Professional Documents
Culture Documents
● Header
● Payload
● Signature
Authentication via JWT
Use the endpoint "authn/login" to create a new session.
After a successful login the JSON Web Token is returned by the server.
{
"token": "eyJhbGciOiJIUzI1NiIsE4fQ.eWxNy1QVpDQus (...) 6XbIdj7kiMTQ2LTR.y7Ld1hKpmGPMBiJrw03Jr1ejaNfw",
"success": true
}
The token must be provided in the subsequent requests using the header Access-Token
Authentication via JWT
Use the endpoint "authn/logout" to close the current session.
{
"success": true
}
Info endpoint
Use the endpoint "authn/info" to get the information of the current session.
{
"username": "foo",
"first_name": "",
"last_name": "",
(...)
"groups": [],
"active": true,
"mail": null,
"is_viewer": false
}
HATEOAS and METADATA
Hypermedia As The Engine Of Application State (HATEOAS) is a mechanism for the client
to dynamically discover information about the API.
"_links": {
"self": {
"href": "assets/demo-asset",
"title": "assets/demo-asset"
},
"parent": {
"href": "/",
"title": "home"
}
}
HATEOAS and METADATA
Hypermedia As The Engine Of Application State (HATEOAS) is a mechanism for the client
to dynamically discover information about the API.
"_meta": {
"max_results": 100,
"total": 0,
"page": 1
}
Resources GET, POST, DELETE
Each model (or schema) installed in MIIMETIQ is accessible as a resource in the API.
The items (or assets) of a resource can be managed at the resource URL.
http://api.{domain}/assets/{model}
{
"_total": 0,
"_items": [...],
"_links": {...},
"_meta": {...}
}
Resources GET, POST, DELETE
To create a new item:
{
"_updated": "2019-05-30T05:37:45Z",
"_links": {
"self": {
"href": "assets/demo-asset/5cef6c291d6543004d433841",
"title": "Demo-asset"
}
},
"_created": "2019-05-30T05:37:45Z",
"_status": "OK", The _id and the _etag are provided in the response
"_id": "5cef6c291d6543004d433841", so further edition can be done right away
"_etag": "ef765215879a96a2c627a98c96e714e582bd7d2f"
}
Resources GET, POST, DELETE
To delete all the assets in a resource:
2aa8283707eb5452cc5891ab3ffb6489441360a1
Etags are used in combination with the If-Match header: When two or more clients
attempt to update a resource at the same time, the provided Etag lets the server decide if the
resource should be updated. Only the client providing the valid (current) Etag is allowed to
modify the document.
Without any concurrency checks, the client who submits changes last, wins, and that can
break things in unexpected and unnoticed ways.
Items GET, PUT, PATCH, DELETE
An item (or asset) can be managed at the item URL.
http://api.{domain}/assets/{model}/{objectID}
{
"_updated": "2019-05-30T09:31:46Z",
"_links": {
"self": {
"href": "assets/demo-asset/5cefa2641d6543004f433841",
"title": "Demo-asset"
}
},
"_created": "2019-05-30T09:29:08Z",
"_status": "OK",
"_id": "5cefa2641d6543004f433841",
"_etag": "a436c1493a4ffc0fbe1477b15bec16bb3152f69c"
}
Items GET, PUT, PATCH, DELETE
To modify a single the item or asset:
{
"_updated": "2019-05-30T09:31:46Z",
"_links": {
"self": {
"href": "assets/demo-asset/5cefa2641d6543004f433841",
"title": "Demo-asset"
}
},
"_created": "2019-05-30T09:29:08Z",
"_status": "OK",
"_id": "5cefa2641d6543004f433841",
"_etag": "a436c1493a4ffc0fbe1477b15bec16bb3152f69c"
}
Items GET, PUT, PATCH, DELETE
To delete a single the item or asset:
A client can submit multiple documents with a single request enclosing the documents in a
JSON list.
{
"_status": "OK",
"_items": [
{
"_updated": "2019-05-30T11:10:28Z",
"_links": {...},
"_created": "2019-05-30T11:10:28Z",
"_status": "OK",
"_id": "5cefba241d6543004f433844",
"_etag": "0a37c11945691743335f83f5857b1c89964b72bf"
},
...
...
]
}
Projections
Projections allow clients to create dynamic views of collections and documents by deciding
which fields should or should not be returned.
The use of queries in which the client determines which fields the API should return allows
to save bandwidth and improves the user experience.
Clients have the power to activate document embedding on per-request basis by means of a
query parameter.
When a consumer requests a resource, the first N items matching the query are served, and
links to subsequent/previous pages are provided with the response. Default and maximum
page size is customizable, and consumers can request specific pages via the query string.
It's possible to decide the sort order for a field by adding 1 or -1 for to reverse the order.
The following query would return the documents sorted by name (descending).