Application management REST API
The Application management REST API allows for programmatic import, export, upgrade, and delete of Leap applications.
Authentication
To get the Swagger definition for the Application management REST API, use /apps-basic/anon|secure/org/app/swagger.json
All REST API calls must be made as an authenticated user. If you want to exercise the API with code, then, you can use basic authentication. The authenticated user must be a valid user of Leap and must have the appropriate permission. The primary mechanism is to use basic authentication where the username and password are a Base64 encoded string.
REST actions
The following table lists the types of actions that are available and the URLs associated with those actions.
URL | HTTP Verb Header | Action Name |
---|---|---|
/apps-basic/secure/org/app/app-uid/archive?mode=source&submitted=true | GET | Export |
/apps-basic/secure/org/app/app-uid/archive?replaceEmbeddedData=on&runDatabaseUpgradeNow=on&replaceSubmittedData=on&freedomIdentifyKey=x | POST | Upgrade |
/apps-basic/secure/org/app?deploy=false&importData=false&freedomIdentifyKey=x | POST | Import |
/apps-basic/secure/org/app/app-uid?freedomIdentifyKey=x | DELETE | Delete |
Export
Exports the defined application as a .nitro_s file. You can use the following parameters to export the application:
submitted=true
Can be set to true or false. true returns the application and all submission data that exists in the application.
Note: If no value is passed, then the default is true.
Upgrade
Allows the user to upgrade the content of an application to match the application that is contained in the POST request. You can use the following parameters to upgrade the application:
replaceSubmittedData=off
Can be on or off. on replaces the existing submission data with the submission data contained in the application being uploaded.
Note: The default for replaceSubmittedData is off.
freedomIdentifyKey=x
The value of x, must be a randomly generated, difficult to guess, single-use numerical value. The value of this URL parameter must match the value of the freedomIdentifyKey cookie. Requiring a cookie value that matches the URL parameter helps avoid possible browser vulnerabilities. See Data REST API Delete for more information.
The upgraded application must be uploaded to the server as multipart/form-data in the body of the POST.
Import
Imports the specified application into the Leap server. The user that performs the import is automatically added as an administrator. You can use the following parameters to import the application:
deploy=false
Can be set to true or false. true automatically deploys the application as part of the import.
Note: The default is false.
importData=false
Can be set to true or false. true imports the submission data, or submitted records, if they were included when the application was exported.
Note: The default is false.
cleanIds=false
Can be set to true or false. true removes all groups and users from roles within the imported application ensuring that only the current authenticated user has access to the application.
Note: The default is false.
freedomIdentifyKey=x
The value of x, must be a randomly generated, difficult to guess, single-use numerical value. The value of this URL parameter must match the value of the freedomIdentifyKey cookie. Requiring a cookie value that matches the URL parameter helps avoid possible browser vulnerabilities. See Data REST API Delete for more information.
The application to be imported must be uploaded to the server as multipart/form-data.
Delete
Deletes the specified application from the server.
freedomIdentifyKey=x
The value of x, must be a randomly generated, difficult to guess, single-use numerical value. The value of this URL parameter must match the value of the freedomIdentifyKey cookie. Requiring a cookie value that matches the URL parameter helps avoid possible browser vulnerabilities. See Data REST API Delete for more information.
Basic Application Flow
This is the basic flow of an application communicating with the Leap REST API:
- Establish a URLConnection with the URL that matches the action you want.
- Set the basic authentication credentials into the URLConnection.
- Set extra headers or body content if required for the action.
- Process the response.
Parent topic: REST API reference