CA Live API Creatorprovides declarative definition of the following services:
- API.Create the default API by connecting to your database: GET, POST, PUT, and DELETE for each table, including GET/POST access to each view and stored procedure. You can create nested document resources or endpoints.
- Integration.Resources can combine data from multiple sources (SQL, Mongo, and RESTful), including updates between them.
- Security.Enforces endpoint access and row/column security.
The following image shows the architecture of
CA Live API Creator:
Specify your settings in API Creator. Activation is instantaneous. In API Creator, there is no code generation or deployment. In addition to RESTful APIs, you can access your data and admin data using the command-line interfaces (CLIs). Test your API and perform back-office database maintenance using Data Explorer, a component that
CA Live API Creatorcreates from the schema.
In this article:
CA Live API Creatorstores your data source connections, resource definitions, logic, and security settings in API Server's admin database. You can export admin contents into a file for maintenance in a source control system (SCS).
You can access and manage the admin data that is stored in the admin database by way of the CA Live API Creator Admin project API (Admin API).
Declarative Services: Retrieval, Update Logic, Data Security
Customize your API, integrate more data sources, and specify your logic and security policy using the following declarative services:
- Retrieval.CA Live API Creatorprovides RESTful listeners, SQL processing, and JSON request/response processing for all endpoints.
- Update-logic execution.CA Live API Creatorenforces your logic on all PUT, POST, and DELETE requests. This enforcement applies to updates, to the resources you explicitly define in API Creator, and to tables.
- Data-security enforcement.CA Live API Creatorcontrols row/column retrieval and on updates by applying role permissions on GET.
For more information about the differences between rules and events, see Event Rule Types.
CA Live API Creatorprovides transparency with debugging services, including a log of all logic/database operations and a REST Lab so you can test your APIs without having to write a test program. You can test your logic using Data Explorer.
For more information about the debugging services, see Debug.
Multiple Developers can create APIs and logic concurrently. You can import/export your API into a JSON file, which you can manage with existing tools for diffs, SCS, etc.
For more information:
You can protect client applications from changes in logic, security, and the database using custom resources.
For more information about change management, see Change Management.
You can access the admin database using REST APIs. You can script the API-to-API-server deployment from SCS artifacts. For example, you can save development artifacts into an SCS and export admin contents into a file for maintenance. You can script the creation of APIs into API Server into a production system using the Admin CLI.
For more information about lifecycle management, see Import and Export APIs.
Documentation services include:
- API documentation, by way of Swagger.For more information about Swagger API documentation, see API Docs.
- System documentation, by way of URLs that you can associate with your API and view in API Creator.For more information about how to specify URLs for documentation, see API Properties.
- Logic documentation, by way of topics that trace requirements to the rules that implement them.For more information about topics, see Manage Topics.
CA Live API Creatoris delivered as a web application ARchive (WAR) file. It runs within the Java Virtual Machine (JVM) and you can install it in a standard WAR container. Authorized clients or servers can call into
CA Live API Creatorby way of REST. In addition to typical web/mobile apps, this might include cron jobs, application servers built with familiar frameworks, other systems in your organization, partners, and ESB systems.
You can deploy
CA Live API Creatorinto standard containers (Apache Tomcat, Jetty, application servers). You can load-balance the servers using standard technology. API definitions do not result in code generation. Deployment of a running system (for example, deploying a test system into production) requires an admin database update (the API Creator WAR is not changed). You do this by exporting an API to a JSON file and then import it into API Creator. You can export an API by way of the Admin API or you can use the Admin API in your scripts for managing the import and export process.
For more information about how to script the import/export procedure, including how to export and import APIs, see Import and Export APIs.
CA Live API Creatorfits into an enterprise architecture:
- Web/Mobile AppsAPI Servers figure significantly in application development, ranging from basic connectivity, to object generation, to partitioning. You can get meaningfully improved re-use and reduced development time using the services for client app development.
- Existing SystemsAPI Server connects well to existing databases for retrieval, with the following caveat. Some systems define new columns without schema changes by storing data as Binary Large Objects (BLOBs), for example, XML or JSON data. This practice hides the columns to SQL, to other software such as business intelligence, and to API Creator.For updates, API Server, like any RESTful server, operates in a standard three-tiered architecture. API Server is analogous to an application server, which is accessed by way of RESTful APIs rather than technology-specific access such as J2EE. Like application servers, this architecture can provide services for:
The following scenarios are included:
- Integration. Your API can integrate data from multiple databases and can send/receive messages from other systems.For more information about viewing an example of integration, see the Business to Business Example.
- Scalability. You can scale multiple API servers under a load balancer for increased response and failover.
- Logic and security. API servers provide a modern approach to enforcing logic, instead of (for example) proprietary triggers.
CA Live API Creator.To view an example, see the Business to Business Example.
- Read Only. In the simplest case, update logic is not an issue if you are only reading data.
- Update considerations. The following scenarios are common for update:
- Triggers. If you are using database triggers, triggers fire as API Server issues SQL updates.
- External logic. Logic is sometimes externalized in application servers (for example, as or bound into an object-access layer). Depending on how you architect them, they can be easy or difficult to call (for example, consider transaction boundaries).
- Screen logic. Often, external logic is bound into screen logic (for example, controllers that are attached to buttons). External logic is the 'fat client' ant-pattern, because this logic is typically not available outside the screen. We recommend that you migrate the screen logic to a shared server such asCA Live API Creator.
- Third-party Authentication ProvidersCA Live API Creatorprovides authentication for development. Production systems typically use existing corporate identity providers–such as Lightweight Directory Access Protocol (LDAP), Active Directory (AD), or OAuth–by delegating authentication.CA Live API Creatorinjects authorization at the row/column level into SQL that is sent to the database, whereCA Live API Creatorcan properly optimize authorization.For more information about authentication, see Authentication.
- API ManagementAPI Server is a standard REST API. You can insert API management systems (they operate as Gateways) for monitoring and denial of service attack protection.
- MBaaS/PaaS ServicesCA Live API Creatorcan be an important component to your Mobile backend as a Service (MBaaS), providing transaction processing automation to complement technologies, such as push or security/social integration.For more information about theCreate Application Backendsuse case, see API Creator Overview.
- Rules EngineCA Live API Creatorlogic is complementary to other automation services, such as a rules engine for decisions and workflow.
- Enterprise Service BusService orchestration platforms (also known as integration Platform as a Service (iPaaS), such as MuleSoft), can provide enterprise integration by assisting in building an enterprise service bus that integrates several existing underlying REST services.CA Live API Creatorplays a complementary role by enabling you to build (and integrate) services that do not already exist. These REST services run beside existing manually-coded database services and non-transactional services that deal with more content-oriented information.
You can customize and shape your API by explicitly defining RESTful endpoints, or resources, using API Creator, by adding custom endpoints, or by creating functions.
For more information:
Expose Tables and Stored Procedures as Resource Endpoints
You can can expose your tables, views, and stored procedures as resources, or resource endpoints. Resources are available instantly. There is no restart, code generation, deploy, or configuration. After you have exposed the tables and stored procedures, you can begin browsing your API and start application development. You can control API user access to this data by setting permissions.
For more information:
Access Resources with a RESTful API
You can access your resource endpoints by way of a RESTful API. This makes your data available from virtually any client, in particularly mobile clients and cloud-based access.
For more information:
CA Live API Creatorautomates the REST interfaces, the data access, and the security/business logic for transactional applications. While the automation is wide in scope, it fits into an enterprise architecture.
CA Live API Creatorprovides the following services for enterprise-class use:
Coalesced Retrieval Strategy
CA Live API Creatorprocesses retrieval a level at a time, retrieving
<pagesize>rows per request. It retrieves subresource rows in the same request, with optimizations for multi-database resources. It retrieves all the subresource rows in one query.
For example, you have a
pagesizeof ten, retrieving customers and their orders. On the first request,
CA Live API Creatordoes the following:
- Retrieves the first ten customers.
- Extracts the ten customer keys and performs a query for orders with a where clause for the ten customers ("cust-1 or cust-2, ...') using these keys. The query also includes relevant security filters.
- Distributes the orders to the proper customer in the preparation of the JSON response.
This processing avoids ten orders queries and performs well in multi-database configurations where a customer-join-order is not feasible.
You can control the chunk size on a per-request basis. For example, you can emit the simple SQL for debugging and testing by setting the chunk size to one (1).
For more information about how to control chunk size, see API Properties.
Your security specifications are defined for base tables and are applied automatically to all resources defined over that table. You can specify the security properties after you define your resource.
For more information about how to define your security definitions, see Security.
Large result sets can cripple performance, both on the client and the server. You can retrieve more data using the URI that
CA Live API Creatorsupplies.
CA Live API Creatorsupports pagination at any subresource level. For example, a query of Customers and Orders can provide pagination for many customers and many orders for each of the customers.
For more information about pagination, see Performance.
JSON Refresh Information
A key benefit of logic is automated multi-table derivations. For example, saving an order might update the customer's balance. This related data might be required to be on the user's screen. Good user interface (UI) design dictates these effects be shown to the end user.
CA Live API Creatorreturns JSON-refresh information for all updated data per logic execution, so that clients can merge these updates into the screen. This returned information can improve performance because the client does not need to show derivation results by re-retrieving data.
Per REST requirements and industry best practice, all processing is stateless.
CA Live API Creatorscales horizontally.
CA Live API Creatorprovides services that address enterprise-class performance, such as minimizing network latency, through RESTful server operation, to database management system (DBMS) optimization.
For more information about the services that address performance, see Performance.