Accessing the REST API
Pass-through access: Logged into iMIS
Do the following to access the REST API through a web application endpoint:
- Log in to iMIS.
- Retrieve the verification token from the page. The token is stored in a hidden field with the element ID RequestVerificationToken.
- Compose an HTTP Web Request.
- Add the token to your request header as RequestVerificationToken.
- Complete the request.
Using developer tools and jQuery
Do the following to access the REST API using only a browser with developer tools and jQuery:
- Open a browser.
- Log in to iMIS.
- Open the developer console and enter a request. If the request is correct, a response in the form of a JSON object is received from iMIS.
jQuery.ajax("https://testapi.imis.com/sdkdemo/api/country",
{
type : "get",
contentType: "application/json",
headers: {"RequestVerificationToken": document.getElementById("__RequestVerificationToken").value},
success: function(data){console.log(data);}
})
The following expected response is received from iMIS:
Object {readyState: 1, getResponseHeader: function, getAllResponseHeaders: function, setRequestHeader: function, overrideMimeType: function…}
Object {$type: "Asi.Soa.Core.DataContracts.PagedResult`1[[Asi.Soa.…oa.Membership.Contracts]], Asi.Soa.Core.Contracts", Items: Array[100], Offset: 0, Limit: 100, Count: 100…}
Pass-through access: Not logged into iMIS (OAuth 2.0)
The following information applies to iMIS 2017 starting with Service Pack F and iMIS EMS.
The OAuth 2.0 token security is used for external or cross-site access to the ASI Scheduler web API. After an authorization request to access the server is posted, the tokenreceived is added to the headers of all other requests. For details on using the OAuth2.0 framework, go to http://www.oauth.net/.
The correct URL format for retrieving a token:
https://YourOrgSite.com/token/
The correct URL format to access the iMIS API is:
https://YourOrgSite.com/api/
//Change the url, realusername and realpassword. This can be sent through the browser's dev tools console (f12).
jQuery.ajax({
"method": "post",
"url": "https://YourOrgSite.com/token",
"contentType": "application/x-www-form-urlencoded",
"data": {
"Grant_type":"password",
"Username":"realusername",
"Password":"realpassword"}
})
.done(function(data) {console.log(data);})
.fail(function(data) {console.log(data);})
Direct access (OAuth 2.0)
The following information applies to iMIS 2017 Service Pack E and before, and all previous versions of iMIS.
The OAuth 2.0 token security is used for external or cross-site access to the ASI Scheduler web API. After an authorization request to access the server is posted, the tokenreceived is added to the headers of all other requests. For details on using the OAuth2.0 framework, go to http://www.oauth.net/.
The correct URL format for retrieving a token:
https://YourOrgSite.com/asiScheduler/token/
The correct URL format for accessing the iMIS API is:
https://YourOrgSite.com/asiScheduler/api/
Do the following to use OAuth 2.0:
- Obtain an access token.
- Add the token to headers.
- Make a request.
C# Examples
using System;
using System.Collections.Generic;
using System.Net;
using System.Net.Http;
using System.Net.Http.Headers;
using Newtonsoft.Json;
namespace AsiRestApiAccess
{
public static class Program
{
public static HttpClient Client;
static Program()
{
// set HTTP Client's base address to target iMIS instance scheduler/service
Client = new HttpClient
{
BaseAddress = new Uri("https://testapi.imis.com/Asi.Scheduler_SDKDemo/")
};
// address client's certificate and header values
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
Client.DefaultRequestHeaders.Accept.Clear();
Client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
// POST to the iMIS token endpoint with form-encoded data set, which should be modified to
// correspond to your iMIS instance's MANAGER/RemoteService user
var response = Client.PostAsync("token", new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", "demouser"),
new KeyValuePair<string, string>("password", "demo123")
})).Result;
// deserialize incoming JSON to Token object specified below, attach token to client's authorization
// header with the 'Bearer' prefix to being making authenticated requests to iMIS
Token token = JsonConvert.DeserializeObject<Token>(response.Content.ReadAsStringAsync().Result);
Client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer", token.AccessToken);
}
/// <summary>
/// C# class representation of iMIS Bearer Token, used to authenticate additional requests
/// </summary>
internal class Token
{
[JsonProperty("access_token")] public string AccessToken { get; set; }
[JsonProperty("token_type")] public string TokenType { get; set; }
[JsonProperty("expires_in")] public int ExpiresIn { get; set; }
[JsonProperty("userName")] public string UserName { get; set; }
[JsonProperty(".issued")] public string Issued { get; set; }
[JsonProperty(".expires")] public string Expires { get; set; }
}
static void Main(string[] args)
{
}
}
}
using System;
using System.Collections.Generic;
using System.Net;
using System.Net.Http;
using System.Net.Http.Headers;
using Newtonsoft.Json;
namespace AsiRestApiAccess
{
public static class Program
{
public static HttpClient Client;
static Program()
{
// set HTTP Client's base address to target iMIS instance scheduler/service
Client = new HttpClient
{
BaseAddress = new Uri("https://testapi.imis.com/Asi.Scheduler_SDKDemo/")
};
// address client's certificate and header values
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
Client.DefaultRequestHeaders.Accept.Clear();
Client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
// POST to the iMIS token endpoint with form-encoded data set, which should be modified to
// correspond to your iMIS instance's MANAGER/RemoteService user
var response = Client.PostAsync("token", new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", "demouser"),
new KeyValuePair<string, string>("password", "demo123")
})).Result;
// deserialize incoming JSON to Token object specified below, attach token to client's authorization
// header with the 'Bearer' prefix to being making authenticated requests to iMIS
Token token = JsonConvert.DeserializeObject<Token>(response.Content.ReadAsStringAsync().Result);
Client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer", token.AccessToken);
}
/// <summary>
/// C# class representation of iMIS Bearer Token, used to authenticate additional requests
/// </summary>
internal class Token
{
[JsonProperty("access_token")] public string AccessToken { get; set; }
[JsonProperty("token_type")] public string TokenType { get; set; }
[JsonProperty("expires_in")] public int ExpiresIn { get; set; }
[JsonProperty("userName")] public string UserName { get; set; }
[JsonProperty(".issued")] public string Issued { get; set; }
[JsonProperty(".expires")] public string Expires { get; set; }
}
/// <summary>
/// Small example utilizing the above created and authenticated HTTP client
/// </summary>
/// <param name="args"></param>
static void Main(string[] args)
{
const string itemId = "G15"; // Product code
var item = Client.GetAsync($"api/item/{itemId}").Result;
if (item != null && item.IsSuccessStatusCode)
{
Console.WriteLine("Product: {0}", item.Content.ReadAsStringAsync().Result);
}
}
}
}
using System;
using System.Collections.Generic;
using System.Net;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Threading.Tasks;
using Asi.Soa.Membership.DataContracts;
using Newtonsoft.Json;
namespace RestDemo
{
class Program
{
const string baseUrl = "https://server.com/asischedulerv10/";
static void Main(string[] args)
{
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
RestDemo().Wait();
}
static async Task RestDemo()
{
// Create the client
using (var client = new HttpClient())
{
// Format headers
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
// Request token, and append to headers
await AddTokenToHeaders(client);
// Query HTTP Service
var response = await client.GetAsync(baseUrl + "api/PartySummary/DEE24443-554B-4056-AFB1-2963F0C5E4FE");
if (response.IsSuccessStatusCode)
{
// Deserialize response to DataContract
var party = await response.Content.ReadAsAsync<PartySummaryData>();
if (party != null)
Console.WriteLine(party.Name);
}
}
}
private static async Task AddTokenToHeaders(HttpClient client)
{
// POST token request with credentials
var response = await client.PostAsync(baseUrl + "Token",
new FormUrlEncodedContent(
new[]
{
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", "johnt"),
new KeyValuePair<string, string>("password", "demo123"),
}));
// Deserialize JSON response to token class
var token = await response.Content.ReadAsAsync<Token>();
if (token != null)
{
client.DefaultRequestHeaders.Add("Authorization", string.Format("Bearer {0}", token.AccessToken));
}
}
private class Token
{
[JsonProperty("access_token")]
public string AccessToken { get; set; }
}
}
}
Updated almost 2 years ago