Using Aptify SOA with Postman

This topic contains step by step instructions for how to use Aptify SOA with Postman.

Getting Started

Before you start, you need to download:

This will allow you to make calls to your server and help demystify the SOA layer.

Now, to create an environment follow the steps given below:

  1. Open Postman.
  2. Click 'Import' button located on top bar.

  3. Navigate to the location of the collection file by drag and drop method or browse the files.

    Expected Result

    The success message will be displayed.

  4. Click 'Manage Environments'.



  5. Add a new environment with any name and the following key and value as given in below table:

    Key

    Value

    BaseServiceURL https://[name of the server you are installing the SSO on]/AptifyServicesAPI/services


  6. Click Submit

    Expected Result

    The new environment will be created.

  7. Now, select that environment so that BaseServiceURL in the call URL will be replaced by the environment created.
  8. In 'Preferences', go to Settings →  Language Detection → JSON.

Postman is nice enough to send the token for us in any request made after logging. When you start making calls through code (JavaScript, .NET or anything else) then we need to manually add the token in the header.

 

When token is not passed automatically

Sometimes Postman does not pass the token automatically. In these cases you will need to manually add the token to all requests as given below:

Header Name: AptifyAuthorization

Header Value: Authentication Provider (SQL, Domain, etc.) and the token separated by a single space.

 

Working with CSRF Tokens

If you navigate to web.config, you would find a setting like this
<add key="Aptify.Services.CORS.AccessControlExposeHeaders" value="__RequestVerificationToken; CSRFDefenseInDepthToken"/>

These are the header values which are validated during the CSRF validation. We need to fetch these values from the Authentication/User Information Response, and send these values in the Headers with any of the POST/PATCH/DELETE requests.

One easy and automated way of doing these is shown below.

1. Under the "Tests" tab of postman request, add below script, which will fetch these values from Response Headers and set in postman environment variables

var data = JSON.parse(responseBody);
postman.setGlobalVariable("LinkId"data.userInfo.LinkId);
// var CSRFDefenseInDepthToken = pm.response.headers.get("CSRFDefenseInDepthToken")
pm.environment.set("__RequestVerificationToken"pm.response.headers.get("__RequestVerificationToken"));
pm.environment.set("CSRFDefenseInDepthToken"pm.response.headers.get("CSRFDefenseInDepthToken"));
pm.test("Status code is 200"function () {
    pm.response.to.have.status(200);
});
 

2. For any POST/PATCH/DELETE requests, paste below script under the Pre-Request Script tab, which will set these values in headers before sending the request

 
pm.request.headers.add({
    'key'"__RequestVerificationToken",
    'value'pm.environment.get("__RequestVerificationToken")    
});
pm.request.headers.add({
    'key'"CSRFDefenseInDepthToken",
    'value'pm.environment.get("CSRFDefenseInDepthToken")    
});



Configuring Web Users

If you want to use web users instead of the usual 'sa' user, follow the instruction given on Configure Web User Authentication page. Ensure that you change Username and Password on the login call.

Creating views for testing

If you have the Configuration Migration Tool installed in your system you can just unpack the metadata pack (Postman.cmpack.zip file attached to this article) and skip this part.

For manual installation follow the steps given below: 

Prompted View

Under the Persons service, create a Prompted List View which expects:

  • FirstName and LastName - Call the View 'Find People SOA'

Service Data Object

For more detail explanation on how to create SDO's click here.

  1. Create a new database object with the following details:
    1. Name: spSearchCompanyByID 
    2. DB: Aptify
    3. Type: Stored Procedure
    4. SQL:

      CREATE PROCEDURE spSearchCompanyByID (@ID bigintAS
      SELECT ID,
      Name
      FROM Company
      WHERE ID = @ID

    5. Grant SQL:

      GRANT EXECUTE ON spSearchCompanyByID TO EndUsers

  2. Create a new service data object with the following details:

    1. Name: spSearchCompanyByID 

    2. SQL: spSearchCompanyByID 
    3. Under Parameters create one record
      1. Name: ID
      2. Is Required: Checked

Service Process Flow (SPF)

For more info about SPF click here.

  1. Create a new process flow with the following details:
    1. Name: Create Contact Log
    2. Input Properties:
      1. EntityID - Long, not required, default: 1006
      2. RecordID - Long, required
      3. Description - String, required
    3. Result Codes:
      1. SUCCESS
      2. FAILURE
    4. Add a stock 'Create Contact Log' component
      1. Description: Context Object - Description
      2. CategoryID: Static Value - 1
      3. On the Output Map tab:
        • GEObject: Context Object - ContactGE
    5. Add a stock 'Create ContactLogLink' component
      1. ParentGEObject: Context Object - ContactGE
      2. EntityID: Context Object - EntityID
      3. AltID: Context Object - RecordID
      4. Action Map tab: Change both to 'End Process' and set the Process Flow result accordingly.
    6. Link 'step d' to the 'step e' on Success.
    7. Set the failed result to end process in 'step d'.



    8. Save the process flow.
    9. Navigate to Web Services > Service Process Flows.
  2. Create a new SPF with the following details:
    1. Name: Create Contact Log
    2. Process Flow: The one we just created (Create Contact Log)
    3. Save the new SPF.

Just in case, please restart IIS, before using Postman.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.