In this chapter, you will find general policies and conventions, which you must take into account when you create an API.
In this chapter, you will find general policies and conventions, which you must take into account when you create an API.
In this section, you will find information about handling requests that are sent to the API Server.
When a request is sent to the API Server, there is a test to ascertain the success of the primary and, possibly, secondary login in the session for the current project (see Authentication).
NOTE: This test is not done if the API method used by the request is marked as AllowUnauthenticated.
The imx-session-<API project name> cookie is evaluated to allocate the current session.
If a cookie is passed that cannot be associated with an active session in the current process, the security token in the cookie is used to set up a new session (see Session status and security tokens).
If there is no primary login, the API Server tries to establish a database connection through one of the enabled single sign-on authentication modules.
If login cannot be carried out, the process is canceled and the HTTP error code 500 is passed to the client (see Response codes).
The API Server checks whether the currently logged in user is authorized to run the method. If the user does not have the required permissions, the process is canceled and the HTTP error code 500 is passed to the client (see Response codes).
The API Server calls the validators stored with the API method one by one. If one fails, the process is canceled and the HTTP error code 400 is passed to the client (see Response codes).
Determines the WHERE clause with internal and external filters
Loads data from the database
Augments an entity with calculated columns
An entity in delayed-logic mode can be changed with a POST request or deleted with a DELETE request. An entity in this mode is stateless and does not take up any resources on the server after it has been processed.
Supported HTTP methods:
GET (reads an entity)
POST (changes an entity)
DELETE (deletes an entity)
An interactive entity must be created once with a PUT request and after that they obtain their own ID. Use the ID in subsequent requests (POST or DELETE).
Supported HTTP methods:
GET (loads an entity)
PUT (creates an interactive entity)
POST (changes an interactive entity)
DELETE (deletes an interactive entity)
You can define the following types of API methods.
Entity methods
User-defined methods
SQL methods
WebSocket methods
NOTE: To restrict access to the API, you can assign permissions groups to API methods. For more information, see the One Identity Manager Authorization and Authentication Guide.
Entity methods work with small parts of the object model in order to read data from the database or write data to the database. When you create an entity method, you only need to enter the table and column name and, if required, a filter condition (WHERE clause). Internal processing is handled by the API Server. The data schema for the input and output also has a specific format.
For examples for the definition of entity methods, see the SDK under Sdk01_Basics\01-BasicQueryMethod.cs.
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center