What is a REST API?
Explanations and some useful links: http://stackoverflow.com/questions/671118/what-exactly-is-restful-programming
REST stands for "REpresentational State Transfer", which boils down to simply that the API is self describing and uses methods that represent the actions it is performing.
For example: In HTTP, there are a number of different types of requests (Verbs) you can send a web server:
- GET - fetch an existing resource. The URL contains all the necessary information the server needs to locate and return the resource. (to get data)
- POST - create a new resource. POST requests usually carry a payload that specifies the data for the new resource. (to insert data)
- PUT - create/replace an existing resource. The payload may contain the new or updated data for the resource. (to insert/replace data)
- PATCH - update an existing (or part of a) resource. The payload may contain the updated data for the resource. (to update data)
- DELETE - delete an existing resource. (to delete data)
URL's in RESTful API's are usually fairly self describing so:
GET https://yoursite.chasesoftware.co.za/api/Jobs/
Would get you a list of jobs. Filters could be applied by adding something to the query string, or perhaps to the path, as follows:
When you add in things like "authentication" and specifying complex filters/updates things get a bit more complex, but they're all done using standard processes in HTTP requests.
Current supported format is JSON.
Response Codes + Error Handling
All calls to the service will return an HTTP Status code and any other relevant data will be in the Body of the response.
HTTP Code | Description | Occurs When: |
200 | OK | Everything performs as expected. |
201 | Created | A new entity has been created. |
400 | Bad Request | A malformed request was sent through or when a validation rule failed. Validation messages will be returned in the response body. |
401 | Unauthorized | The user is not correctly authenticated and the call requires authentication. The user does not have access rights for this method. |
404 | Not Found | The requested entity was not found. Entities are bound to companies. Ensure the entity belongs to the company. |
409 | Conflict | When attempting to delete an item that is currently in use. |
500 | Internal Sever Error | A server side error occurred. |
|
|
|
Setup + Testing
The data is secured by a standard Chase login (hashed or normal passwords).
You will need a user with either 'Full' or 'API' license to access the API.
It is recommended that you use a tool like Postman (https://www.postman.com/) to test API calls and confirm data before trying to integrate into your own application.
The most basic call to the API is to check your Chase version. This call does not need authentication, but will ensure that you are accessing the API on the correct URL.
Use Postman and send a GET Request to https://yoursite.chasesoftware.co.za/api/version
You should get a 200 OK Response Code and get a string value looking like "6.310.*"