Contents x
      REST Services Source
      • 05 May 2024
      • 6 Minutes to read
      • Print
      • Dark
        Light
      • PDF
      Contents

      REST Services Source

      • Updated on 05 May 2024
      • 6 Minutes to read
      • Print
      • Dark
        Light
      • PDF
      Article Summary

      In the PIP Settings UI you will create a new data source, give it a unique name, and choose the 'REST' adapter.

      Configuring the REST Service Data Source

      To configure a data source:

      1. Open the Tenant Settings screen and select PIP Settings.

      2. In the Policy Authorization Group drop-down menu, select a PAA from the list of available PAAs. The Data Source List and Views List for the selected PAA is displayed.

      3. Click New Data Source.

      4. In the Data Source Details section:

        • Enter the Display Name for the new Data Source.
        • In the Connection Adapter field, in the Webservice section, select REST.

      5. In the Connection Settings section under Policy Authorization Agent, select a PAA and then:

        • In the End Point field, enter your REST service endpoint base URL. For example, https://domain.com/data.
        • If your REST services use security, select the Security Type (for example: Httpbasic, Kerberos, OAuth). For OAuth, see OAuth Authentication Support.

      6. In the Models section, create a new model and give it a unique name.

      7. Under the DDL section, write a valid DDL to fetch REST attributes according to the REST service response. Here are some guidelines to help you create a DDL for REST service:

        • The general structure of the DDL is as follows:
      
 CREATE FOREIGN TABLE <Virtual_Table_Name>(

     <Attribute_Name> <Data_Type>,

     <Attribute_Name> <Data_Type> options (nameinsource '<relative JsonPath to the location of the field in the response>')

 ) OPTIONS (nameinsource '<JsonPath to the root location in the response>', "plainid:method" 'GET', "plainid:URI" '<ENDPOINT_URI_AFTER_BASE_URL>', "plainid:unwrap" '<True/False>');
      Important Note

      The JSON path used in the Attribute is a concatenation of the root JSON path from the general option and the relative JSON path with the attribute nameinsource.

      • The structure of this DDL includes the declaration of the table, declaration of all attributes, and a general options clause.

      Example:

      
  CREATE FOREIGN TABLE test (

      uid string,

      EntID string options (nameinsource 'Ent[*].id')

  ) OPTIONS (nameinsource '$', "plainid:method" 'GET', "plainid:URI" 'rest-test/getEntInFlight/UserID/$(uid)/', "plainid:unwrap" 'true');


      Available OPTIONS in the DDL

      ParameterDescriptionExample
      plainid:URIRelative URI for the REST request that is added to the endpoint. Users can add a variable to the URI, which is used as a dynamic parameter based on values from the WHERE clause./users/all
      /users/$(id)
      nameinsourceThis is in use both at the attribute level and endpoint level.

      - At the attribute level, this is optional and should be used when you need to use a different attribute name than the name in the response, or when you need to configure a specific JSON path for that attribute in the response.

      - At the endpoint level, this is mandatory and the value is the JSON path of the root location in the response to fetch all attributes from. For example, the response comes from the root of the response - $, but in other examples, it could be $.results[*], groups[*], or any other valid JSON path location.
      plainid:method (optional)
      Default: Get      		- The method is for the REST request. Supported methods are GET and POST (with params/payload).plainid:URI (mandatory)
      plainid:bodyJsonContentThis property contains the JSON content to be included as the request body in the POST request.
      - In the DDL, JSON should be converted into a string format.

      - When utilizing this property, a standard content-type header is applied to the request sent to the REST service.

      - Dynamic parameters can be employed within this payload, which dynamically adjusts the JSON content for POST requests. Users can add a variable in the JSON payload, which is used as a dynamic parameter based on values from the WHERE clause.      		'{"param a":"aaa","param b":1234,"param c":"$(attributeC)"}, "param d": true}'
      plainid:unwrap (optional)
      Default: false      		- This option is related to handling multi-value attributes. If set to true, the translator will create all permutations of values between array attributes.

      - If a response contains an attribute with three values, the PIP will create three records. If it contains two multi-values attributes, one with two values and the second with four values, PIP will create eight records.

      - Our support extends to unwrapping complex REST responses while ensuring that the relationship between attributes remains intact.

      Translator Properties

      Supportsfilter

      When using dynamic parameters in the forms of $(attribute) in the URI, a dynamic header, or JSON option, the supportsfilter property is mandatory and can be set to:

      • true: Filters are sent to the REST Data Source according to the Dynamic Parameters in the REST definition. After retrieving the data back from the REST endpoint, no additional filtering will occur, the data is considered as authorized, and is sent back to the requesting service (i.e. the PDP).

        • The advantage of the true setting is that users can leverage the Data Source filtering capabilities by applying Dynamic Parameters and reducing the overall performance and payload with a smaller and filtered dataset.

        • The drawbacks of this setting is that filtering is limited to the REST endpoint functionality, so only supported filters will be applied on the query. The REST Data Source needs to support all needed filters to avoid fetching unauthorized data.

      • false: Filters will not be transmitted to the REST Data Source. Instead, the data is fetched according the the REST definition without any dynamic filters. After the data is retrieved, the PIP settings applies filters to the dataset based on the incoming SQL query, and only then is the filtered data sent back to the requesting service (i.e. the PDP).

        • The advantage of false setting is that filters can vary and can be dynamically updated as the filtering takes place at the SQL level in PIP service.

        • The drawbacks of the setting is that it is required to fetch larger datasets (potentially all datasets) from the REST datasource to the PIP service, which can cause big payloads and performance issues.

      Note: If this property is not sent, the default is false.

      Multi-value Parameters

      When a multi-value attribute passes in the query, all the values are used in the dynamic parameters injected into the REST request.

      Examples:

      POST {
  "paramA": [
    "a1",
    "a2,
    "a3"
  ]
}

      GET ../../..?paramA=a1,a2,a3

      To partially filter the REST Data, refer to the section on Partial Filtering. You cab also check out the Data Source Filtering Parameters section for more information on how to filter data sources.

      Headers

      You can use the headers property if you need to inject custom headers into the REST request that will be sent. The value is a JSON containing a list of headers, for each the header name and an array of values in this form:

      • {"x-header1": ["value1", "value2"] ,"x-header2": ["value1", "value2"]}

      • Note that if you need to use X-Auth-Token to authenticate your REST endpoint, you can add the property ‘headers’ with the value{"X-Auth-Token":["<token>"]}.

      Dynamic Headers

      • When configuring headers in the translator property, users can optionally adjust dynamic header values denoted by $(<attribute_name>). For example, the structure of a header setup could be similar to the existing one: {"x-header-accountID":["$(accID)"]}. In this setup, $(accID) would be replaced with the value sent by runtime during the preparation of the REST request.

      • It is important to note that if the value of the dynamic parameter $(<attribute_name>) is null or empty (not sent in the runtime request), the corresponding header should be skipped instead of being sent empty.
        Note: Make sure the supportsfilter is set to true when setting up dynamic headers.

      Partial Filtering

      When using the above mentioned supportsfilter property you need to instruct the PIP that not all filters were pushed down to the REST Data Source, therefore further filtering of the fetched data is required. To support this scenario, you can use the supportsPartialFiltering translator property.

      When setting this property to true (false by default) you also need to add an additional option for each attribute you want to further filter after getting the response from the REST Data Source. The additional option is "teiid_rel:partial_filter" 'true' that should be added to the options section:
      attributeA string options (nameinsource '<option value>', <option x> '<option value>', "teiid_rel:partial_filter" 'true').

      Data Source Filtering Parameters

      ParameterDescriptionValues
      supportsfilterIndicates whether the Data Source supports filtering. Filtering is supported and a filtered dataset with a reduced payload is utilized if set to true.Valid values:
      True
      False
      supportsPartialFilteringAdds a partial filter for each relevant attribute. The partial filter instructs the PIP that further filtering is required since not all filters were pushed to the REST Data Source.Valid values:
      True
      False

      Set the supportsPartialFiltering property to True to use the optional
      Was this article helpful?
      What's Next