Salesforce

REST Client Resource (Magic xpi 4.14)

Printable View
« Go Back

Information

 
Created BySalesforce Service User
Approval Process StatusPublished
Objective
Description

REST Client Resource

The REST Client resource is used to define the RESTful API server URL and the operations exposed by the server. A user is expected to know what is the Server URL, Paths and operations exposed by the RESTful API provider. The user can define one security type per resource. The resource can have one or more Paths to define the API and for each Path user can define the Query Parameters, Header Parameters, and Form Parameters.

REST Client resources contain the following parameters (the parameters in bold are mandatory):

Parameter

Description

Local Agent

To make the resource work as a part of Local Agent, make this value True.

The default value is False.

(Since version: 4.13.6)

LA Name

The name of Local Agent, the step based on this resource, is going to invoke.

This parameter will be available only when the value of Local Agent is set to True.

(Since version: 4.13.6)

API Definition Method

Select one of the two API Definition methods below:

  • Custom (Default)

  • Open API

To configure the resource with OpenAPI Specification file, select the method as Open API. Once selected you can select the file using the Load OpenAPI button.

(Since version: 4.14)

OpenAPI Document Version

This field will be populated once the Open API file is loaded using the Load OpenAPI button.

Magic xpi supports 3.0.x and 2.x version of Open API.

OpenAPI version 3.1 is not supported

(Since version: 4.14)

OpenAPI Document

This is the path of the OpenApi Document imported using the Load OpenAPI button.

(Since version: 4.14)

Server URL

Server URL is also known as base path which will be used to define the API endpoint. The server URL and the Path will create one API endpoint URL that can be invoked for HTTP operations like Get, Post etc.

Enter the REST server URL or click (ellipsis button) to open the Environment Variable List. Here, the user can select an environment variable to use as a server URL.

  • The Server URL should not start with or end with the dot (.) and slash (/) characters. Apart from this, the characters which are not allowed to be used as a part of Server URL are [space] < > { } | \ ^~ #

  • Host verification feature of REST Client gives an error when a host is accessed using its IP Address instead of Host Name. To skip the host verification, add an underscore (_) character as a suffix to the HTTP protocol.

For example, HTTPS_:\\

Security

Security type is used based on what type of security server has implemented.

This is a combo-box. Select the required security type from the drop-down list.

  • None (default)

  • HTTP-Basic

  • HTTP-Digest

  • OAuth2

User

The username for authenticating the REST Client resource when the user selects HTTP-Basic or HTTP-Digest security type.

Password

The password for authenticating the REST Client resource when the user selects HTTP-Basic or HTTP-Digest security type.

OAuth Refresh Token Status

Indicates whether a refresh token was successfully obtained when the OAuth 2 authorization process was performed. The possible values are:

  • Missing (Default)

  • Available

Authorization URL

The Authorization endpoint is used to interact with the resource owner and get the authorization to access the protected resource.

Enter the Authorization URL or click (ellipsis button) to open the Environment Variable List. Here, the user can select an environment variable to use as an Authorization URL.

Access Token URL

The Access Token endpoint is used by the application in order to get an Access Token or a Refresh Token.

Enter the Access Token URL or click (ellipsis button) to open the Environment Variable List. Here, the user can select an environment variable to use as an Access Token URL.

Callback URL

When requesting Authorization code through Authorization URL, the Callback URL will be passed as value for parameter called redirect_uri. A successful response from Authorization endpoint results in a redirect to this URL.

Enter the Callback URL or click (ellipsis button) to open the Environment Variable List. Here, the user can select an environment variable to use as a Callback URL.

Client ID

The ID of the application that asks for authorization. Client ID and Client secret are generated at the time of client registration process at the Authorization server.

Enter the Client Id or click (ellipsis button) to open the Environment Variable List. Here, the user can select an environment variable to use as a Client ID.

Client Secret

The secret string provided for the Client Id during the Authorization process.

Enter the Client Secret or click (ellipsis button) to open the Environment Variable List. Here, the user can select an environment variable to use as a Client Secret.

Scope

Scope is an option, in case some Authorization server has defined scope and expecting Scope to be sent while retrieving the OAuth 2 Access/Refresh Token.

Enter the Scope or click (ellipsis button) to open the Environment Variable List. Here, the user can select an environment variable to use as a Scope.

State

Some REST Endpoints may require the user to provide the State parameter during the OAuth 2 process. The parameter is usually required for a more secure authentication system. The OAuth 2 authentication may fail if the required state value is missing or incorrect. This is required to prevent Cross Site Request Forgery (CSRF).

(Since version: 4.13)

HttpMultipartMode

This parameter allows you to choose the specification of how the multipart content will be constructed.

The following modes are supported:

  • Strict (Default)
    In this mode the multipart request must adhere to the strict specification defined in the HTTP standards. If the request does not comply with the specification, an exception will be thrown.

  • Browser Compatible
    Use this mode for the multipart requests to be more lenient and compatible with the way browsers handle multipart requests. This mode allows deviations from the strict specification and handles common non-compliant behavior observed in browsers.

  • RFC6532
    This mode is specifically designed to handle RFC 6532 compliant requests, which deal with non-ASCII characters in MIME headers.

If you are unsure of this property, it is safe to keep it as the default (Strict).

To learn more about the specification, refer to https://www.javadoc.io/doc/org.apache.httpcomponents/httpmime/4.5.7/org/apache/http/entity/mime/HttpMultipartMode.html

(Since version: 4.14)

Requires Client Certificate

To enable the Client Certificate Authentication, select Yes option from the drop-down menu. Client certificates are used to validate the identity of a client with the server.

The default is No.

(Since version: 4.13.4)

Client Certificate Type

Select the type of certificate. The supported formats are:

  • JKS (Java Key Store) - Default

  • p12/pfx

This parameter is available only if you select Yes in the Requires Client Certificate parameter (above).

Client Certificate File

Provide the path to the client certificate as per the format selected in Client Certificate Type.

This parameter is available only if you select Yes in the Requires Client Certificate parameter (above).

Client Certificate Password

The password for the Client certificate.

This parameter is available only if you select Yes in the Requires Client Certificate parameter (above).

REST Client resources also give you the following buttons:

Button

Description

Access Token

Click this button to retrieve the Access/Refresh token when OAuth2 is selected as a security type.

On clicking the button the OAuth2 authorization process will be initiated. This process will take the user to the Authorization grant page in the browser window where the user can log in using User and Password and provide the access grant to allow the REST component to access the resource on the OAuth2 Authorization window. The process uses grant type as Authorization code where the following parameters will be used.

  • Authorization URL

  • Access Token URL

  • Callback URL

  • Client Id

  • Client Secret

  • Scope (Optional)

The user should provide these values and click the Generate Token button to get the access token from the provider. Once this operation is complete the OAuth2 Refresh Token Status parameter (above) will be set to Available.

Paths

Path is generally the route through which the user can access the REST API. The value of the Path parameter will be appended to the Server URL in order to form REST API endpoint. The Path is URL path and when combined with HTTP verb like Get or Post etc., it becomes one unit for one API call.

Click on the Paths button to define the Paths to be used by the REST Client. On the Paths window the user can add or remove the Query Parameters, Header Parameters, Form Parameters, Cookie Parameters for each path. For more information, click here.

When the API Definition method is selected as Open API, then the paths will be auto populated using the Open API document.

In this case the paths will be non-editable. Any change to the path needs to be done in the Open API document and then imported again. In custom mode users can enter their own paths.

On switching the method to custom from OpenAPI, all the paths populated using the OpenAPI Specification will be retained and users can manually edit them.

Load OpenAPI

To open the API specification file, click on the Load OpenAPI button. This will provide a file dialog where you can choose the API specification file of either YAML or JSON type. Once the file is selected, the xpi will read the file and populate the OpenApi Document Version and the OpenApi Document path above.

(Since version: 4.14)

Since version: 4.9

Reference
Attachment 
Attachment