API Source is an External Identity Source Plugin designed to integrate with upstream sources via a REST API.
The data format used by this Plugin is based on the TAP Attribute Dictionary. As such, while the COmanage-specific term External Identity Source is generally used in this documentation, the TAP term System of Record is used when referencing elements directly related to the TAP definitions. Practically speaking, these terms can be used interchangeably.
Configuration
- API Source is part of the ApiConnector Registry Plugin, which must be activated.
- When adding a new External Identity Source, the Plugin is
ApiConnector.ApiSources
.
Modes
API Source supports three modes of operation:
- Push Mode: The External Identity Source sends records to API Source via a standard API
- Pull Mode: API Source queries the External Identity Source via the EIS's API (not yet implemented)
- Poll Mode: API Source polls an endpoint (typically a message bus) for records to process (not yet implemented)
Push Mode
Push Mode requires the creation of an API User. The specified API User will have read/write access to the API Source API, the endpoint of which is made available via the API Source configuration page. It is recommended to create an Unprivileged CO API User for this purpose, though any defined API User may be used.
Endpoints and Actions
Push Mode
The URL prefix for ApiSource operating in Push Mode is
https://server.org/registry-pe/api/apisource/apisourceid/v2/sorPeople/sorlabel/sorid
where
- apisourceid: The API Source ID for this instance of API Source
- sorlabel: The System of Record Label, as configured for the External Identity Source instance (the Plugin's Edit or Propertiespage)
- sorid: The System of Record's unique ID for the record being presented
apisourceid and sorlabel are used to find the correct instantiation of ApiSource. The exact URL is available from the API Source Configuration page. Within Registry, the sorid is referred to as source_key
.
The following actions are supported in Push Mode:
DELETE
: Remove the specified record from the set of records associated with this SoR. No body is expected.GET
: Obtain the current record for the specified SOR ID. The response will be a record in the same format as wasPUT
.PUT
: Add a record for the specified SOR ID, or update an existing record. The body of the request is in the message format described below.
The following HTTP Response Codes may be returned:
200
: An existing record was found and deleted, returned, or updated (as appropriate for the action).201
: The record was successfully stored and processed (PUT
only).202
: The record was accepted, but further processing (and possibly administrator action) is required.401
: Unauthenticated / authorization failed.404
: The specified record does not exist (DELETE
orGET
only).500
: An error occurred.
The Response Codes are based on the API Source message itself. So, for example, if a new record is sent via API Source that matches via the Pipeline configuration to an existing Person, the result will be a 201
response due to the new API Source Record, and not 200
(for the existing Person).
Message Format
The message body for all API Source transactions is defined in this JSON Schema file.
PUT (Request)
The request must include both Content-Type
and Accept
headers with values of application/json
. See Request Headers for more information.
Formatting Notes
Deleting Single Value Attributes
In order to delete a single valued attribute such as title
or validFrom
, send a blank value (not null
, and do not omit the attribute entirely). For example
"roles": [ { "roleIdentifier": "1", "status": "A", "affiliation": "faculty", "organization": "School of Philosophy and Biopharmacology", "department": "Department of Metaphysics", "title": "Associate Professor of Metaphysical Microbiology", "validFrom": "2019-09-01T00:00:00", "validThrough": "" } ]
Role Identifier
The Role Identifier need only be unique within the External Identity, it does not need to be unique across all records from the External Identity Source. Note the use of the attribute roleIdentifier
in the message format (to align with the standard API terms) for what the Registry data model calls role_key
.
Status
The status
field must be specified using the enumeration value (the one or two character code as listed in the JSON Schema definition), not the english language word. These values are:
A
: ActiveD
: ArchivedD2
: DuplicateGP
: Grace PeriodS
: Suspended
For more information on External Identity Role status, see Data Model Considerations.
Example Message
{ "sorAttributes": { "names": [ { "type": "official", "given": "Pat", "middle": "X", "family": "Lee" } ], "dateOfBirth": "1990-04-25", "identifiers": [ { "type": "national", "identifier": "541-00-3732" } ], "emailAddresses": [ { "type": "personal", "address": "patxlee@email.nil", "verified": true } ], "addresses": [ { "type": "home", "streetAddress": "3593 Red Maple Drive", "locality": "Los Angeles", "region": "CA", "postalCode": "90046", "country": "US" } ], "telephoneNumbers": [ { "type": "home", "number": "323-555-1208" } ], "urls": [ { "type": "personal", "url": "https://metaphysics.spb.ac.nil/plee" } ], "adhoc": [ { "tag": "flavor", "value": "chocolate" } ], "roles": [ { "roleIdentifier": "1", "status": "A", "affiliation": "faculty", "organization": "School of Philosophy and Biopharmacology", "department": "Department of Metaphysics", "title": "Associate Professor of Metaphysical Microbiology", "validFrom": "2019-09-01T00:00:00", "validThrough": "2020-08-31T23:59:59", "managerIdentifier": "E79725186", "sponsorIdentifier": "E69813130", } ] }, "returnUrl": "https://registry.myvo.org/localapps/post-enrollment?regid=12345" }
See Also
- Writing Registry PE Plugins (Data Model Considerations and Handling Inactive Roles)
- Registry Table: api_sources
- Registry Table: api_source_records
Changes From Earlier Versions
As of Registry v5.0.0
- Message Meiosis is no longer supported, as the native data structures now permit multiple Roles.
- Time specifications no longer use the
Z
notation. Strictly speaking this is not compliant with the TAP API, and is subject to change in a future release (CFM-352).