Hello community,

I have a very simple REST API connection doing a POST of JSON messages via AZURE APIM. 

It worked successfully for few weeks until a day ago when i started receiving a bad response as below.

<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><meta name="format-detection" content="telephone=no"><meta name="viewport" content="initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"><script type="text/javascript" src="/_Incapsula_Resource?......................................
 

00
0 2 245

This quick guide shows how to serve HTTPS requests with InterSystems API Management. Advantage here is that you have your certs on one separated server and you don't need to configure each backend web-server separately.

Here's how:

1. Buy the domain name.

2. Adjust DNS records from your domain to the IAM IP address.

3. Generate HTTPS certificate and private key. I use Let's Encrypt - it's free.

4. Start IAM if you didn't already.

5. Send this request to IAM:

21
1 2 291

In this article, I would like to talk about the spec-first approach to REST API development.

While traditional code-first REST API development goes like this:

  • Writing code
  • REST-enabling it
  • Documenting it (as a REST API)

Spec-first follows the same steps but reverse. We start with a spec, also doubling as documentation, generate a boilerplate REST app from that and finally write some business logic.

This is advantageous because:

  • You always have relevant and useful documentation for external or frontend developers who want to use your REST API
  • Specification created in OAS (Swagger) can be imported into a variety of tools allowing editing, client generation, API Management, Unit Testing and automation or simplification of many other tasks
  • Improved API architecture.  In code-first approach, API is developed method by method so a developer can easily lose track of the overall API  architecture, however with the spec-first developer is forced to interact with an API from the position if API consumer which usually helps with designing cleaner API architecture
  • Faster development - as all boilerplate code is automatically generated you won't have to write it, all that's left is developing business logic.
  • Faster feedback loops - consumers can get a view of the API immediately and they can easier offer suggestions simply by modifying the spec

Let's develop our API in a spec-first approach!

110
7 4 1,852

Hi developers!

I just want to share with you the knowledge aka experience which could save you a few hours someday. 

If you are building REST API with IRIS which contains more than 1 level of "/", e.g. '/patients/all'  don't forget to add parameter 'recurse=1' into your deployment script in %Installer, otherwise all the second and higher entries won't work. And all the entries of level=1 will work.

/patients

- will work,  but

/patients/all

- won't.  

Here is an example of CSPApplicatoin section which fix the issue and which you may want to use in your %Installer class:

    <CSPApplication Url="${CSPAPP}"
      Recurse="1"
      Directory="${CSPAPPDIR}"
      Grant="${RESOURCE},%SQL"
      AuthenticationMethods="96"
      />

20
1 0 140

First webinar on  InterSystems API Management!


We are pleased to invite you to the upcoming webinar in Russian: Introduction to InterSystems API Management on November 21 at 10:00 Moscow time (GMT+3)!

As you might have heard, we recently introduced the InterSystems API Manager (IAM) - a new feature of the InterSystems IRIS Data Platform,
enabling you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure.

In this webinar I will highlight some of the many capabilities IAM allows you to leverage. InterSystems API Manager brings everything you need:

  • to monitor your HTTP-based API traffic and understand who is using your APIs; what are your most popular APIs and which could require a rework.
  • to control who is using your APIs and restrict usage in various ways. From simple access restrictions to throttling API traffic and fine-tuning request payloads, you have fine-grained control and can react quickly.
  • to protect your APIs with central security mechanisms like OAuth2.0 or Key Token Authentication.
  • to onboard third-party developers and provide them with a superb developer experience right from the start by providing a dedicated Developer Portal for their needs.
  • to scale your API demands and deliver low-latency responses

There would be a live demo.

This webinar is for System Architects, Developers and DevOps Engineers.
Time: November 21 at 10:00 Moscow time (GMT+3)!

The language of the webinar is Russian.


Register!

00
0 5 262

Hi Community,

Please join the upcoming InterSystems Israel Meetup in Herzelia which will be held on November 21st, 2019! 

It will take place in the Spaces Herzliya Oxygen Ltd from 9:00 a.m. to 5:30 p.m.

The event will be focused on the InterSystems IRIS: it will be divided into IRIS for Healthcare and IRIS Data Platform. A joint lunch will be also included.

Please check the draft of the agenda below:

30
0 2 269
Question
Larry Pinsky · Oct 21, 2019
How to send a file via JSON

I have a text file that I pick up in a Business Service and need to send it to our vendor via JSON.  I assumed (probably wrongly) that I could just create a RESTful Business Operation, plug in the server IP and URL as well as complete some of the other fields on the BO to send the file.  When I do this, I get the following error:

00
0 4 418

InterSystems API Management (IAM) - a new feature of the InterSystems IRIS Data Platform, enables you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure. In case you missed it, here is the link to the announcement. And here's an article explaining how to start working with IAM.

In this article, we would use InterSystems API Management to Load Balance an API.

In our case, we have 2 InterSystems IRIS instances with /api/atelier REST API that we want to publish for our clients.

There are many different reasons why we might want to do that, such as:

  • Load balancing to spread the workload across servers
  • Blue-green deployment: we have two servers, one "prod", other "dev" and we might want to switch between them
  • Canary deployment: we might publish the new version only on one server and move 1% of clients there
  • High availability configuration
  • etc.
71
4 3 531
Question
Eduard Lebedyuk · Oct 12, 2019
How do you search with REST

The question is pretty much in title. I'm developing a REST API, it has a search endpoint with 10 optional parameters. How do I pass them and stay RESTFul?

To ease the question a bit let's agree that:

  • all parameters are AND parameters, user can't make combos, ORs, etc. User can only provide values
  • all values are integers so I don't have to think about URL limits
  • all values are atomic
  • all conditions are about equivalency

Some options I know of:

1. URL parameters.

00
0 9 785

Hi Community!

We are pleased to invite you to the upcoming webinar in Spanish "Desarrollar y gestionar APIs con InterSystems IRIS Data Platform" / "Developing and managing APIs with InterSystems IRIS Data Platform" on October 15 at 16:00 CET!

Are you a backend developer? Or a Systems integration specialist? If so… this webinar is for you!

10
0 0 151

Hi all,

Over the next few months I'm going to be setting up continuous integration via Jenkins for some Angular UI's.  The goal is to, on each build:

1. build the code

2. run the unit tests and get a report

3. get a code coverage report

Just wanted to poll the community in case someone else has already worked with any of this before.  All ideas are appreciated.

Cheers,

Johnny

10
0 7 302

I am trying to return a stream soap response using web services I can call my web service supply it with a xml string which works fine . I then work on that XML and try to return  a Stream but all works in the production when my service receives the stream after I get the error  as if its trying to copy stream to a variable and I am confused as to where that operation happens.

00
0 3 608

In this article, we will explore the development of an IRIS client for consuming RESTful API services that have been developed to the OData API standard.

We will be exploring a number of built-in IRIS libraries for making HTTP requests, reading and writing to JSON payloads, and seeing how we can use them in combination to build a generic client adaptor for OData. We will also explore the new JSON adapter for deserializing JSON into persistent objects.

40
2 3 695

We've just published an update to the Serenji extension for VS Code. Starting with this version (3.0.7) you can now debug the code that implements your REST services. Here's a taster:

 

Read more about Serenji on Open Exchange.

40
2 0 312

Some time ago, InterSystems introduced the concept of %DynamicObjects.
This feature is a powerful tool that makes it very easy to convert any string of JSON text to objects and vice versa.
However, in the work that J2 Interactive is doing for our customers, there are a couple of things that "need some tweaking".

30
2 3 808

Object Synchronization is a feature that has been around for a while, since Caché days, but I wanted to explore a bit more how it works. I've always thought that database automatic synchronization is complex by nature but, for some particular scenarios shouldn't be so hard. So I considered a very simple use case (OK, perhaps the typical one, I'm not discovering anything... but if it's common and it works, it's good wink ).

60
2 1 377
Article
Stefan Wittmann · Aug 14, 2019 9m read
Introducing InterSystems API Manager

As you might have heard, we just introduced the InterSystems API Manager (IAM); a new feature of the InterSystems IRIS Data Platform™, enabling you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure. In case you missed it, here is the link to the announcement.

In this article, I will show you how to set up IAM and highlight some of the many capabilities IAM allows you to leverage.

140
10 7 2,708

I am happy to announce that InterSystems API Manager is now generally available. InterSystems API Manager (IAM) is a new feature of the InterSystems IRIS Data Platform™, enabling you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure.

100
1 7 1,496
Article
David Crawford · Jul 31, 2019 2m read
Anti CSRF Methods

IRIS provides us with anti login CSRF attack mitigation, however this is not the same as a CSRF attack, as login attacks only occur on the login form. There are currently no built-in tools to mitigate CSRF attacks on api calls and other forms, so this is a step in mitigating these attacks.

See the following link from OWASP for the definition of a CSRF attack:

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)

40
1 5 436