REST resource asset
The REST resource asset is used to communicate with web services exposing themselves using representational state transfer (REST) methods. The asset enables content to be retrieved from other REST web services, allowing the posting and modification of data using HTTP GET, POST, HEAD, PUT and DELETE requests. Access to servers is processed through authentication settings with the REST resource OAuth session and OAuth 2-legged assets, allowing access to OAuth secure REST web services.
The REST manager can also cache requests based on the cache settings configured on the Details screen.
The REST functionality only supports requests to HTTP and HTTPS URLs.
Details
The Details screen of the REST resource asset allows you to configure the settings for the HTTP request to the external web server(s).
Read the Asset screens documentation for more information about the Status, Future status, Thumbnail, and Details sections.
HTTP request
This section allows you to configure the settings of the HTTP request of the REST resource, including the request method and URL of the target REST web service.
The fields available in this section are as follows:
- Method
-
Select the method of requests made by the REST resource. The methods available are as follows:
- Get
-
This allows you to make a GET request. This method is used to retrieve and list the content of a resource.
- Post
-
This allows you to make a POST request. This method is used to create and modify the content of a resource (for example, adding data to a field on a custom form). Selecting this request method and selecting Save will display the following additional configuration options:
-
Cache post requests option
-
Request body field.
-
- HEAD
-
This allows you to make a HEAD request. This method is used to retrieve information from an object, such as its update status, without downloading it.
- PUT
-
This allows you to make a PUT request. This method is used to update and replace the content of a resource. Selecting this request method will display the Request body field.
- DELETE
-
This allows you to make a DELETE request. This method is used to delete the content of a resource. By default, this field is set to GET.
- Use HTTP 1.0
-
Select whether to use HTTP 1.0 for the HTTP request instead of the default HTTP 1.1. This is useful when dealing with advanced configurations with older proxy servers that do not fully support HTTP 1.1.
- Cache post requests
-
Select whether to cache POST requests made by the REST resource. POST requests are usually independent operations that will cause a different outcome with each subsequent use. Be careful when using cache so that POST operations are not unexpectedly repeated. Repeating POST operations may have undesirable results. This field is only available when making a POST request.
- URL(s)
-
Enter the URL(s) of the REST web services with which you want to communicate. Any number of URLs can be entered in these fields.
- Timeout (seconds)
-
Enter the amount of time in seconds that the REST resource will attempt to communicate with the selected REST web services before returning an error. This field is set to
10
seconds by default. - Follow redirects
-
Select whether the request will follow any URL redirection set by the selected URL(s). For example, say the site HTTP://www.example.com redirects to http://www.newexample.com. If this field is selected and the REST resource is set to communicate with the example URL, the request will be redirected to the
newexample
URL. By default, this field is enabled. - Disable SSL certificate
-
Select whether to disable SSL certificate verification on HTTP requests. This can be useful in cases where the requesting host is using self-signed certificate verification. By default, this field is disabled, meaning SSL certificate verification will be used.
When connecting to web services that require 2way or mutual SSL authentication, additional fields can be utilized to specify the file paths of the SSL certificate, key, and ca (certificate authority). These fields are outlined below.
- SSL certificate filepath
-
Enter the file path of the SSL certificate for SSL verification.
- SSL key filepath
-
Enter the file path of the private key for SSL verification.
- SSL ca filepath
-
Enter the file path of the certificate authority file for SSL verification.
- Cache options
-
Select how requests made by the REST resource will be cached. By default, this field is set to use HTTP expiry headers. The options available are as follows:
- Never cache
-
The request will not be cached.
- Use default expiry
-
The request will be cached according to the amount of time configured in the default cache expiry (seconds) field (see below).
- Use HTTP expiry headers
-
The request will be cached according to the cache settings of the requested URL.
Squiz Content Management will use the system’s cache manager to cache the request made by the REST resource (using the REST manager asset type code).
As such, the cache manager must be enabled and configured appropriately for these options to work. Read the Cache manager documentation for more information.
- Default cache expiry (seconds)
-
Enter the amount of time in seconds that the REST resource will be cached before expiring. This field is only used if the cache options field is set to Use default expiry. By default, this field is set to
60
seconds. - Authentication type
-
Select the authentication type that will be used to access the requested URL. This will allow access to secure REST web services. The options available are as follows:
- None
-
No authentication will be attempted. If the requested URL requires authentication, the request will fail.
- HTTP basic
-
Password authentication will be used. To use this authentication type, select HTTP basic from the drop-down menu and select Save. The username and password authentication fields appear for you to provide the relevant authentication information.
- Matrix cookie passthrough
-
Authentication will be determined by the session cookie set by Matrix, provided it contains valid authentication information. This cookie will be passed through to the response header of the requested URL.
- OAuth
-
Select this method when communicating with an OAuth secure REST web service. When this option is selected, select Save. An additional field appears where you can select a REST resource OAuth session with the configured OAuth authentication information for the target web service.
By default, this field is set to None.
- Digest auth
-
This option will use digest access authentication on the HTTP request. To use this authentication type, select digest auth from the drop-down menu and select Save. The username and password authentication fields appear for you to provide the relevant authentication information.
- Request headers
-
Assemble additional headers to send as the header of the request.
- Request body
-
Assemble additional parameters to send as the body of the request. For example, you could set query parameters on a post request using the example request body shown below.
Query=`%globals_get_query^uppercase%&query1=%globals_get_query1^lowercase%`
This request would set the
query
andquery1
parameters as global keyword replacements, able to be called on the REST web service being communicated with.Keyword modifiers have also been used to display the query parameter in uppercase and the query1 parameter in lowercase. This field is only available when making a POST or PUT request.
- Convert to UTF-8
-
Select this option to convert the response body to UTF-8 (8-bit Unicode Transformation Format) character encoding. Activate the option and then click Save. The Document encoding field appears.
- Document encoding
-
Select either auto-detect or a specific character encoding system to convert the response body. The following encoding systems are available:
-
ISO-8859-1
-
ISO-8859-15
-
CP866
-
CP1251
-
CP1252
-
KOI8-R
-
BIG5
-
GB2312
-
BIG5-HKSCS
-
SHIFT_JIS
-
EUC-JP
-
UTF-8
-
- Append query string to the request URL
-
Select this field to enable query strings passed on the URL of the REST resource to be appended on the URL of the HTTP request.
- Forward user information
-
Select this field to forward user information on the HTTP request. This information can be useful when performing permission checks on the REST web service.
- Run test
-
Select this field and select Save to run a request test. Sample return code will be displayed in this field, similar to what is shown in the figure.
- Allow keyword replacements
-
Select whether keyword replacements should be replaced in the REST response. If this option is enabled, Matrix will identify and replace content in the keyword format (wrapped in percent signs). By default, this field is set to No, meaning that this option is disabled.
- Allow multiple runs
-
Select whether multiple runs will be allowed if the REST resource asset is nested more than once on the same page.
If this field is set to Yes, requests will be forced to re-run for each instance of a request on a page. By default, this field is set to No.
- Forward response headers
-
Select whether to forward headers from the REST response. This allows you to pass through objects of an unknown type without alteration. By default, this field is set to No.
- Error response
-
Enter the content that will be displayed if the request returns a client (4xx) or server (5xx) error code. For example, say you have entered the text, this web service cannot be contacted into this field. This error message will be displayed if the REST web service URL returns a client or server error.