the Angular front end and REST services are hosted from the same Caché instance and the same namespace, but the REST services have their own CSP application, with all calls being routed through a Dispatch class.

Hello,

We would like some advice

We have developed a REST Operation

The code is:

The Widgets Direct sample application highlights many aspects of how to use InterSystems technologies to build a modern web application. Features include:

IRIS provides us with anti login CSRF attack mitigation, however this is not the same as a CSRF attack, as login attacks only occur on the login form. There are currently no built-in tools to mitigate CSRF attacks on api calls and other forms, so this is a step in mitigating these attacks.

See the following link from OWASP for the definition of a CSRF attack:

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)

Hello,

First of all thank you for reading this question

Also thank you for giving an answer

We would need some help

Our objective is to spot all REST Services in a namespace

➡️ How could we detect all services with AdapterClassname = EnsLib.HTTP.InboundAdapter , in an automatic way, in a namespace?

User calls my REST service. I need:

• Redirect him to a POST url
• Provide request body

Is it possible? How?

When manually coding REST services and using GET /api/mgmnt/v1/:namespace/spec/:application/ to return an OpenAPI spec, how do you specify supported properties (OpenAPI Properties in Use | Creating REST Services | InterSystems IRIS Data Platform 2021.1) like responses, definitions, and information in paths like summary and description?

We are using an F5 load balancer to route public traffic to our IS server. My goal is to block public access to the Management Portal, and only allow what we want to expose, such as REST/SOAP services. At the F5, they can block URL wildcards or specific ports, so those are our options.

Since the URLs for the web services are in the same path ([host]/csp/healthshare/[namespace]/*), I can't see any URL wildcards happening. That leads me to ports; is there a way to put services on a specific port for all services, and everything else stay on a standard web port?

Hi Team,

I want to consume(call) third-party API by passing JSON as a request from Iris.

Referencing this post:

https://community.intersystems.com/post/producing-json-sql

I'm not sure how to actually interact with the result set I get from doing something like this. I want to return something like:

[{"field1":1, "field2":2}, {"field1":2, "field2":10}]

I'm finding it very difficult to get it in this format, since %Print appends a newline onto the end of the {} object it prints.

Here's the closest I've gotten:

Intro

For many in today's interoperability landscape, REST reigns supreme. With the overabundance of tools and approaches to REST API development, what tools do you choose and what do you need to plan for before writing any code?
This article focuses on design patterns and considerations that allow you to build highly robust, adaptive, and consistent REST APIs. Viable approaches to challenges of CORS support and authentication management will be discussed, along with various tips and tricks and best tools for all stages of REST API development. Learn about the open-source REST APIs available for InterSystems IRIS Data Platform and how they tackle the challenge of ever-increasing API complexity.
The article is a write-up for a recent webinar on the same topic.

First webinar on InterSystems API Management!

We are pleased to invite you to the upcoming webinar in Russian: Introduction to InterSystems API Management on November 21 at 10:00 Moscow time (GMT+3)!

As you might have heard, we recently introduced the InterSystems API Manager (IAM) - a new feature of the InterSystems IRIS Data Platform,
enabling you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure.

In this webinar I will highlight some of the many capabilities IAM allows you to leverage. InterSystems API Manager brings everything you need:

• to monitor your HTTP-based API traffic and understand who is using your APIs; what are your most popular APIs and which could require a rework.
• to control who is using your APIs and restrict usage in various ways. From simple access restrictions to throttling API traffic and fine-tuning request payloads, you have fine-grained control and can react quickly.
• to protect your APIs with central security mechanisms like OAuth2.0 or Key Token Authentication.
• to onboard third-party developers and provide them with a superb developer experience right from the start by providing a dedicated Developer Portal for their needs.
• to scale your API demands and deliver low-latency responses

There would be a live demo.

This webinar is for System Architects, Developers and DevOps Engineers.
Time: November 21 at 10:00 Moscow time (GMT+3)!

The language of the webinar is Russian.

Register!

I have a REST Service that I want it to receive a json string request I have set up my URLMap as follows the top URL when populated and requested works fine but I would like my request to be a json string and that is not working I am getting a 500 error am I missing something please advice.

Hi guys.

Recently, I get interest in FHIR in order to run for the IRIS for Health FHIR
contest. As a beginner on this topic, I've heard somewhat about it, but I didn't know how complex and powerful was FHIR. As pointed out by @Henrique Dias here, you can model several aspects of the patient history and other related entities.