Difference between revisions of "REST API/Considerations"

From LongJump Support Wiki
imported>Aeric
imported>Aeric
 
(10 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Important|
To use the REST APIs, the first step is to ''log into the platform''. The response to the REST login request contains a ''cookie string'' that includes the session ID and other session details.
:'''''That cookie string must be present in all subsequent REST requests'''''.
(Browsers do that automatically, so once you are logged in, REST APIs in JSP pages "just work". But when writing a program, you need to code that behavior.)
:''Learn more:'' REST API [[REST_API#Sample_Programs|Sample programs]]}}
:* The REST APIs are granular (each call operates on a single entity)
:* The REST APIs are granular (each call operates on a single entity)
:* Each REST API call is treated as a single transaction
:* Each REST API call is treated as a single transaction
:* In most cases, APIs have a direct one-to-one mapping with the UI
:* In most cases, APIs have a direct one-to-one mapping with the UI
:* Data input and output can be in either in XML or JSON format
:* Data input and output can be in either XML or JSON format.
:* It is necessary to login to the platform before making a REST API call (and logout afterwards)
:* The content types for request data are <tt>application/xml</tt> and <tt>application/json</tt>.<br>(<tt>text/xml</tt> is ''not'' supported.)
:* All REST API calls execute within the context of the [[User]] that is logged in. As with all UI actions, this means that any subsequent REST API calls (to access levels, data visibility, team membership, etc.), are governed by the [[Role Based Access Permissions]] granted to the User.
:* All REST API calls execute within the context of the [[User]] that is logged in. As with all UI actions, this means that any subsequent REST API calls (to access levels, data visibility, team membership, etc.), are governed by the [[Data Access Permissions]] granted to the User.
:* REST API calls are broadly categorized as Data API or Metadata API (excluding login/logout)
:* REST API calls are broadly categorized as Data API or Metadata API (excluding login/logout)
:* Data calls can span multiple objects, for example, the ''owner'' field in an object, or [[Lookup]]s (foreign key relationships) to some other objects
:* Data calls can span multiple objects, for example, the ''owner'' field in an object, or [[Lookup]]s (foreign key relationships) to some other objects
Line 24: Line 29:
:* Field elements are optional in record updates. If a field is missing, existing data in that field is unaffected. If a field is present, but empty, any existing data in that field is deleted.
:* Field elements are optional in record updates. If a field is missing, existing data in that field is unaffected. If a field is present, but empty, any existing data in that field is deleted.
:* When the database value for a checkbox field is null, the REST API returns 0. (So the value is always <tt>1</tt> (checked) or <tt>0</tt> (unchecked), whether or not the field has been initialized.)
:* When the database value for a checkbox field is null, the REST API returns 0. (So the value is always <tt>1</tt> (checked) or <tt>0</tt> (unchecked), whether or not the field has been initialized.)
{{:URL Encoding}}
<noinclude>
<noinclude>
[[Category:REST API|11]]
[[Category:REST API|11]]
</noinclude>
</noinclude>

Latest revision as of 22:22, 12 December 2012

Warn.png

Important: To use the REST APIs, the first step is to log into the platform. The response to the REST login request contains a cookie string that includes the session ID and other session details.

That cookie string must be present in all subsequent REST requests.

(Browsers do that automatically, so once you are logged in, REST APIs in JSP pages "just work". But when writing a program, you need to code that behavior.)

Learn more: REST API Sample programs
  • The REST APIs are granular (each call operates on a single entity)
  • Each REST API call is treated as a single transaction
  • In most cases, APIs have a direct one-to-one mapping with the UI
  • Data input and output can be in either XML or JSON format.
  • The content types for request data are application/xml and application/json.
    (text/xml is not supported.)
  • All REST API calls execute within the context of the User that is logged in. As with all UI actions, this means that any subsequent REST API calls (to access levels, data visibility, team membership, etc.), are governed by the Data Access Permissions granted to the User.
  • REST API calls are broadly categorized as Data API or Metadata API (excluding login/logout)
  • Data calls can span multiple objects, for example, the owner field in an object, or Lookups (foreign key relationships) to some other objects
  • The REST API implements the database CRUD model (Create, Read/Select, Update, Delete) using HTTP protocol requests (POST, GET, UPDATE and DELETE).
CRUD Action HTTP Method
Create POST
Read/Select GET
Update PUT
Delete DELETE
  • Field elements are optional in record updates. If a field is missing, existing data in that field is unaffected. If a field is present, but empty, any existing data in that field is deleted.
  • When the database value for a checkbox field is null, the REST API returns 0. (So the value is always 1 (checked) or 0 (unchecked), whether or not the field has been initialized.)

Notepad.png

Note:
When specifying a URL in code, any special characters (characters other than letters and numbers) need to be encoded. For example, a space character is encoded as %20.

(Browsers typically take care of encoding URLs entered into the address bar--so the URL displayed after visiting a page may differ somewhat from the one that was initially entered.)

Here are some typical encodings:

space
+
%
%20
%2B
%25

So:

Instead of Use

& (A&B)
space (A B)

%26 (A%26B)
%20 (A%20B)


It can be hard to get be hard to get the encoding right, so it's desirable to use a language library designed for the purpose.
Learn more: