Advanced REST Web API Overview

Overview

CIS Infinity Version 4 is equipped with a standardized API utilizing the REST (Representational State Transfer) architectural style. This architecture presents a RESTful or REST like interface and is defined by constraints that must be met. These constraints will be described later.

The Advanced RESTful Web API (API) is fully documented and published using Swagger, which allows discovering, testing, and prototyping the API. The API supports JSON inputs and outputs, paging and data shaping.

Note: All core business logic available in CIS Infinity – ranging from processing a meter change at an account to retrieving complex billing data – will eventually be accessible in the published REST API for external access. (third party company)

Internally used by CIS Infinity and CIS add-ons, the API provides external vendors with the ability to create their own applications that communicate with and/or insert entries into CIS Infinity, as well as allows using alternative user interfaces to write their applications.

The subsequent sections describe how the Advanced RESTful Web API is designed and functions, with specific examples. Use these examples to assist with determining how to call the necessary API services that will perform the functions you want in CIS Infinity.

Software Requirements



Application Architecture and Implementation

The API architecture is established from the Advanced Utility Services API layer (Services API), and resource models. Model properties correspond directly with the CIS Infinity Business Class equivalents (customer, account, address, etc.), and the Uniform Resource Identifiers (URIs), which are considered resources, never change.

Resource Names in the API are the Business Class Names (e.g. CustomerAccount) from the CIS Infinity Services API, and the unique API RESTful Resource ID values are the unique and mandatory O_Code values (e.g. CUSTACCTID) associated with each business object in the CIS Infinity Services API.

Note: There are several ways to determine the CIS Business Class Names and associated O_Code to call in the API:

Security and login features are implemented using the Authentication Header in the API and API access is protected using the CIS Infinity V4 security model at the business object layers.

All data updates are passed through the services layer, ensuring that data integrity is maintained and the business layer security is protected.



Authorization and Authentication

Installation and use of the API requires HTTPS/SSL certificate security. The website where the API is hosted can use a self-signed certificate if desired by the organization. Acquiring, installing, and distributing SSL certificates is the responsibility of the client.

API call authorization and authentication is done using a standard HTTP Basic Authorization using the Authorization header.



Tools

The API was programmed using MS ASP.NET Web API 2 and there are several tools available for clients to choose from to test and document the API. Some tools are listed here:



REST Constraints

REST Constraints are rules that are applied to establish the distinct architectural design of a RESTful API. The following constraints were implemented for the REST API:

Cacheable

The response messages from the API services to the client are cacheable at the Internet and/or HTTP (Hypertext Transfer Protocol) level. Caching allows the client or intermediate HTTP servers in the HTTP chain to cache the server data, if appropriate. This is very important for performance and scalability.

When using HTTP, caching can occur automatically by setting the appropriate header tags, which indicate that the data can be cached by the HTTP, under what conditions, and the length of time allowed for caching. This is useful for situations where multiple requests might be made to the same data resource by different clients, and if caching applies, the CIS application may be bypassed and will not see the request because the cache was supplied by the inter-webs.

Client Server

This establishes a clear separation between the web services and the clients / consumers, and provides the services based on the requests that are made.

Stateless

The API server maintains no state about the client. This means the communication between the client and server involves no session objects, and each call to the server is independent of the call that occurred before and after. This is beneficial when considering scalability and caching. Typically implementing this feature is more difficult when dealing with a thick client application, such as CIS Infinity.

Layered System

There are multiple architectural layers and no one layer has focus past the next. This facilitates middleware components and layers can be added, removed, modified or reordered according to the requirements for the API.

Uniform Interface

When considering that the REST API adheres to a uniform interface, it implies the following:



API Design

This API Design table explains how the HTTP methods affect Resource URIs in the API. Currently, only the Resources (URIs) listed with “/data/” are implemented.

Item #

Resource (URI)

GET

(Read)

POST

(Add)

PUT

(Update)

DELETE

(Delete)

PATCH

(Partial Update)

VALIDATE

(Validate)

NEW

(Add Default, Copy)

1

/data/(bizobjname)

(CIS business object resource, eg “CustomerAccount”, “ServiceAddress”, “AccountMeter”, etc)

Get List of items.

Returns list in list result container(*)

Query String can add filtering

Insert Item (return item)

N/A

N/A

N/A

Validate the given model for add

Get an item populated with business defaults as per object life cycle 'AddDefaults' functionality

2

/data/(bizobjname)/(id)

(specific resource)

Get a resource by its unique id (O_Code)

(return item)

N/A

Update Item

Delete Item

Update Item

With updated resource – Validate new data for update.

Without data – validate existing resource.

Get a new copy of the specified resource. Equivalent to API BusinessBase.NewCopy() call.

3

/do/(function)

N/A

Execute the RPC function specified.

N/A

N/A

N/A

N/A

N/A

4

/session

Get details about “current” login session

Login / Get a token

N/A

Logout / expire token

N/A

N/A

N/A

5

/run

Get (possibly filtered) list of running or completed runnable processes of any kind

N/A

N/A

N/A

N/A

N/A

N/A

6

/run/report

Get (possibly filtered) list of running or completed reports

Run a report using the supplied details

N/A

N/A

N/A

Validate given report settings

N/A

7

/run/report/(runid)

Get details of running or completed report by runid

N/A

N/A

Request cancel of a running report

N/A

N/A

N/A

8

/run/pickup

Get (possibly filtered) list of running or completed pickup processes

N/A

N/A

N/A

N/A

N/A

N/A

9

/run/pickup/(name)

Get (possibly filtered) list of all running or completed pickups of the named type

Run a pickup of the named type using the supplied details

N/A

N/A

N/A

Validate the supplied pickup run settings

Returns a default run model; Passing a run model allows serialize/deserialize of parameters

10

/run/pickup/(name)/(runid)

Gets details of the running or completed pickup type by runid

N/A

N/A

Request cancel of a running pickup

N/A

N/A

N/A

11

/run/its

Get (possibly filtered) list of running or completed interface table sync processes

N/A

N/A

N/A

N/A

N/A

N/A

12

/run/its/(name)

Get (possibly filtered) list of running or completed  interface table sync processes of the named type

Run an interface table sync process of the named type using the supplied details

N/A

N/A

N/A

Validate the given interface table sync settings

Returns a default run model; Passing a run model allows serialize/deserialize of parameters

13

/run/its/(name)/(runid)

Gets details of the running or completed interface table sync type by runid

N/A

N/A

Request cancel of a running interface table sync job

N/A

N/A

N/A

14

/run/import

Get (possibly filtered) list of running or completed AIM import processes

Run an AIM import of the named type using the supplied details

N/A

N/A

N/A

Validate the given AIM import parameters

N/A

15

/run/import/(name)

Get (possibly filtered) list of running or completed  AIM import processes of the named type

Run an AIM import process of the named type using the supplied details

N/A

N/A

N/A

Validate the given AIM import process settings

Returns a default run model; Passing a run model allows serialize/deserialize of parameters

15.1

/run/import/(name)/(runid)

Gets details of the running or completed AIM import by runid

N/A

N/A

Request cancel of a running AIM import job

N/A

N/A

N/A

16

/run/export

Get (possibly filtered) list of running or completed AIM export processes

Run an AIM export of the named type using the supplied details

N/A

N/A

N/A

Validate the given AIM export parameters

N/A

17

/run/export/(name)

Get (possibly filtered) list of running or completed  AIM export processes of the named type

Run an AIM export process of the named type using the supplied details

N/A

N/A

N/A

Validate the given AIM export process settings

Returns a default run model; Passing a run model allows serialize/deserialize of parameters

17.1

/run/export/(name)/(runid)

Gets details of the running or completed AIM export by runid

N/A

N/A

Request cancel of a running AIM export job

N/A

N/A

N/A

18

/server

Query server status

N/A

N/A

N/A

N/A

N/A

N/A

18.1

/server/enable

Enable access to the REST resources

N/A

N/A

N/A

N/A

N/A

N/A

18.2

/server/disable

Disable access to the REST resources. Returns 503 (Service Unavailable) when disabled

N/A

N/A

N/A

N/A

N/A

N/A

18.3

/server/stop

Disable the server and unload the CIS application, freeing the libraries. Takes affect when CIS is idle unless the “force” option is used

N/A

N/A

N/A

N/A

N/A

N/A

19

/application

Query the application object associated with the server

N/A

Update selected application object settings

N/A

Update selected application object settings

N/A

N/A

20

/application/resource

Retrieve all localization translation resources for the current or specified language

Add new translation override resource to Localization Control

N/A

N/A

N/A

N/A

N/A

21

/application/resource/(id)

Return translation of given resource in current or specified language

N/A

Update an existing translation override in Localization Control

Delete  existing translation override from Localization Control

N/A

N/A

N/A

22

/application/dictionary

Retrieve application dictionary

N/A

N/A

N/A

N/A

N/A

N/A

23

/application/dictionary/table

Retrieve application dictionary table list

Add application dictionary table definition

N/A

N/A

N/A

N/A

N/A

24

/application/dictionary/table/(id)

Retrieve application dictionary table item

N/A

Update table item

Delete table item

Update table item

N/A

N/A

24.1

/application/dictionary/table/(id)/field

Retrieve application dictionary field list for table

Add application dictionary field to specified table

N/A

N/A

N/A

N/A

N/A

24.2

/application/dictionary/table/(id)/field/(id2)

Retrieve application dictionary field item

N/A

Update field item

Delete field item

Update field item

N/A

N/A

24.3

/application/dictionary/table/(id)/index

Retrieve application dictionary index list for table

Add application dictionary index to specified table

N/A

N/A

N/A

N/A

N/A

24.4

/application/dictionary/table/(id)/index/(id2)

Retrieve application dictionary index item

N/A

Update index item

Delete index item

Update index item

N/A

N/A

25

/application/dictionary/relation

Retrieve application dictionary relationship list

Add application dictionary relationship definition

N/A

N/A

N/A

N/A

N/A

26

/application/dictionary/relation/(id)

Retrieve application dictionary relation item

N/A

Update relation item

Delete relation item

Update relation item

N/A

N/A

27

/application/security/

Retrieve system security profile item

N/A

Update system security profile item

N/A

Update system security profile item

N/A

N/A

28

/application/security/user

Retrieve list of user security profiles

Add a new security user profile to the system

N/A

N/A

N/A

N/A

N/A

29

/application/security/user/(id)

Retrieve user security profile item

N/A

Update user security profile item

Delete user security profile item

Update user security profile item

N/A

N/A

29.1

/application/security/user/(id)/right

Retrieve list of security rights for a user

N/A

N/A

N/A

N/A

N/A

N/A

29.2

/application/security/user/(id)/right/(id2)

Retrieve security right item for a user

N/A

Update security right item for a user

N/A

Update security right item for a user

N/A

N/A

30

/application/security/group

Retrieve list of security groups

Add a new security group to the system

N/A

N/A

N/A

N/A

N/A

31

/application/security/group/(id)

Retrieve security group item

N/A

Update security group item

Delete security group item

Update security group item

N/A

N/A

31.1

/application/security/group/(id)/users

Retrieve list of users assigned to this group

N/A

N/A

N/A

N/A

N/A

N/A

31.2

/application/security/group/(id)/right

Retrieve list of security rights for a group

N/A

N/A

N/A

N/A

N/A

N/A

31.3

/application/security/group/(id)/right/(id2)

Retrieve security right item for a group

N/A

Update security right item for a group

N/A

Update security right item for a group

N/A

N/A

32

/application/counter/(id)

Retrieve the next counter value for the specified counter. Creates a new counter with that name and starts from 1 if it does not exist!

N/A

N/A

N/A

N/A

N/A

N/A

33

/application/report

Retrieve the list of available report definitions

Add a new report definition to the system

N/A

N/A

N/A

N/A

N/A

34

/application/report/(id)

Retrieve report definition item

N/A

Update report definition item

Delete report definition item from the system

N/A

N/A

N/A

34.1

/application/report/(id)/contents

Retrieve list of embedded contents for a report definition

N/A

N/A

N/A

N/A

N/A

N/A

34.2

/application/report/(id)/contents/(file)

Retrieve embedded report file

N/A

Add or update report embedded  file

Delete report embedded file

N/A

N/A

N/A

35

/batch

N/A

Execute all HTTP requests contained in the multipart body. See Batched Requests for details

N/A

N/A

N/A

N/A

N/A

36

/utility/(name)

Invoke utility functions by name using any query parameters that apply

Invoke utility functions by name using the applicable body data

N/A

N/A

N/A

N/A

N/A



List Result Details

All list level resource GET results conform to the HAL document formatting standard (i.e. JSON). Any request for a return of list results will return a container with several list summary and status information, along with the requested list. The list container will be a wrapper for the list and have a standard structure, as follows:

Note: The HATEOAS _link items “next” and “prev” will also be available if applicable to point to the previous or next page of the list.

Example Request:

https://localhost/data/account?pagesize=20&page=3&order=accountnumber&fields=*&where=accountnumber gt '00011111' and accountnumber lt '00099999'

 

Batched Requests

Multiple individual HTTP REST requests can be packaged into a single request message by using the MIME (RFC1341) standard multipart message format and sending a POST to the /batch endpoint:

Example Request:

HTTP text representing a sample batch request is available here.

 

API Versioning

Any functionality that is deemed to need versioning will have version support added and will interpret the “version” query string as requesting a specific version of that URI. By default, the latest version is always used if a version is not requested. Versioning will only be supported on URIs where a change is made that potentially breaks functionality, and/or the existing functionality will be required by a client. Examples of changes that could require versioning are the removal of a field or parameter, or changes to an existing function, which causes it to behave very differently.

Note: Versioning will not be implemented when a new field is added to an existing item, or new or additional functionality is added to an existing item, or when functionality changes or additions are only enabled by optional configuration elsewhere in CIS Infinity.

 

Query Strings

The HTTP URL supports a variety of query strings to shape the data and to control aspects of the operation. Consider using the following query strings:

Query String

Description

Supported Methods

fields=

Request only a subset or superset (child lookups or related data) of the object data. Optional data shaping. Used to limit the data being returned when size is an issue (e.g. with mobile devices), or to request multiple related objects in one request rather than several requests.

Child items or related data can also be referenced, using dot notation to refer to fields in embedded child items or relationships. Properties which have many-to-one lookup relationships all support inclusion of the related object by requesting the child with the same name as the property. Associated data via the AppDict relationship definitions in the system may also be requested by their relationship code names (see Application Dictionary Relationship data).

Include or exclude fields or embedded content using a comma separated list.

  • E.g. *, *.*, fielda, .child1.field2, .child2.*, .child3.subchild1.*

  • Exclude items by prefixing with “-”, e.g. “-field1,-field2,-.child1.*,-.child2.field5”.

  • Select related items via dot notation using relationship codes, e.g. “.relcode1.*,.relcode1.relcode2.*”. 

  • The default for the list and resource level GET is “*”, which selects all properties on each returned object.

  • Child/related items are returned using the standard HATEOAS HAL _embedded container.

GET on list resource or item resource

order=

This clause contains an optional comma separated list of fields to sort the result list.

Reverse the sort order from the default ascending to descending by prefixing fields with “-”, e.g. order= -field1, field2, -field3.

Default is to order by Pk / O_Key. Using invalid field names in the order list will return a 400/Bad Request.

GET on list resource

page=

Requests a specific page from the list resource. Defaults to page 1 (paging support)

GET on list resource

pagesize=

Set an explicit page size to override the default page size of 50 (page support)

GET on list resource

version=

Requests a specific version of the API call

All

where=

Simple filter expressions. This clause contains conditions to be applied to select the result list. The expression format is similar to the ODATA standard, e.g. where=field1 eq 123 and (field2 like '%12' or field4 ne 'X').

Distinct items must be separated by white space. Brackets “()” can be used to group items or to change precedence. Using invalid field names in the expression will return a 400/Bad Request.

Currently supported operators:

  • eq” – equals

  • ne” – not equals

  • gt” – greater than

  • lt” – less than

  • ge” – greater than or equal to

  • le” – less than or equal to

  • like” – “like” wild card match. Use “%” or “*” to match multiple characters. Use “?” or “_” to match a single character, e.g. field1 like 'NEW*'.

  • in” – “In list” performs checks against membership in a list of similar items, e.g. field1 in ('X', 'Y', 'Z')

Currently supported connectors:

  • and

  • or

  • not

Formats for values of different types:

  • Strings:  can sometimes remain unquoted, but best to surround in ' or "; Example: 'John Smith'

  • Booleans:  true or false

  • Dates:  yyyy-mm-dd.  Example:  2020-10-31

  • Date/Times:  yyyy-mm-ddThh:mm:ss.  Time portion is optional and defaults to 00:00:00, which is midnight at the start of the day. Hours must use 24-hour format. Example: 2020-10-31T13:13:59, 2020-04-03

  • Numbers:  No currency symbols, quotes, thousands separators. Do not localize. Example: -12.5, 44433

  • Arrays:  Lists of items can be grouped by surrounding by [ ] or ( ).  Example:  ('IN', 'AC')

  • null can be used for a null value where that value is acceptable

GET on list resource

method=

Invokes custom or API retrieve logic. Specific end points may implement special support for specific method names on a case by case basis. This is also used to invoke existing API retrieve methods on each business class (resource). Use the existing V4 API documentation to discover the names and parameters of the static retrieval methods supported. Any existing retrieve method which returns the target resource business item or a list of target resource business items is supported.
Additional query strings on the call (order, where, pagesize, etc) are also applied if included, after the method logic is invoked.

Format:     method=methodName(parameter1, parameter2, ...)

    methodName:
  • Name of the special implementation function or existing API retrieve method.

  • Only API methods which return a single or list of the target resource are exposed

  • Case insensitive

     parameters:
  • Zero or more comma separated simple values (string, number, boolean, DateTime, null)

  • Arrays of simple types can be used by bracketing the comma separated values with [ ]

  • Strings should be quoted with matching ' or "

  • Booleans are true or false

  • Dates are in the form yyyy-mm-dd

  • Date/times are in the form yyyy-mm-ddThh:mm:ss

  • null can be passed for applicable parameters

  • "CisSession" object is not needed and is injected for you

  • Complex lists or types are not supported beyond specifying null for them as a placeholder

  • methods without parameters can use "()" or leave out the trailing braces altogether

Example 1

    Signature in API:  GetByCustomerAccount(CisSession session, string customerNumber, string accountNumber, bool checkAccess = false, params string[] statusOrder)

    Usage: /data/customeraccount?method=getbycustomeraccountstatus('0001233', '014000555', false, ['AC','IN'])

Example 2

    Signature in API:  GetLast50CustomerAccount(CisSession session)

    Usage: /data/customeraccount?method=getlast50customeraccount&fields=*,*.customer,*.account

GET on list resource



Common Status Codes

The various status codes that can occur when using HTTP methods are listed in the following table:

Status Code

Description

200

OK – Request was successfully processed.

201

Created – New item was successfully added.

204

No Content – Item was successfully processed and no response content was returned. (See X-AdvancedUtility-NoContent header attribute)

304

Not Modified – If-None-Match condition failed for a resource GET

400

Bad Request – Client request is somehow incorrect.

When the status message is "Validation failed", then body details contain validation details associated with the error.

401

Unauthorized – Authentication failure returned when you are not authenticated or authenticated incorrectly (ie. incorrect user or password).

403

Forbidden – Authorization failure returned when you try something that you do not have security access to from the CIS security subsystem.

404

Not Found – Requested resource not found, etc...

405

Method Not Allowed –  Authorization failure when user attempts an operation not allowed on that resource.

412

Precondition Failed – If-Match condition failed, or a non-GET If-None-Match condition failed

500

Internal Error – Server handling is somehow incorrect – exception, etc..

503

Service Unavailable


Common Status Codes by HTTP Method

The common status codes that can occur when using HTTP methods are listed in the following table:

HTTP Method

Status Code

GET

200, 304, 400, 401, 403, 404, 412, 500, 503

POST

201, 400, 401, 405, 412, 500, 503

PUT

200, 204, 400, 401, 404, 405, 412, 500, 503

PATCH

200, 204, 400, 401, 404, 405, 412, 500, 503

DELETE

200, 204, 400, 401, 404, 405, 412, 500, 503

VALIDATE

200, 400, 404, 405, 412, 500, 503

NEW 200, 400, 404, 405, 412, 500, 503


See RFC7231 for more details and standards around HTTP verbs and response codes.



Header Tags

Common header tags that apply to the API requests:

Header Tag

Direction (from)

Description

Date

Server

Required. Standard HTTP Date header indicating the date and time of the message.

Content-Type

Client / Server

Required. Standard HTTP header item. Should indicate the type of the body content being sent. Common values are:

  • application/json

  • text

Content-Length

Client / Server

Include when applicable. Standard HTTP header item. Indicates the length of the content body data.

Accept

Client

Standard HTTP header item.  Specifies type of data requested to be returned to client. If not used, the Advanced Web API defaults to application/json.

Selected GET calls support additional types when applicable (e.g. /data/ebill/{id}/image supports additional types like application/pdf, application/octet-stream, text/html, etc)


Authorization

Client

Required. Basic xxxxx  (where xxxxx is base-64 encoded “userid:password”  or “userid:token”). The userid and password are CIS UserIds and the corresponding password. Once a CIS session is established, you can optionally use the token associated with that login to improve performance on subsequent calls until the session is closed or times out.

ETag

Server

Entity Tag identifier

  • Returned on all resource level operations.

  • Used with the If-Match and If-None-Match headers for cache control or optimistic locking.

  • Advanced REST Web API only uses strong ETag values


If-None-Match

Client

Optional. Used with ETag to implement caching on GET operations.

If-Match

Client

Optional. Used with ETag to implement optimistic locking.

X-AdvancedUtility-NoContent

Client

Optional tag to indicate that the response should not send back the resource after the operation. If not included, or included with a value of ‘false’, ‘off’, or ‘no’, then the response will contain the resulting resource and typically respond with 200/OK. If included with a value of ‘true’, ‘on’, or ‘yes’, then the response will not include the updated resource and will typically use response 204/No Content. POST is unique and will respond with 201/Created in both cases and simply include or not include the content depending on this tag.

The default is to always include the result resource in the response.

Applies to POST, PUT, PATCH, DELETE; and is ignored by GET, NEW, VALIDATE

X-AdvancedUtility-JsonResponseCamelCase

Client

Optional tag to indicate whether the response should format the returned JSON using the old standard of camel-casing for all responses or not. If set to included with a value of ‘false’, ‘off’, or ‘no’, or "0" then the response leave the included JSON variable case untouched (in native REST/C# format). If included with a value of "true", "on", "yes", or "1", the response JSON will continue to be formatted in the original way it had been before this option was implemented. If the header is not present, the JSON response content will currently default to applying the camel-case formatter, but this will change in a future release of REST Web API.

Applies to GET, POST, PUT, PATCH, DELETE, VALIDATE, NEW

X-AdvancedUtility-NoAuthChallenge

Client

Optional tag to indicate that a 401 (Unauthorized) response should suppress the normally included WWW-Authenticate challenge header. This header typically causes a login prompt to appear in browsers when a REST call returns 401, and this is sometimes not desireable, such as when the browser is internally calling REST via a proxy on the web server redirected to the REST server. Any value is acceptable, since the presence of the header is what triggers the suppression.

Applies to GET, POST, PUT, PATCH, DELETE, VALIDATE, NEW

Location

Server

Always included on a successful POST response (201/Created). Contains the URI of the newly created resource.

X-HTTP-Method-Override

Client

Override the HTTP method on a GET or POST to the one indicated on the header. This is used for cases when support for the actual method does not exist in the client, or when the network will not pass REST methods for security reasons. In those cases, use GET or POST and specify the actual method desired in this header. POST will support all other verbs. GET is only allowed for other “safe” methods (VALIDATE, HEAD, OPTIONS). This is typically needed to invoke the custom actions 'VALIDATE' and 'NEW'.

Content-Language

Client

Standard HTTP header item.  Specifies the request language content type. This is used in rare cases on a POST or PUT to control the localization language to which the call applies (e.g. POST /application/resource )

Examples of acceptable language codes to use: *, en, en-CA, en-US, fr, fr-CA. Any unrecognized options are ignored and will result in the response being in the current language preference of the CIS user associated with the request.

Accept-Language

Client

Standard HTTP header item.  Specifies the response language preference for content to be returned to the client by this request. If not used, the Advanced Web API defaults to the existing language preference associated with the current CIS user associated with the request.

Examples of acceptable language codes to use: *, en, en-CA, en-US, fr, fr-CA. Any unrecognized options are ignored and will result in the response being in the current language preference of the CIS user associated with the request.

Note: Only some aspects of the response details can be affected by this header. Some are internal and only controlled by the CIS user language preference.

Accept-Encoding

Client

Optional. Indicates that the response can use one of the listed encoding methods to compress the response content. "gzip" and "deflate" are supported. Request one or the other, or both in order of preference. Unsupported encoding methods can be requested, but will be ignored.

The response will contain the standard HTTP Content-Encoding header item to indicate which encoding was applied.

Content-Encoding

Server

Indicates that the response contains body content encoding using the specified compression method. "gzip" or "deflate" are possible.


See RFC7231 Request Headers for more details on these and other HTTP headers.

 

 

Custom Field and Table Support

CIS custom fields functionality is completely supported through the REST interface. Every return business model contains an additional container property o_CustomData with properties corresponding to each custom field and value associated with that resource.  Each custom field item defined on the resource is included with its current value. Property names and values are formatted exactly like all other object properties.

Note that PUT/POST handling for custom properties is slightly different from the standard properties:

Note that PATCH support is slightly different for custom properties. The path reference in the PATCH command should be formatted as "/O_CustomData/MyPropertyName" rather than just the property name alone as with standard properties.

    Example:

    PATCH ../data/serviceorder/901950

    [
      {"op":"replace","path":"/serviceMessage","value":"BIF023 has Custom Fields"},
      {"op":"replace","path":"/o_customdata/test","value": true},
      {"op":"replace","path":"/o_customdata/topfigure","value": 3.5}
    ]

 

Logging

The Advanced Web API REST server has the ability to log system messages as well as request/response details. The logging is configured via settings in the NLOG.config file in the Advanced Web API home folder. Examples and additional documentation are available in the NLOG.config.sample file, also in the Web API home folder. Documentation on unusual or advanced logging configurations can be found at the NLOG website.

System Log

The system log name is WebApi and records any system level events, messages, and errors. It logs levels Debug, Info, Warn, and Error. Debug level messages are verbose and log internal functionality typically around session and cache management and operations. Info level messages record normal system operations like start up and shutdown and requests for system actions like enabling, disables, or recycling, the server. Warn and Error level messages are important and should be reviewed and addressed immediately.

Request/Response Logs

Web API has the ability to record detailed information about any requests and responses handled by the server. Details such as request user, URI, method, and payload can be selected. Response details can also be tracked for each request, including response code, message, and payload. Care should be taken when selecting request or response payload logging, since it imposes a heavy load on the server and the logger. Requests can be filtered based on method, URI, and response code.

Request/response logger configuration is done with a logger item of the form: <logger name="[method pattern]:[URI pattern]" levels="[levels]" writeTo="[target]" />

[method pattern]
HTTP method verb(s) that this logger activates. Available verb names are GET, PUT, POST, PATCH, DELETE, VALIDATE, and NEW. Multiple verbs can be combined by using "," or "|" separators. Required; use "*" to match all verbs.
[URI pattern]
URI path that this logger applies to. Only one path can be specified, but a trailing wildcard "*" character can be used to match all child paths. A leading "/" is optional and implied if missing. "/data/sta*" would match paths "/data/state" and "/data/station". and all children of them, while "/data/state/*" would only match that exact path and its children. Required; use "*" to match all paths.
[levels]
Selects the logging levels to activate for. Comma separated list of one or more of: Debug, Info, Warn, Error. Debug = 2xx messages; Info = 1xx/3xx messages; Warn = 4xx messages, and Error = 5xx messages. Can use NLOG directive 'minlevel' instead.
[target]
Reference to the NLOG <target> item that will format and emit this logger item.

Additional logger target layout items are available to access the specialized data associated with a request and response. These layout items are accessed using a layout= attribute on the target definition and have the form layout="${event-properties:[keyword]}" where [keyword] is one of the following: User, UserIp, HttpMethod, RequestUri, RequestPath, RequestQueries, RequestHeaders, Status, ElapsedTime, RequestBody, ResponseBody

Sample NLOG configuration file

 

Additional Documentation About Advanced Business Functions

 

Web API Code Examples and Resources

Sample code for HTTP requests provided using different programming languages. This is a sample code, which interacts with CIS classes and provides GET, PUT, POST, DELETE, PATCH, VALIDATE methods



Getting Started with the published OpenAPI using Swagger