1SMS REST APIs

The REST APIs available within 1SMS are documented below.

Project	REST Endpoint	Doc Location
1Exchange	http://[server]:[port]/restview/rest/	http://[server]:[port]/restview/api/index.html
1Transact	http://[server]:[port]/ms-transact-review/rest/	http://[server]:[port]/ms-transact-restview/api/index.html
1Workflow	http://[server]:[port]/wf/rest/	http://[server]:[port]/wf/api/index.html
1Plan	http://[server]:[port]/pcs/rest	http://[server]:[port]/pcs/api/index.html

Authentication

The authentication mechanisms for the 1SMS REST APIs, as shown in the table above, are all the same. Security is implemented using HTTP Basic authentication by providing either a username and password, or a username and token in the header.

Tokens provide better security as the password is not provided with every request and the same token can be used across the different REST endpoints, as long as they are all share the same security schema (even if installed on different WebLogic servers).

Acquiring Tokens

A token can be acquired by sending a POST request to the /mstoken resource under any of the components' user interface endpoints, e.g. http://[machine]:[service_port]/1plan/mstoken. This POST request must have the username and password provided in the Authorization section of the request header, presented in the standard HTTP Basic format.

The POST request will return a security token in the body of the response which can then be used in the subsequent REST API calls to any of the components.

Then, any call to the REST APIs of the components can be secured with HTTP Basic authentication, providing each request with either username:password or username:token for the credentials in the standard HTTP Basic format.