HCL Domino REST API, a.k.a Domino KEEP, provides a secure REST API access into HCL Domino servers and databases.
Join us for questions, discussions, ideas and feedback over at OpenNTF’s KEEP chat.
Domino REST API is designed to re-establish Domino as a world class, modern, standards-complaint, cloud native and enterprise-level collaboration platform. It adds contemporary REST APIs to Notes and Domino, enabling a modern programming experience with the tools of your choice.
Classic Domino applications are document-oriented and based on an approval model: documents flow through a business lifecyle and are approved at each stage. Domino developers develop a separate user interface for each approval state that is used by the people who perform the actions for that state.
KEEP moves access control out of the code and into the configuration. But it means control stays with those who need to support the data, not those who consume the data. KEEP grants granular access for actions like read or write depending on what the document data is and who is viewing it. This approach ensures that the correct person can perform the correct action on the document and its data. Most importantly, it means control over data quality remains with those who need to support the data, not those who provide and consume the data.
For example, in the case of an expense report filed by an employee, the approver and the employee can only edit the fields that correspond to their role. An approver might be able to approve and add a remark only and an employee might be able to provide a subject, description, and cost only.
This granular access managed through configurations is what makes Domino REST API unique!
Also, in KEEP, we built modern REST APIs that are designed to bring Notes and Domino forward in the current market. KEEP adds OpenAPI specified REST APIs to Domino and allows the latter to talk to any server or client over http, https or http/2. Using KEEP APIs, any application that talks https can access the data from a Domino database, hence extending the availability of this data beyond the Notes client.
For example, the data in a Domino database that could earlier be viewed only in a Notes client, can now be viewed on mobile applications as well using the KEEP APIs. Refer to the use cases for more examples.
The KEEP APIs are secure and standards-compliant, making them the right choice for your Notes and Domino ecosystem.
Much like the architectural keep that fortifies the castle, Domino KEEP adds to the existing functionalities provided by Notes and Domino.
KEEP can run on your developer desktop, where you can evaluate it from your Notes client. KEEP is available on Windows (client & server), Linux (server), Docker (server) and macOS (client) as add-on for Notes and Domino 12.0.1 and later.
NOTE: The Early Access June release only contains a Docker image.
KEEP caters to Domino mail as well as Domino applications, irrespective of the difference in the way they work. While Domino mail allows one-to-one mapping between users and mail files (with only occasional exceptions), Domino applications allow multiple users to access the same application. KEEP looks beyond this difference and serves both Domino mail as well as Domino applications.
KEEP is designed to work with:
- Desktop applications with direct access to the Domino server, written in any language (e.g. Java, C#, Rust, Electron, Jupyter, Python etc).
- Application-server-based applications (e.g. NodeJS, HCL DX , Spring, SpringBoot, Vaadin, Vert.x, Quarkus, PHP, Wordpress etc).
- Command Line Interfaces (CLI), starting with but not limited to curl.
- OData aware applications (e.g. SAP, Salesforce, Microsoft Excel, Tableau etc).
- LowCode environments like HCL Volt MX, NodeRED or others.
KEEP is based on industry standards, allows Notes and Domino to be accessed from other platforms, follows standard APIs, is extendable and uses the Notes and Domino security model. KEEP also puts the power in the hands of the developer to work using their preferred programming language.
KEEP is secure by default since it inherits all the security features of Notes and Domino. All access to the database is authenticated using JSON Web Token (JWT) and Scopes. Identity can be provided using Domino credentials and/or your Enterprise IdP (Identity Provider) like Keycloak or Active Directory. The databases or forms and views that can be accessed are explicitly listed. Security extends to a field level read/write control by The Barbican
Domino KEEP uses redesigned Java APIs named Domino JNX (Domino Java Next), which follow industry standards and best practices.
We follow the API first design with full interactive documentation. Our public APIs follow the standards set by OpenAPI 3.0. The OpenAPI specifications you see in Swagger/Redoc on the server are used dynamically by KEEP to validate requests, so you know they are up-to-date.
KEEP has an extensible architecture that allows it to serve multiple API versions from a Domino server. We currently support admin, core, CI/CD and PIM APIs but KEEP can be extended to add more APIs.
We provide a Web Admin UI that facilitates admin actions.
Along with the application design and admin features, KEEP allows CRUD operations on documents, retrieval of collections (aka views and folders), execution of queries and submission of access control, design and code, while maintaining and extending Domino’s security model.
KEEP runs on Domino and/or your Notes Client on Windows/Linux/Mac. Someone with previous working experience of Notes and Domino can quickly get started with KEEP, as you are about to find out for yourself!