Lab 11 - Domino REST API configuration

The Domino REST API provides extensive configuration capabilities to cater to different usage scenarios.

What you will learn

How to fine tune the Domino REST API configuration.
How to enable or disable the API endpoints.

Before you begin

Your Domino server must be running.

Procedure

All configuration settings are stored in JSON files placed in the keepconfig.d directory. The files are loaded in alphabetical order, and if there are conflicting settings, the entries in the last loaded file take precedence. After making any changes, you must restart Domino REST API for the updates to take effect. For more information, see Configuration management and overlay hierarchy.

Update CORS settings

Starting Domino REST API v1.1.3From Domino REST API v1.0 to v1.1.2

Starting Domino REST API v1.1.3, CORS uses Regex. For more information, see CORS is now using Regex.

{
  "CORS": {
    "^https?:\\/\\/localhost$": true,
    "^https?:\\/\\/.*\\.local$": false,
    "^https?:\\/\\/yourDomain\\.com$": true
  }
}

wherein:

^ → beginning of the string
http → the literal string http
s? → optional the string s
\\/ → double escape the string /
.* → one or more characters of any type
\\. → double escape the string .
$ → end of string

Note

Inside JSON, the \ of Regex gets escaped to \\.

{
  "CORS": {
    "localhost": true,
    ".local": false,
    "yourDomain.com": true
  }
}

CORS Settings

Disable PIM access

{
  "versions": {
    "pim": {
      "active": true
    }
  },
  "verticles": {
    "PIM": {
      "active": false
    },
    "Firehose": {
      "active": false
    }
  }
}

PIM disabled

Disable Admin Endpoints and UI

{
  "versions": {
    "setup": {
      "active": false
    }
  },
  "verticles": {
    "Design": {
      "active": false
    },
    "KeepAdmin": {
      "active": false
    }
  },
  "webapps": {
    "webjars": {
      "active": false
    }
  }
}

Disable Setup

Enable OAuth

{
  "oauth": {
    "active": true,
    "database": "oauth.nsf",
    "authCodeExpiresIn": 120,
    "accessTokenExpiresIn": 3600,
    "refreshTokenExpiresIn": 525600,
    "url": "http://localhost:8880"
  }
}

Enable OAuth

How to verify

Use Swagger UI to inspect the available API endpoints.
Use command-line tools such as curl to test endpoint responses.

Things to explore

Domino REST API documentation
Discord discussion
Experiment with other configuration parameters, such as:
- disabling Domino login
- enabling Preview features
- updating nsfExclusions