Using Flask, REST API, and IAM with InterSystems IRIS

Part 2 – Flask App

Flask is a web development microframework written in Python. It is known for being simple, flexible, and enabling rapid application development.

Installing Flask is very simple. Once you have python installed correctly on your operating system, we need to install the flask library with the pip command. For REST API consumption, it is advisable to use the requests library. The following link provides a guide to installing flask: https://flask.palletsprojects.com/en/stable/installation/

As you might have heard, we just introduced the InterSystems API Manager (IAM); a new feature of the InterSystems IRIS Data Platform™, enabling you to monitor, control and govern traffic to and from web-based APIs within your IT infrastructure. In case you missed it, here is the link to the announcement.

In this article, I will show you how to set up IAM and highlight some of the many capabilities IAM allows you to leverage.

REST API (Representational State Transfer Application Programming Interface) is a standardized way for web applications to communicate with each other using HTTP methods like GET, POST, PUT, DELETE, etc. It's designed around resources, which can be anything from a user to a file.

IAM - InterSystems API Manager is a great tool for monitoring your traffic. If you are trying to use it in your Kubernetes cluster you may have tried doing a deployment similar to this one:

InterSystems API Manager (IAM) versions 2.8.4.10 and 3.4.3.10 are now Generally Available. These are the latest versions of the two long-term supported versions of IAM. These release contain important fixes and all customers are encouraged to upgrade.

IAM 3.4 Release

InterSystems API Manager (IAM) version 3.4.2 is now Generally Available. In additional to bug fixes and minor improvements IAM 3.4 includes several features that might be of interest to IRIS customers.

We have solution which uses IRIS with IAM and webgateway integrated.

After integration, we notice that in the kong configuration in the kongdb upstreams are not created as listed in the kong.yml

We noticed that, IAM api calls are failing with enterprise license expired.

[kong@iam-deployment-75f485954c-ssdfv /]$ curl --location --request POST 'http://localhost:8001/services/'
{"message":"Enterprise license missing or expired"}

From Logs:

Using the Windows Subsystem for Linux (WSL2), is it possible to install IRIS and run it from there? I am wanting to test IAM, but unable to run Docker Desktop on my VM, and do not have access to a Linux machine to install and test with.

Thanks

Scott

Hi,

I am trying to get the API Manager up and running.

I have enabled the application and IAM user and changed password.

when we run the iam_setup.sh I get the following.

Getting IAM license using your inputs...
Internal server error when testing inputs

I have check on Iris management portal , but could see no errors.

IAM 3.2 Release

InterSystems API Manager (IAM) version 3.2.1 is now Generally Available. In additional to bug fixes and minor improvements IAM 3.2 adds new plug-ins that might be of interest to IRIS customers.

• OAS Validation (oas-validation)
  • Validate HTTP requests and responses based on an OpenAPI 3.0 or Swagger API Specification.
• SAML (saml)
  • Provides SAML v2.0 authentication and authorization between a service provider (Kong Gateway) and an identity provider (IdP).
• XML Threat Protection (xml-threat-protection)
  • This new plugin allows you to reduce the risk of XML attacks by checking the structure of XML payloads. This validates maximum complexity (depth of the tree), maximum size of elements and attributes.
• AppDynamics (app-dynamics)
  • Integrate Kong Gateway with the AppDynamics APM Platform.
• JWE Decrypt (jwe-decrypt)
  • Allows you to decrypt an inbound token (JWE) in a request.

IAM 3.0 Release

Hello!

Greetings from Chile, I have a question about IAM, I have a client who implements IAM in a QA environment, I configure a workspace and a series of routes (quite a few) and now he wants to export what has been created and take it to production (another server), which is the procedure to do it? Is it possible to export the workspace, routes, plugins, etc.?

Thank you!!

Hi everyone!

I am recruiting on a fully remote Intersystems Developer. This role will be a long term contract to begin with high likelihood of extensions or conversion permanent. Please check out the job description down below and feel free to send me an email with your resume: Spencer.Frey@insightglobal.com

In this article, I would like to talk about the spec-first approach to REST API development.

While traditional code-first REST API development goes like this:

• Writing code
• REST-enabling it
• Documenting it (as a REST API)

Spec-first follows the same steps but reverse. We start with a spec, also doubling as documentation, generate a boilerplate REST app from that and finally write some business logic.

This is advantageous because:

• You always have relevant and useful documentation for external or frontend developers who want to use your REST API
• Specification created in OAS (Swagger) can be imported into a variety of tools allowing editing, client generation, API Management, Unit Testing and automation or simplification of many other tasks
• Improved API architecture. In code-first approach, API is developed method by method so a developer can easily lose track of the overall API architecture, however with the spec-first developer is forced to interact with an API from the position if API consumer which usually helps with designing cleaner API architecture
• Faster development - as all boilerplate code is automatically generated you won't have to write it, all that's left is developing business logic.
• Faster feedback loops - consumers can get a view of the API immediately and they can easier offer suggestions simply by modifying the spec

Let's develop our API in a spec-first approach!