1SMS REST APIs

The REST APIs available within 1SMS are documented below.

Project REST Endpoint Doc Location
1Exchange http://[server]:[port]/restview/rest/ http://[server]:[port]/restview/api/index.html
1Transact http://[server]:[port]/ms-transact-review/rest/ http://[server]:[port]/ms-transact-restview/api/index.html
1Workflow http://[server]:[port]/wf/rest/ http://[server]:[port]/wf/api/index.html
1Plan http://[server]:[port]/pcs/rest http://[server]:[port]/pcs/api/index.html

Authentication

The authentication mechanisms for the 1SMS REST APIs, as shown in the table above, are all the same. Security is implemented using HTTP Basic authentication by providing either a username and password, or a username and token in the header.

Tokens provide better security as the password is not provided with every request and the same token can be used across the different REST endpoints, as long as they are all share the same security schema (even if installed on different WebLogic servers).

Acquiring Tokens

A token can be acquired by sending a POST request to the /mstoken resource under any of the components' user interface endpoints, e.g. http://[machine]:[service_port]/1plan/mstoken. This POST request must have the username and password provided in the Authorization section of the request header, presented in the standard HTTP Basic format.

Example: POST request to receive a token in HTTP Basic format

Authorization: Basic <string>

Where <string> is the base-64 encoded value for username:password.

The POST request will return a security token in the body of the response which can then be used in the subsequent REST API calls to any of the components.

Then, any call to the REST APIs of the components can be secured with HTTP Basic authentication, providing each request with either username:password or username:token for the credentials in the standard HTTP Basic format.

Example: Call to REST API components with HTTP Basic Authentication

Authorization: Basic <string>

Where <string> is either the base-64 encoded value for username:password or the base-64 encoded value for username:token.