Post installation
After installation, Domino REST API will run on port 8880 with HTTP and a transient JWT token for single server use. It's nice to try things out, but not production-ready. The following configuration tasks are needed to finalize a production-worthy Domino REST API deployment and to ensure complete functionality and a secure interface to your Domino applications.
Important
- You should familiarize yourself with all configuration parameters and security settings before you deploy into a production environment.
- Domino REST API honors all Domino access control mechanisms and doesn't allow anonymous access. For more information, see Access Control.
Check connectivity
After the installation, make sure connectivity works.
Secure ports
A production environment must have an encrypted communication between any client and the Domino REST API Server. Domino REST API uses multiple ports, learn how to secure them.
Setup functional accounts
There are a series of endpoints that aren't associated with regular user IDs:
- Management console (Port 8889)
- Metrics endpoint (Port 8890)
- Health check (Port 8886)
To enable access to these port, you need functional accounts.
Configure JWT
Domino REST API uses JSON Web Token (JWT) for authorization. To allow using Domino REST API without the deployment of an external Identity Provider (IdP), Domino REST API can be configured to provide a JWT after authentication with Domino credentials.
The JWT token can also be shared between servers to enable SSO (Single Sign On) for Domino REST API.
Manage databases
There are databases created on the Domino server as part of the Domino REST API installation. These databases must be secured and managed like other production databases.
Expose databases to REST API access
To make a database available on the Domino REST API, create a Domino REST API schema and link it to a publicly visible scope. The schema defines what documents, based on the value of their form item, views, folders, and agents are available for a call via HTTP.