CA Live API Creator
 complements automation with provisions for extending:
  • SQL access. 
    Your SQL operations are typically automated, but you can address more complex cases by overriding these defaults.
  • Logic.
     You can meet requirements not solved by reactive logic by defining rules that can invoke JavaScript. 
    CA Live API Creator
     applies table-based logic to updates on the table and to updates to the custom resources defined over the table.
  • Request. 
    You can control processing at the request level.
In this article:
Address Logic using Server-side JavaScript
You can extend system automation for update and retrieval logic with procedural code using server-side JavaScript. Underlying these extensibility services is the JavaScript object model that 
CA Live API Creator
 creates from your schema. You specify the logic for events, formulas, and constraints in JavaScript.
JavaScript provides access to the following: 
  • Other JavaScript or Java logic running in the Java Virtual Machine (JVM), by way of Java or JavaScript libraries.
  • External services, by way of REST, SOAP, etc.
The JavaScript code you write in API Creator runs on your servers. It has access to most of the resources on those servers, such as files and network interfaces. To limit the resources to which your code has access, install LAC running in a container, such as Docker.
Multi-tenant security considerations restrict JavaScript in some 
CA Live API Creator
 evaluation versions.
For more information:
Code Insertion Points
Rules fire in an order that reflects their dependencies. This order changes as you alter rules and so affect their dependencies. By contrast, events fire at designated points in the request processing cycle, as illustrated in the following image:
Custom Endpoints
While you define most endpoints as tables, views, stored procedures, and custom resources, you can build services, perhaps unrelated to your database objects, by defining custom endpoints. For example, you can:
  • Convert JSON into the format expected by custom resources, and then invoke those.
  • Return results directly to the client. For example, the Business to Business (B2B) sample includes a custom endpoint that returns HTML.
Custom endpoints are not subject to normal authorization. You can handle your own authorization, for example, basic authorization. Custom endpoints apply to the RESTful server.
 For more information:
Event Handlers
Event handlers fire before resource and logic processing begin. For example, you might reformat the request information, as illustrated in the B2B sample. You can also log the requests.
For more information about event handlers, see Event Handlers.
JavaScript Resource Type
Automated SQL typically retrieves resources, but you can specify the resource type as JavaScript, wherein you supply your own server-side that is executed whenever the resource is accessed and returns JSON. You can materialize data using JavaScript, for example, by invoking REST services to build a request that integrates data from other systems.
For more information:
Resource Row Event
Resource row events are invoked as rows are retrieved. You can inject new attributes or remove attributes or even make REST calls and append results.
For more information about resource row events, see Resource Row Events.
Row Logic Events
API Creator invokes event rules are invoked with the current/old rows and the current verb on POST, PUT and DELETE operations. They can operate on the row, the results of which is subjected to reactive logic.
For more information:
The following image shows the Manage, Rules, event page for the demo:PurchaseOrder event:
Request Event (Response)
Request events provide an entry point after server processing is complete, just before returning to the client. You can reformat the response message, as illustrated in the Integration Example. Or, you might log requests.
For more information about request events, see Event Handlers.
Invoke JavaScript from Reactive Logic
You specify JavaScript methods for reactive formula and validation expressions. In the most common case, these are simple expression such as 
row.price * row.quantity
. API Creator analyzes your JavaScript for dependencies to provide proper ordering.
 You can build conditional logic or invoke standard functions such as date arithmetic using JavaScript. You can perform complex processing or invoke other SOA services or re-usable Java/JavaScript methods. API Creator analyzes the logic for dependencies which are reflected in proper execution order.
For more information:
Access JVM and Services
Whether you reach JavaScript by way of code insertion points, or reactive logic, you then have the flexibility to access code inside the JVM, or remotely available services. The following diagram illustrates how server-side JavaScript addresses logic:
  CA Technologies  
Supporting Services
The extension capabilities draw upon the following underlying API Server services:
  • System variables
     define system state, for example, for the request, logic operation, as well as useful methods.
  • System classes
     provide helper classes.
You can discover and use these underlying API Server services using code completion.
For more information about code completion, see Code Completion.
 JavaScript Context Variables
Your code requires the following context variables that are set when 
CA Live API Creator
 invokes JavaScript logic:
  • The 
     object. This variable provides access to the API request, such as the current user and the url parameters.
  • The 
     object. A row is a JavaScript object representing the current row, with accessors for attributes and related data, persistence (with logic enforcement).
  • The 
     object. This engine service makes visible key aspects of logic execution. It is available in all JavaScript rules. It provides access to runtime state and services to create, read, update, and delete rows.
For more information about the JavaScript context variables that are set when JavaScript logic is invoked, see Quick Reference.
JavaScript System Classes
Your code requires the following JavaScript context variables to operate. 
CA Live API Creator
 initializes the following variables:
  • The 
     class. You can invoke RESTful services from business logic or row events using the services this object provides, such as the 
    , and 
    For more information about this context variable, see The SysUtility Object.
  • The 
     class.You also have access to system logic methods, such as 
    For more information about this context variable, see The SysLogic Object.
For more information:
Logic Libraries
JavaScript invocations typically provide the row and logic context for your programmatic access. In many cases, you will want to use libraries of existing functions, such as date routines. You can add use libraries to your API.
 For more information about logic libraries, including how to add and use them, see Logic Libraries.
Re-usable Rule Types
You can add new rule types to the core rules (such as formula, sum, and count, validation). You can define the parameters the rule types accept. API Creator uses extended rules by using the parameters. You can detect logic patterns and implement re-usable solutions to these using the extended rule types.
For more information about viewing an illustration of how the 
 system method and allocation rules use this underlying technology, see InsertIntoFrom System Method and allocateFromTo System Method.
Customized SQL
You can define the following resource types:
  • Custom SQL
    You can supply your own SQL for updatable objects using resources of type Custom SQL. Your SQL must return the columns modeled by the resource.
    For more information about defining custom SQL resources, see Customize your API.
  • Free SQL
    You can define resources of type Free SQL. Use this to supply your own SQL, without restriction.
    For more information:
Request Metadata
You can insert 
 action tags to link child rows to parent rows, without the requirement for the client to supply 
 identifiers (which they may not know) using services. You can designate that request rows can result in either an update of an existing row, or if not present, the insertion of a new row by using related services.
For more information:
Admin Data Access
Observe that the Admin data API Creator uses is accessed by way of an API. So, in addition to creating APIs using the browser, you can drive it with RESTful calls.
For more information:
Customized Authentication
Enterprise systems must authenticate users without requiring you to reenter user lists that you maintain elsewhere, such as Lightweight Directory Access Protocol (LDAP), Active Directory (AD), and OAuth. You can do this by creating custom authentication providers.
For more information about how to create a custom authentication provider, see Create Custom Authentication Providers using JavaScript.