Representational state transfer (REST) is a software architectural style that defines a set of constraints to be used for creating Web services. Web services that conform to the REST architectural style, called RESTful Web services (RWS), provide interoperability between computer systems on the Internet. RESTful Web services allow the requesting systems to access and manipulate textual representations of Web resources by using a uniform and predefined set of stateless operations. Other kinds of Web services, such as SOAP Web services, expose their own arbitrary sets of operations.
The Widgets Direct sample application highlights many aspects of how to use InterSystems technologies to build a modern web application. Features include:
When handling a %CSP.REST API response for a custom endpoint, how can I capture or access the response content before it is written to the output buffer and sent through the Web Gateway to the UI?
Is there a programmatic method or specific property to differentiate system-defined (/csp/altelier , /api/mgmnt and so on) or user-defined web applications in IRIS?
Starting off with a working REST interface, I can access the CSP Application definition screen for the application (System > Security Management > Web Applications > Edit Web Application), and "turn off" the application by clearing the Enabled: [ x ] A
I am working on an angular applications and build a web application (Rest API) on IRIS for health, the web application uses a password authentication and setup with the default csp session time out (15 minutes). If the user make an REST API call from the angular application after the session expired, it displays a login prompt...is that anyway that we can disable the login prompt and just simply return http status 401? When the angular application received the status 401, it can redirect to angular error page.
For the upcoming Python contest, I would like to make a small demo, on how to create a simple REST application using Python, which will use IRIS as a database. Using this tools
FastAPI framework, high performance, easy to learn, fast to code, ready for production
SQLAlchemy is the Python SQL toolkit and Object Relational Mapper that gives application developers the full power and flexibility of SQL
Alembic is a lightweight database migration tool for usage with the SQLAlchemy Database Toolkit for Python.
Uvicorn is an ASGI web server implementation for Python.
This guideline provides an overview of how to design and implement a REST API interface for querying patient demographic data from an Electronic Patient Record (EPR) system using HealthConnect. The process involves sending a query request with the patient's identification number, retrieving the response from the EPR system, extracting the required patient demographic data from the HL7 message, and sending it as a JSON response to the supplier. The high-level process diagram is shown below (Screenshot 1).
We are using an F5 load balancer to route public traffic to our IS server. My goal is to block public access to the Management Portal, and only allow what we want to expose, such as REST/SOAP services. At the F5, they can block URL wildcards or specific ports, so those are our options.
Since the URLs for the web services are in the same path ([host]/csp/healthshare/[namespace]/*), I can't see any URL wildcards happening. That leads me to ports; is there a way to put services on a specific port for all services, and everything else stay on a standard web port?
I'm trying to configure a new interface that reads HL7, transform them into FHIR messages and then send POST or PUT or DELETE depending on HL7 doc type.
1-I added an HL7 TCP service that reads ADTs messages
2a-Send ADTs to a process to transform them into SDA (using the following command: do ##class(HS.Gateway.HL7.HL7ToSDA3).GetSDA(request,.con))
2b-Extract the patient MRN and add it to the AdditionalInfo property (using the following request message class: HS.Message.XMLMessage)
Hello everyone! I am wondering how I can retrieve multipart form-data from a request that is coming into my REST-service. I am supposed to retrieve a string and a file. The file is being retrieved without issues, but the "testprofile" string is not being retrieved at all. It just logs a an empty entry. The request that is sent to my REST-service has the Content-Type: multipart/form-data Thanks beforehand for the help! :)
Down below is the code I use right now to retrieve the string and file from Form-data Rest HTTP-request to my service.
For a requirement of the customer, we have a BS Rest api with a lot of methods, we need to get the IP of the caller, the method and what is the time that the API has taken to process.
I've found the event onPreDispatch where I can take the IP, ClassMethod, etc.. I'm using a global variable to save this information.
I have a primary dispatch class that implements %CSP.REST.AccessCheck() for some high level access checks before the route table forwards the request to the implementation classes which also implement %CSP.REST.AccessCheck() for some lower level access checks. The idea is that we know where we are in the implementation class and what the user is trying to do, so it makes more sense to check some lower level items there rather than trying to parse out the request at the dispatch class.
I'm wondering if is possible to extend the UrlMap.
I want to create a base class and one method will be in all extended classes, so I've tried to create the map route in parent class, and the specific methods in extended class. But it doesn't work.
I've create the method in parent class and I've wrote the map in extended class. It works, but I want to put it in base class to prevent forget this call.
For many in today's interoperability landscape, REST reigns supreme. With the overabundance of tools and approaches to REST API development, what tools do you choose and what do you need to plan for before writing any code?
This article focuses on design patterns and considerations that allow you to build highly robust, adaptive, and consistent REST APIs. Viable approaches to challenges of CORS support and authentication management will be discussed, along with various tips and tricks and best tools for all stages of REST API development. Learn about the open-source REST APIs available for InterSystems IRIS Data Platform and how they tackle the challenge of ever-increasing API complexity.
The article is a write-up for a recent webinar on the same topic.
We are trying to write an external backup application to backup Cache Database. After going through the Cache DB documentation, we have found that in Backup.General class there are methods for creating snapshot (Freeze/Thaw) which is required during backup. Are there REST APIs for the same?
IRIS provides us with anti login CSRF attack mitigation, however this is not the same as a CSRF attack, as login attacks only occur on the login form. There are currently no built-in tools to mitigate CSRF attacks on api calls and other forms, so this is a step in mitigating these attacks.
See the following link from OWASP for the definition of a CSRF attack:
By replies
Open Exchange app