CA Live API Creatorprovides declarative definition of the following services:
- API.Create the default API by connecting to your database: GET, POST, PUT, and DELETE for each table, including GET/POST access to each view and stored procedure. You can create nested document resources or endpoints.
- Integration.Resources can combine data from multiple sources (SQL, Mongo, and RESTful), including updates between them.
- Security.Enforces endpoint access and row/column security.
The following image shows the architecture:
Specify your settings in API Creator. Activation is instantaneous. In API Creator, there is no code generation or deployment. In addition to RESTful APIs,
CA Live API Creatorprovides command-line interfaces (CLIs) to data and admin data. The CLIs are Node JS applications that require NodeJS. Data Explorer is created from the schema. Test your API and perform back-office database maintenance using Data Explorer.
In this article:
CA Live API Creatorstores your data source connections, resource definitions, logic, and security settings in API Server's admin database. The admin database is transparent for cloud/appliance users and Web application ARchive (WAR) users must configure it. You can export admin contents into a file for maintenance in a source control system.
You can access and manage the admin data stored in the admin database by way of the
CA Live API CreatorAdmin project API, which is a RESTful API. You can script the creation of APIs into an API Server using the Admin CLI.
For more information about how to script the creation of APIs, see API Creation by Command Line.
Declarative Services: Retrieval, Update Logic, Data Security
Customize your API, integrate more data sources, and specify your logic and security policy using the following declarative services:
- Retrieval.CA Live API Creatorprovides RESTful listeners, SQL processing, and JSON request/response processing for all endpoints.
- Update-logic execution.CA Live API Creatorenforces your logic on all PUT, POST, and DELETE requests. This enforcement applies to updates, to custom resources, and to tables.
- Data-security enforcement.CA Live API Creatorcontrols row/column retrieval and on updates by applying role permissions on GET.
For more information:
CA Live API Creatorprovides transparency with debugging services, including a log of all logic/database operations and a REST Lab so you can test your APIs without having to write a test program. You can test your logic using Data Explorer.
For more information about how the debugging services, see Debug.
Multiple Developers can create APIs and logic concurrently. You can import/export your API into a JSON file, which you can manage with existing tools for diffs, Source Control Systems, etc.
For more information:
You can protect client applications from changes in logic, security, and the database using custom resources.
For more information about change management, see Change Management.
You can access the admin database using REST APIs. You can script the API-to-API-server deployment from source control artifacts. For example, you can save development artifacts into a source control system, and export admin contents into a file for maintenance. You can script the creation of APIs into an API server into a production system using the Admin CLI.
For more information:
- About the concepts of creating, developing, and testing APIs by way of programs, see Programmatic API Creation.
- About how to script the creation of APIs, see API Creation by Command Line.
- About how to save development artifacts into a source control system, see Import and Export APIs.
- About viewing an example of how you can script the life cycle operations, see the Business to Business Example.
Documentation services include:
- API documentation, by way of Swagger.
- System documentation, by way of URLs you can associate with your API and view in API Creator.
- Logic documentation, by way of topics that trace requirements to the rules that implement them.
CA Live API Creatoris delivered as a WAR file. You can deploy into standard containers (Apache Tomcat, Jetty, application servers). You can load-balance the servers using standard technology. API definitions do not result in code generation. Deployment of a running system (for example, deploying a test system into production) requires an admin database update (the API Creator WAR is not changed). You do this by exporting an API to a JSON file, which you can import on the target system. You can export an API and script the import/export procedure using the Admin API.
For more information about how to script the import/export procedure, including exporting an API to a JSON file and importing the JSON file on a target system, see Import and Export APIs.
CA Live API Creatorfits into an enterprise architecture:
- Web/Mobile AppsAPI Servers figure significantly in application development, ranging from basic connectivity, to object generation, to partitioning. You can get meaningfully improved re-use and reduced development time using the services for client app development.
- Existing SystemsAPI Server connects well to existing databases for retrieval, with the following caveat. Some systems define new columns without schema changes by storing data as Binary Large Objects (BLOBs), for example, XML or JSON data. This practice hides the columns to SQL, to other software such as business intelligence, and to API Creator.For updates, API Server, like any RESTful server, operates in a standard three-tiered architecture. API Server is analogous to an application server, accessed by way of RESTful APIs rather than technology-specific access such as J2EE. Like application servers, this architecture can provide services for:
The following scenarios are included:
- Integration. Your API can integrate data from multiple databases and can send/receive messages from other systems.For more information about viewing an example of integration, see the Business to Business Example.
- Scalability. You can scale multiple API servers under a load balancer for increased response and failover.
- Logic and security. API servers provide a modern approach to enforcing logic, instead of (for example) proprietary triggers.
CA Live API Creator.To view an example, see the Business to Business Example.
- Read Only. In the simplest case, update logic is not an issue if you are only reading data.
- Update considerations. The following scenarios are common for update:
- Triggers. If you are using database triggers, triggers fire as API Server issues SQL updates.
- External logic. Logic is sometimes externalized in application servers (for example, as or bound into an object-access layer). Depending on how you architect them, they can be easy or difficult to call (for example, consider transaction boundaries).
- Screen logic. Often, external logic is bound into screen logic (for example, controllers attached to buttons). External logic is the 'fat client' ant-pattern, because this logic is typically not available outside the screen. We recommend that you migrate the screen logic to a shared server such asCA Live API Creator.
- Security SystemsCA Live API Creatorprovides authentication for development. Production systems typically use existing corporate security systems, such as Lightweight Directory Access Protocol (LDAP), Active Directory (AD), or OAuth, by delegating authentication.CA Live API Creatorinjects authorization at the row/column level into SQL that is sent to the database, whereCA Live API Creatorcan properly optimize authorization.For more information about authentication, see Authentication.
- API ManagementAPI Server is a standard REST API. You can insert API management systems (they operate as Gateways) for monitoring, denial of service attack protection, etc.
- MBaaS/PaaS ServicesCA Live API Creatorcan be an important component to your Mobile backend as a Service (MBaaS), providing transaction processing automation to complement technologies such as push or security/social integration.
- Rules EngineCA Live API Creatorlogic is complementary to other automation services, such as a rules engine for decisions and workflow.
- Enterprise Service BusService orchestration products (also known as integration Platform as a Service (iPaaS), such as MuleSoft), can provide enterprise integration by assisting in building an enterprise service bus that integrates a number of existing underlying REST services.CA Live API Creatorplays a complementary role by enabling you to build (and integrate) services that do not already exist. These services run beside existing manually coded database services, and non-transactional services that deal with more content-oriented information.For more information about iPaaS, see the Integration platform wikipedia page.
Your API can consist of schema resources, or endpoints, system resources, or custom resources. Your schema resources are defaulted from the schema. System resources are automatically-created metadata services to obtain the list of tables and resources and their attributes. Custom resources are the endpoints you define explicitly.
For more information about resource endpoints, see Customize your API.
Expose Tables and Stored Procedures as Resource Endpoints
You can can expose your base tables, view tables, and stored procedures as resources, or resource endpoints. Resources are available instantly. There is no restart, code generation, deploy, or configuration. After you have exposed the tables and procedures, you can begin browsing your API and start app development. You can protect access to this data by turning this off later in the API.
For more information about securing access to your data, see API Properties.
Access Resource Endpoints with a RESTful API
You can access your resource endpoints by way of a RESTful API. This makes your data available from virtually any client, in particularly mobile clients and cloud-based access.
You can issue HTTP-based retrieval requests against these resources using a URL, for example:
You can retrieve a single JSON object (in this case, a customer with key =
Acme), for example:
Your program can also issue retrieval operations against the following resources, for example:
The filter controls what "cust" resource rows are returned in a JSON array, sorted per the order clause. You can omit the filter, in which case all the customers are returned in an array. Each customer is returned as a JSON string, including its nested objects (for example, payments, purchase orders, line items, and product information). You can also use the other retrieval services.
For more information:
The following services are provided for enterprise-class use:
Coalesced Retrieval Strategy
Retrieval is processed a level at a time, retrieving <pagesize> rows per request. Subresource rows are retrieved in the same request, with optimizations for multi-database resources. All the subresource rows are retrieved in one query.
For example, you have a
pagesizeof ten, retrieving customers and their orders. On the first request,
CA Live API Creatordoes the following:
- Retrieves the first ten customers.
- Extracts the ten customer keys and performs a query for orders with a where clause for the ten customers ("cust-1 or cust-2, ...') using these keys. The query also includes relevant security filters.
- Distributes the orders to the proper customer in the preparation of the JSON response.
This processing avoids ten orders queries and performs well in multi-database configurations where a customer-join-order is not feasible.
You can control the chunk size on a per-request basis. For example, you can emit the simple SQL for debugging and testing by setting the chunk size to one (1).
For more information about controlling chunk size, see API Properties.
Your security specifications are defined for base tables and are applied automatically to all resources defined over that table. You can specify the security properties after you define your resource.
For more information about defining your security definitions, see Security.
Large result sets can cripple performance, both on the client and the server. You can retrieve more data using the URI that
CA Live API Creatorsupplies. Pagination is supported at any subresource level. For example, a query of Customers and Orders can provide pagination for many customers and many orders for each of the customers.
For more information about performance and pagination, see Performance.
JSON Refresh Information
A key benefit of logic is automated multi-table derivations. For example, saving an order might update the customer's balance. It is further possible (but not required) that this related data might be on the user's screen. Good user interface design dictates these effects be shown to the end user.
CA Live API Creatorreturns JSON-refresh information for all updated data per logic execution, so that clients can merge these updates into the screen. This returned information can improve performance because the client does not need to show derivation results by re-retrieving data.
Per REST requirements and industry best practice, all processing is stateless.
CA Live API Creatorscales horizontally.
CA Live API Creatorprovides services that address enterprise-class performance, such as minimizing network latency, through RESTful server operation, to database management system (DBMS) optimization.
For more information about the services that address performance, see Performance.