Page History
...
Parameter | Description |
---|---|
RemaiiningURL | The remaining portion of the URL that follows the URL that launched this current service. This information is used in the HTTP_Service_Setup insert to populate other useful variablesSee the remarks section below. Required. |
Remarks
HTTP_Authentication_Services
is an application service module that handles authentication into the API. By default this service is automatically called within the HTTP_MCP controller routine. It is recommended that this be left in place. If the developer wishes to disable authentication (either temporarily for testing purposes or permanently), it is better to set the Enable Authentication Flag to 0 in the SRP_HTTP_FRAMEWORK_SETUP configuration record.
Authentication is different from authorization (even though HTTP Basic Authentication uses the Authorization request header field) and this is important when building access to the API. Authentication normally means the user’s credentials are valid. However, this does not guarantee that the user has sufficient privileges to access (or modify) the requested resource. This is where authorization comes in. Failure in authentication or authorization can both return a 401 (Unauthorized) status code, but a failed authorization might return a 403 (Forbidden) status code. Web service code that easily retrieve the authentication credentials to make authorization decisions.
Services
Web services are designed to process HTTP requests. In order to do this properly, they need to have access to specific information such as the HTTP method, entry point URL, and end point, URL. These commonly needed data points are assigned to several variables in the HTTP_Service_Setup insert.
Setup Variables
Variables | Description |
---|---|
APIURL | The base URL for the API entry point (e.g., api.mysite.com/v1). |
FullEndPointURL | The URL submitted by the client. |
HTTPMethod | The HTTP Method (Verb) submitted by the client (e.g., GET, POST, etc.) |
SelfURL | The URL path representing the current service. |
NextSegment | The URL segment immediately following the SelfURL (if any). This could contain the name of the next service or it could contain the Item ID for the current service (aka resource). |
CurrentServiceHandler | The name of the currently running BASIC+ stored procedure. |
Service | Description |
AuthenticateRequest | Usage: Comments: Returns: |
CleanUp |
Param1 - Param10
The proper use of the generic arguments are defined in the definition of each service above.