- Welcome to the EasyVista Wiki
- Integrations
- Web Services REST
Web Services REST
Contents
REST (Representational State Transfer) is an architectural style for distributed hypermedia systems. It is based on the HTTP protocol for accessing resources (thanks to their unique URI) using various operations supported natively by the protocol: GET (read), POST (write), PUT / PATCH (modify), DELETE (delete).
Operating principle:
1. A consumer makes an application via a request to a REST API with a web services provider.
2. The REST web service carries out the request and returns a response to the consumer in the form of a data stream (usually JSON format, this format having become established over the years).
3. The consumer uses the response as part of an application he/she has developed.
can be:
- Supplier of REST web services thanks to its REST API: the services offered are well-defined business functions.In this case, the third-party application (e.g. another Service Desk application) must call the
Component of creation or suspension of an incident in REST web service sending the values expected by the web service parameters (e.g. the number of the incident to suspend); processing is then carried out as if was active.
- Consumer using external REST web services.In this case, the external REST web service must be declared and configured in the Administration > REST > Services menu before it can be accessed from a step in the process (via a REST action). Use, during a workflow step, of an external component for resetting passwords
Notes
- The REST API exchange format is JSON.
- The API REST allows to manage the following resources.
| Ressource | Objet JSON | Table SQL |
|---|---|---|
| assets | asset | AM_ASSET |
| catalog-assets | catalog-assets | AM_CATALOG |
| catalog-requests | catalog-requests | SD_CATALOG |
| configuration-items | configuration-items | AM_ASSET |
| departments | department | AM_DEPARTMENT |
| employees | employee
alias : recipient ; requestor ( * ) |
AM_EMPLOYEE |
| known-problems | known-problem | SD_KNOWN_PROBLEMS |
| locations | location | AM_LOCATION |
| manufacturers | manufacturer | AM_MANUFACTURER |
| requests | request | SD_REQUEST |
| slas | sla | SD_SLA |
| status | status | SD_STATUS |
( * ) The employee JSON object has 2 alias which are used for the requests resource to manage the case of the foreign keys submitted_by and recipient_id of the SD_REQUEST table.
- The methods (operations) PUT and PATCH which allow to modify a specified resource are equivalent.
- The methods which allow to obtain a specified resource or to modify a specified resource use a mandatory parameter that corresponds to a field of the database for which we can guarantee the uniqueness.
asset_id parameter for the following methods:- GET /assets/{asset_id} : View an asset method
- PUT /assets/{asset_id} or PATCH /assets/{asset_id} : Update an asset method
- When you wish to obtain a specified resource or to modify a specified resource for which the third-party system does not know the value of the field used as parameter, you should use the method to obtain a list by applying the desired search/filter options on the fields of the database. You can then use the link URL (HREF) provided which contains the unique identifier of each resource.
To obtain a specified access:- You should use the View a list of assets method (GET /assets) with the possible search/filter options on the fields asset_id, employee_id, location_id, department_id.
- Then you can use the link URL: "HREF": "https://{your_server}/api/v1/{your_account}/assets/27590" to access the asset of which the identifier is 27590.
- Results (JSON format) are returned in the language of the user for which the account is used to access to the REST API.
Best Practice
- To run your tests, you shoud use:
- The HTTP request library providing by
. It contains a set of examples which may help you understand and use the REST API and run tests in your specific environment if required. - Postman (extension of Chrome). It is an excellent third-party tool for mechanizing API tests; particularly REST API.
- The HTTP request library providing by
Licensing and security system
- All operations carried out with REST API require a login in order to access a specific domain. Each time a call is made to the API, user access is recorded.
- For security reasons and to prevent unwanted use of the REST API by standard users, the REST API field has been added to profile management. It allows you to define a dedicated profile and user to the API use.
See the Procedure
Procedures
How to search and filter in the database
Search/Filter By field
- In the HTTP requests, you can do a search/filter on one or several fields of the database by using the names of corresponding objects. However, you cannot use only once the same object in the same request (the union is not possible).
The syntax to be used is the following one:
search={(prefix_object_name_1.)object_name_1}:{object_name_value_1}(,{(prefix_object_name_2.)object_name_2}:{object_name_value_2})
- (prefix_object_name_x.): Prefix to be only indicated when the wished object is contained in another object.
- object_name_x: Name of the used object. Mandatory parameter.
- object_name_value_x: Value of the used object. Mandatory parameter.
Requests examples
| Correct |
|---|
/employees?search=last_name:"Morley, Gaby" /assets?search=asset_tag:"1012D" /assets?search=employee.last_name:"Taverner, David" /assets?search=department.department_en:"Finance" /requests?search=department.department_en:"Industry" /requests?search=status.status_en:"Closed" /requests?search=status.status_en:"In Progress",submit_date_ut:this_week&sort=recipient.last_name+asc /requests?search=recipient.last_name:"Morley, Gaby" /requests?search=requestor.last_name:"Morley, Gaby" /requests?search=recipient.last_name:"Morley, frédérique",status.status_en:"In Progress" /requests?search=recipient.e_mail:fpachelbel@evtry.com,status.status_en:"Escalated" /requests?search=recipient.e_mail:adam@evtry.com,status.status_en:"In Progress",submit_date_ut:today /requests?search=recipient.last_name:"Adam, George",status.status_en:"Closed",submit_date_ut:this_year /requests?search=recipient.last_name:"Adam, George",status.status_en:"In Progress",submit_date_ut:this_week&sort=submit_date_ut+asc |
| Incorrect |
|---|
/requests?search=recipient.e_mail:adam@evtry.com,morley@evtry.com /requests?search=recipient.e_mail:adam@evtry.com,recipient.e_mail:morley@evtry.com /requests?search=recipient.e_mail:adam@evtry.com&morley@evtry.com /requests?search=recipient.e_mail:adam@evtry.com&recipient.e_mail:morley@evtry.com |
- You can use the wildcard character *, by replacing the character : by the character ~ (equivalent to the LIKE SQL instruction).
The syntax to be used is the following one:
search=object_name~"*value*"
- View the list of all CI which the asset tag begins with ZS: ZS_001, ZS_002, ...
/configuration-items?search=asset_tag~"ZS*" - View the list of employees which the last name contains Talma: Talma, Karl ; Talma, William ; ...
/employees?search=last_name~"Talma*" - To view only the employee which names Talma, Karl, use the character :
/employees?search=last_name:"Talma, Karl"
Search/Filter by date ===
Note: The expected date format is that employed by the logged-in REST API user.
- Filtering by date can be carried out in all Date fields.
- Date intervals are inclusive.
- You can use predefined intervals.
search=SUBMIT_DATE_UT:last_week
search=SUBMIT_DATE_UT:3daysbefore
search=SUBMIT_DATE_UT:3daysbefore
List of the possible values (Note: Not case sensitive):
- this_year
- this_month
- this_week
- this_day / today
- last_year
- last_month
- last_week
- first_quarter / Q1
- second_quarter / Q2
- third_quarter / Q3
- fourth_quarter / last_quarter/ Q4
- next_day / tomorrow
- next_week
- next_month
- next_year
- daysbefore
- daysafter
- You can use specific intervals.
From 05/10/2016 to 06/10/2016
search=SUBMIT_DATE_UT:(10/05/2016;10/06/2016)
Procedure_RESTAPIUser
How to define a dedicated user to the REST API
Step 1: Create a REST API profile
1. Select Administration > Access Management > User Profiles in the menu.
2. Create a new profile and check the REST API box to give him the authorization to use the REST API.
Step 2: Create a dedicated user, authorized to carry out REST requests
1. Proceed to the employee directory: select Asset Management / Operation / Transition / Extended CMDB / Projet > Directory > Employee in the menu.
2. Create a new user and assign the profile previously created.
All multilingual data will be displayed in that user's language.
EndProcedure_RESTAPIUser
API References
Access to REST functions
Access is via a URL of format:
https://{your_server}/api/v1/{your_account}/{resource_name}
- {your_server}: server URL
https://your_company.easyvista.com
- {your_account}: Account used
50004: Production base; 50005: Sandbox base
- {resource_name}: Name of the resource called
requests ; assets ; employees
https://your_company.easyvista.com/api/v1/50004/employees
List of the REST API functionalities
Assets
Note: The Assets term includes equipment / licenses / contracts.
- View a list of assets : GET /assets
- View an asset : GET /assets/{asset_id}
- Create an asset : POST /assets
- Update an asset : PUT /assets/{asset_id}
- View a list of entries of one of the asset catalog : GET /catalog-assets
- View an entry of one of the asset catalog : GET /catalog-assets/{catalog_id}
- View the list of links of an asset : GET /assets/{asset_id}/asset-links
- View an asset link : GET /assets/{asset_id}/asset-links/{parent_asset_id}
- Create an asset link : POST /assets/{asset_id}/asset-links/{parent_asset_id}
- Update an asset link : PUT /assets/{asset_id}/asset-links/{parent_asset_id}
- Delete an asset link : DELETE /assets/{asset_id}/asset-links/{parent_asset_id}
Manufacturers
- View a list of manufacturers : GET /manufacturers
- View a manufacturer : GET /manufacturers/{manufacturer_id}
Employees
- View a list of employees : GET /employees
- View an employee : GET /employees/{employee_id}
- Create an employee : POST /employees
- Update an employee : PUT /employees/{employee_id}
SLAs
- View a list of SLAs : GET /slas
- View a SLA : GET /slas/{sla_id}
Tickets
Note: The Tickets term includes incidents, service requests, change requests, investment requests, problems, events.
- View a list of entries of one of the ticket catalog : GET /catalog-requests
- View an entry of one of the ticket catalog : GET /catalog-requests/{catalog_id}
- View the list of paths of the entries of one of the ticket catalog : GET /catalog-requests-paths
- View the list of paths of an entry of one of the ticket catalog : GET /catalog-requests-paths/{catalog_id}
- View a list of tickets : GET /requests
- View a ticket : GET /requests/{rfc_number}
- View the justification (comment) of a ticket : GET /requests/{rfc_number}/comment
- View the list of the URL of documents attached to a ticket : GET /requests/documents/{rfc_number}
- Create a ticket : POST /requests
- Upload and attach a document to a ticket : POST /requests/{rfc_number}/documents
- Update a ticket : PUT /requests/{rfc_number}
- Close a ticket : PUT /requests/{rfc_number}
- Suspend a ticket : PUT /requests/{rfc_number}
- Reopen a ticket : PUT /requests/{rfc_number}
- Finish an action attached to a ticket : PUT /actions/{rfc_number}
- Create a task for a ticket : POST /requests/{rfc_number}/tasks
Departments / Locations
- View a list of departments : GET /departments
- View a department : GET /departments/{department_id}
- View a list of locations : GET /locations
- View a location : GET /locations/{location_id}
Configuration items (CIs)
- View a list of CIs : GET /configuration-items
- View a CI : GET /configuration-items/{ci_id}
- View the list of the links of a CI : GET /configuration-items/{ci_id}/item-links
- View a CI link : GET /configuration-items/{parent_ci_id}/item-links/{child_ci_id}
- Create a CI link : POST /configuration-items/{parent_ci_id}/item-links/{child_ci_id}
- Update a CI link : PUT /configuration-items/{parent_ci_id}/item-links/{child_ci_id}
- Delete a CI link : DELETE /configuration-items/{parent_ci_id}/item-links/{child_ci_id}
Others
- Execute an internal query : GET /internalqueries
HTTP status codes
StatusHeader
| Code | Error | Description |
|---|
EndStatusHeader
Status200
| 200 | OK (Success) | Request processed successfully. |
EndStatus200
Status201
| 201 | Created | Request processed successfully and an item created. |
EndStatus201
Status204
| 204 | Deleted | Request processed successfully and an item deleted. |
EndStatus204
Status400
| 400 | Bad Request | Request formulated incorrectly and cannot be executed correctly. |
{ "error": "Nothing to update (check fieldnames)" } |
||
EndStatus400
Status401
| 401 | Unauthorized | Authentication process for accessing the resource is incorrect: Login/Password incorrect, Invalid session, Incorrect account. |
{ "error": "Invalid Login / Password" } |
||
EndStatus401
Status403
| 403 | Forbidden | Server refused to execute the request. Unlike error 401, authentication is accepted but access rights do not authorize the client to access the resource: The user does not have the REST API parameter enabled in their profile. |
EndStatus403
Status404
| 404 | Not Found | Resource not found: Incorrect URI, Missing resource, Incorrect communication with the server, rfc_number not found. |
{ "error": "Resource not found" } |
||
EndStatus404
Status405
| 405 | Method not allowed | Request method not authorized: not supported or not appropriate for the resource. |
{ "error": "Invalid input parameter" } |
||
EndStatus405
Status406
| 406 | Not acceptable | Resource not available in a format complying with the Accept headers of the request. Note: The exchange format of the REST API is JSON. |
EndStatus406
Status409
| 409 | Conflict | Unable to process request in the current state. Records cannot be modified or deleted. |
EndStatus409
Status413
| 413 | Request entity too large | Processing abandoned because the request was too large. |
EndStatus413
Status500
| 500 | Internal Server Error | Generic error message displayed when an unexpected condition is encountered and there is no appropriate message which is more specific. |
{ "error": "An error occured. A text message is returned in the body." } |
||
EndStatus500
Status503
| 503 | Service unavailable | Service temporarily unavailable or under maintenance. The request cannot be processed. |
EndStatus503
ConventionsAPI
REST API Conventions
| Convention | Meaning |
|---|---|
| Orange | Parameters used in an HTTP request string (URL) which do not correspond to database fields. |
| Method View a list of assets https://{your_server}/api/v1/{your_account}/assets?max_rows=3&fields=asset_tag |
|
| Black and Bold | Parameters used in the URL of an HTTP request which correspond to database fields. |
| Green | Parameters used in the body of an HTTP request which represent JSON object names corresponding to database fields; they allow the value of a database field to be assigned or modified. |
| Parameters used in the body of an HTTP request which represent JSON object names not corresponding to database fields. |
|
