Platform REST API 2.0
REST API v2.0 represents a significant effort to improve the capabilities of the APIs, which are now fully REST Compliant and following latest OpenAPI(v3) Standard using Swagger with an enriched set of API to cover more functionality. Currently, Platform supports Data APIs for object, user and customer.
For documentation on Platform REST API 2.0, see REST API v2.0 Documentation.
REST API 2.0 Authentication
This section details how API developers can be authenticated through one of the following methods while using basic authentication to utilize REST APIs within the Platform.
01. JSON Web Token
This section shows the API developer authentication using basic authentication with an Infinite Blue Platform account and JSON Web Token.
JSON Web Token is a mechanism to authenticate APIs. To access any REST 2.0 APIs, a user needs to pass JW Token in the request header.
Generating a JSON Web Token
To generate a JW token, access the URL http://{HostName}/rest/api2/login/ with basic authentication. This returns the JSON Web Token and URL. Use the URL in subsequent requests. The default expiry time of a JSON Web Token is 30 minutes. Users can change the expiry time under Built-in security levels.
-
Request: In the following example, the URL
http://{HostName}/rest/api2/login/is accessed with basic authentication.curl -X POST \ http://{HostName}/rest/api2/login \ -H 'Authorization: Basic Y2hyb21lQHlvcG1haWwuY29tOnByb2dyZXNz' \ -
Response: In the following example, the response has a generated JSON Web Token
<token-value>along with the URLhttp://{HostName}/prod1/api2/to be used in subsequent requests.{ "JWT": "<token-value>", "url": "http://{HostName}/prod1/api2/" }
Invoking REST API using JW Token
In the following example, the JSON Web Token <token-value> along with the URL http://{HostName}/prod1/api2/ is used to invoke the REST API.
curl -X GET \
'http://{HostName}/prod1/api2/data/<object_integration_name>/record/<id>' \
-H '"JWT": "<token-value>"
02. API Key Token
This section shows the API developer authentication using basic authentication with an Infinite Blue Platform account and API Key Token.
Generating an API Key Token
Basic authentication utilizes API Key tokens. An API token can be generated for the Infinite Blue Platform account to authenticate instead of a password. For information on generating an API Key Token, see Change API Credential. To access any REST 2.0 APIs, the user needs to pass this key in the request header.
Invoking REST API using API-Key Token
In the following example, the API Key Token <token-value> is used to invoke the REST API.
curl -XPOST \
-H 'Api-Key: <token-value>' \
-H "Content-type: application/json" \
'http://{HostName}/prod1/api2/data/<object_integration_name>/record/<id>'
-
Request Header: To know the base URL for all REST 2.0 APIs, access the following URL with the key in the request header. In the following example, the API Key Token
<token-value>is used along the URL http://{HostName}/rest/api2/login in the request header.curl -XPOST \ -H 'Api-Key: <token-value>' \ -H "Content-type: application/json" \ 'http://{HostName}/rest/api2/login' -
Response: In the following response, the API developer was successfully authenticated with the API Key Token passed in the request header.
{ "code": 200, "message": "OK", "results": [ { "url": "http://localhost:8080/prod1/api2/" } ] }
03. UI Session
If the users are already logged-into either Platform or portal, they can directly access the APIs. This enables users to directly invoke the REST API without a need for authentication.
Invoking a REST API from a UI Session
$.ajax({url: "http://<hostName>/prod1/api2/data/{objectIntegrationName}/{recordId}", success: function(val){ console.log(val);
