Call Web API from external system

Hi Everyone,

I am new to Integrations/Web API concept and need your suggestion/knowledge sharing on the below points.

I have created a Web API and it fetches the data of few fields from Appian DB in JSON which I want to be accessed out of Appian by Non-Appian users

When I tested using the web API url where I have already logged in as system Admin It is fetching the data and an option to download the data as a document is coming in browser.

But if the same url is accessed by non-Appian user the document is not getting opened or not even getting saved. As per my requirement even non-Appian users should access this data. Any suggestions for achieving this requirement would be helpful. And below are my questions on Web API

1) Can Web API be used by Non-Appian users for accessing or writing data in/out of Appian?

2) When I have gone through about Web API in community, it was mentioned that a Basic user Authentication is needed for accessing Web API. Can a generic Basic user account can be used by multiple users?

3)How to add the authentication details in Web API url 

4)For authentication purpose any configuration to be done in Admin Console

4) I came to know that some tools like Postman,swagger,Advanced REST client tool etc. are used for accessing the url, are any of those tools mandatory to access the Web API? I can't get any of them in our client network.

Your inputs will be very much helpful. Thanks in advance.

  Discussion posts and replies are publicly visible

Parents
  • Hello Bhanu,

    1) no the web api requires a named user on the system

    2) yes a basic user can use a webapi as long as that user has enough rights to execute it.

    Regarding your question if one user can be used by multiple, I recommend to reach support or your trusted vendo to figure it out if you contract allows it. I don’t thinks so but please check it.

    3) the authentication goes on the http headers.

    4) you create users on the admin console and assign groups in designer. So it is a mix of places to set it up.

    5 ) googling “postman test rest api”I found this link,

    I have to say that you can even test it using Curl command in Linux ,

    curl -u [username]:[password] https://[Appian Site]/suite/webapi/[webapi path]

    or any tool that allows you to make a http request.

    Take a look

    Hope this helps

    Jose

Reply
  • Hello Bhanu,

    1) no the web api requires a named user on the system

    2) yes a basic user can use a webapi as long as that user has enough rights to execute it.

    Regarding your question if one user can be used by multiple, I recommend to reach support or your trusted vendo to figure it out if you contract allows it. I don’t thinks so but please check it.

    3) the authentication goes on the http headers.

    4) you create users on the admin console and assign groups in designer. So it is a mix of places to set it up.

    5 ) googling “postman test rest api”I found this link,

    I have to say that you can even test it using Curl command in Linux ,

    curl -u [username]:[password] https://[Appian Site]/suite/webapi/[webapi path]

    or any tool that allows you to make a http request.

    Take a look

    Hope this helps

    Jose

Children
  • 0
    A Score Level 1
    in reply to josep

    Thank you Josep for your response. your information is very clear and helpful.

    Regarding point 4, what I mean to ask is other than creating basic user and providing security through Group to Web API, is there any set up need to be made in Admin Console like adding the site as trusted site if I the Web API url is accessed in a site out of Appian box?

    Once again Thanks for all the inputs...

  • Unless you are trying to do something extra like single sign on, or calling another service in the webapi then doesn’t sound like you need anything else.

    Is there anything that you saw on the console that could be causing confusion? Or was the reason for you to ask this?

    Jose

  • 0
    A Score Level 1
    in reply to josep

    Hi Josep, I remember some where in apian community discussions I have read about it so was confirming on the same. Thanks for the information.

  • 3) For baisc authentication, you can give it somewhat like this:

    If you are not using SAML, you can create API key (along with Service Account) in Admin Console for the Web API, that you created.

    -----------------or--------------------

    f you are using SAML, in the WebAPI code,

     a!httpHeader(name: "Authorization", value: "Basic <<Username:Password>>")

    In the value tag, you encode username and password (which you created to be used for Web API) to base64 in the format: username:password and add Basic as a prefix.

  • Hi Apporv, Thanks for the reply. 

    We are not using SAML, Can you please tell me in detail what needs to be done for authentication.

    Like how to give authentication details in Http Header and how to call the Web-API link by passing the Basic user credentials.

    Also I am not clear on what you have mentioned to create API key in Admin Console. Could you please give more details and any sample code will be really helpful for me. Thanks

  • To test your API use postman  application, create a webapi as GET in appian with an endpoint and use basic authentication. Here' s a simple GET API response code that you can test with 

    a!httpResponse(
      /*
      * The 'statusCode' parameter is a number that represents the HTTP status code
      * of the response. If no status code is specified, a default of '200' is used,
      * meaning that the request was successful.
      */
      statusCode: 200,
    
      /*
      * The 'headers' parameter is a list of HTTP headers to include on the response.
      * HTTP headers should be built with 'a!httpHeader()'.
      */
      headers: {
        a!httpHeader(name:"Authorization", value:"Basic sdsdefberirefuncvuebufe")
      },
    
      /*
      * The 'body' parameter is the text that will be included in the HTTP response's
      * body.
      */
      body: " YOU JUST ROCKED THE API"
      )

    In the a!httpHeader(name:"Authorization", value:"Basic " use the code that you get from postman . On Postman create a GET API , enter the url you generated from the webapi in appian enter username and password of the user that is authorized to use the API then click on "code" it will generate the API Basic token that you need to add to the a!httpHeader(name:"Authorization", value:"Basic cdcdcdc dc df" in the API configuration in Appian.

    Note : this is only for Basic Authentication method, starting 19.2  API are can be controlled by API key that are associated with the service account more information can be found here.

  • Hi Apoorv,

    Could you provide more details for SAML enabled environment.