NAV

Introduction

The SOASTA Repository API is a collection of REST APIs that allows users to:

Tokens

The Tokens API is used to authenticate login credentials, and provides a security token that must be included with every other API request.

It supports the following methods:

For mPulse users, the Tokens API is available at https://mpulse.soasta.com/concerto/services/rest/RepositoryService/v1/Tokens

For CloudTest and TouchTest users, the Tokens API is available at <server URL>/concerto/services/rest/RepositoryService/v1/Tokens

e.g. https://192.168.3.80/concerto/services/rest/RepositoryService/v1/Tokens

PUT

Authenticates and generates a token.

Request Parameters

The following parameters must be sent as a JSON payload:

JSON Key Description
userName The user name.
password The password.
tenant The tenant (optional).

If SSO is enabled for the default tenant of the user instead of the username and password JSON keys, an API token JSON key must be sent.

JSON Key Description
apiToken API Token

Response

A JSON object, containing the following values:

JSON Key Description
token The security token to use in all subsequent requests.

If authentication fails, the response will be 401 Authorization Required.

Example

curl --request PUT "https://[host]/concerto/services/rest/RepositoryService/v1/Tokens" --data-binary \
'{
  "userName": "joe@acme.com",
  "password": "secret!"
}'

To use an API Token send the following request:

curl --request PUT "https://[host]/concerto/services/rest/RepositoryService/v1/Tokens" --data-binary \
'{
  "apiToken": "abc123"
}'
{
  "token": "207828d9-229c-4fdc-95df-8075efa5d716"
}

DELETE

Disconnects a token.

URL Syntax

The URL must contain a token id:

DELETE /concerto/services/rest/RepositoryService/v1/Tokens/{id}

Response

If the delete is successful, the response will be 204 No Content.

Example

curl --request DELETE "https://[host]/concerto/services/rest/RepositoryService/v1/Tokens/207828d9-229c-4fdc-95df-8075efa5d716"

Objects

The Objects API is used to create, read, update, and delete Repository objects. It supports the following methods:

For mPulse users, the Objects API is available at https://mpulse.soasta.com/concerto/services/rest/RepositoryService/v1/Objects

For CloudTest and TouchTest users, the Objects API is available at <server URL>/concerto/services/rest/RepositoryService/v1/Objects

e.g. https://192.168.3.80/concerto/services/rest/RepositoryService/v1/Objects

GET

Get details for an object or list of objects.

Headers

Name Description
X-Auth-Token Security token obtained from the Tokens API.
Authorization Alternative authorization methods. Options are Basic authentication or API-Token (The API Key listed in Account Settings).
X-Tenant-Name Optional, for use with API-Token authorization header. The name of the tenant to connect to. Must be a tenant the user has access to.

URL Syntax

The URL must contain a type, and can optionally contain a specific object id, or query parameters that will filter a list of objects.

To get details for a specific object, using its id:

GET /concerto/services/rest/RepositoryService/v1/Objects/{type}/{id}

To get details for a specific object, using its name:

GET /concerto/services/rest/RepositoryService/v1/Objects/{type}?name={name}

To get a list of objects, filtered by attributes:

GET /concerto/services/rest/RepositoryService/v1/Objects/{type}?{attribute}={value}

Example URLs

To get details for the dashboard with ID 42:

GET /concerto/services/rest/RepositoryService/v1/Objects/dashboard/42

To get details for the mPulse app “Staging Site”:

GET /concerto/services/rest/RepositoryService/v1/Objects/domain?name=Staging%20Site

To get a list of de-activated users:

GET /concerto/services/rest/RepositoryService/v1/Objects/user?deactivated=true

Examples

Search with X-Auth-Token

curl "https://[host]/concerto/services/rest/RepositoryService/v1/Objects/user?fullName=Joe%20Schmoe"
    --header "X-Auth-Token: f373b8e8-bf4a-4473-801a-b5d9b6b0ae5a"
{"objects": [
  {
    "type": "user",
    "id": 42,
    "name": "jschmoe@acme.com",
    "fullName": "Joe Schmoe"
  }
]}

Lookup by ID with API-Token Auth

curl "https://[host]/concerto/services/rest/RepositoryService/v1/Objects/user/42
    --header "Authorization: API-Token d7fbc68e-71d7-4959-a2e5-e02f71a5e1a6" --header "X-Tenant-Name: Akamai Corporate"
{"objects": [
  {
    "type": "user",
    "id": 42,
    "name": "jschmoe@acme.com",
    "fullName": "Joe Schmoe"
  }
]}

PUT

Creates an object.

Headers

Name Description
X-Auth-Token Security token obtained from the Tokens API.
Authorization Alternative authorization methods. Options are Basic authentication or API-Token (The API Key listed in Account Settings).
X-Tenant-Name Optional, for use with API-Token authorization header. The name of the tenant to connect to. Must be a tenant the user has access to.

URL Syntax

The URL must contain a type.

PUT /concerto/services/rest/RepositoryService/v1/Objects/{type}

Request Parameters

The following parameters must be sent as a JSON payload:

JSON Key Description
type The object type (required).
name The object name (required).
attributes Type-specific attributes (required for some object types).
For example, the user type includes the attributes fullName, emailAddress, and password.
Different types have different sets of attributes.
body The XML body (required for some object types).

Response

If the object creation is successful, the response will be JSON in the form:

JSON Key Description
id The 64-bit ID of the newly-created object.

Example

curl --request PUT "https://[host]/concerto/services/rest/RepositoryService/v1/Objects/user"
    --header "X-Auth-Token: f373b8e8-bf4a-4473-801a-b5d9b6b0ae5a"
    --data-binary \
    '{
        "type": "user",
        "name": "John Hancock",
        "attributes": [
            { "name":"password", "value": "dont tell!" },
            { "name":"emailAddress", "value": "john@acme.com" }
        ]
    }'
{
  "id": 1234
}

POST

Updates an object.

Headers

Name Description
X-Auth-Token Security token obtained from the Tokens API.
Authorization Alternative authorization methods. Options are Basic authentication or API-Token (The API Key listed in Account Settings).
X-Tenant-Name Optional, for use with API-Token authorization header. The name of the tenant to connect to. Must be a tenant the user has access to.

URL Syntax

The URL must contain a type and id.

POST /concerto/services/rest/RepositoryService/v1/Objects/{type}/{id}

Request Parameters

The following parameters must be sent as a JSON payload:

JSON Key Description
type The object type (required).
name The object name (required).
attributes Type-specific attributes (required for some object types).
For example, the user type includes the attributes fullName, emailAddress, and password.
Different types have different sets of attributes.
body The XML body (required for some object types).

Response

If the update is successful, the response will be 204 No Content.

Example

curl --request POST "https://[host]/concerto/services/rest/RepositoryService/v1/Objects/user?fullName=Joe%20Schmoe"
    --header "X-Auth-Token: f373b8e8-bf4a-4473-801a-b5d9b6b0ae5a"
    --data-binary \
    '{
        "type": "user",
        "name": "John Hancock",
        "attributes": [
            { "name":"password", "value": "dont tell!" },
            { "name":"emailAddress", "value": "john@acme.com"  }
        ]
    }'

DELETE

Deletes an object.

Headers

Name Description
X-Auth-Token Security token obtained from the Tokens API.
Authorization Alternative authorization methods. Options are Basic authentication or API-Token (The API Key listed in Account Settings).
X-Tenant-Name Optional, for use with API-Token authorization header. The name of the tenant to connect to. Must be a tenant the user has access to.

URL Syntax

The URL must contain a type and id.

DELETE /concerto/services/rest/RepositoryService/v1/Objects/{type}/{id}

Response

If the update is successful, the response will be 204 No Content.

Example

curl --request DELETE "https://[host]/concerto/services/rest/RepositoryService/v1/Objects/user/123"
    --header "X-Auth-Token: f373b8e8-bf4a-4473-801a-b5d9b6b0ae5a"

Seed Data

The Seed Data API is used to read, append, and clear Seed Data content. It supports the following methods:

For CloudTest and TouchTest users, the Seed Data API is available at: <server URL>/concerto/services/rest/RepositoryService/v1/SeedData

e.g. https://192.168.3.80/concerto/services/rest/RepositoryService/v1/SeedData

The Seed Data API does not apply to mPulse users.

GET

Returns seed data content as CSV.

Headers

Name Description
Accept-Encoding Optional. If set to gzip, the response will be compressed.
Range Optional. Set of rows to return, using the format rows={start}+{count}. Row numbers are 0-based.
Examples: rows=10+5 returns the 11th-15th rows, rows=20+0 returns the 21st row and everything after it.
X-Auth-Token Security token obtained from the Tokens API.
Authorization Alternative authorization methods. Options are Basic authentication or API-Token (The API Key listed in Account Settings).
X-Tenant-Name Optional, for use with API-Token authorization header. The name of the tenant to connect to. Must be a tenant the user has access to.
X-Decryption-Key Decryption key (required for encrypted Seed Data objects).

URL Syntax

The URL must contain an id.

GET /concerto/services/rest/RepositoryService/v1/SeedData/{id}

Example

curl "https://[host]/concerto/services/rest/RepositoryService/v1/SeedData/42"
    --header "X-Auth-Token: f373b8e8-bf4a-4473-801a-b5d9b6b0ae5a"
    --output rows.csv

POST

Appends new CSV content to an existing seed data.

Headers

Name Description
X-Auth-Token Security token obtained from the Tokens API.

URL Syntax

The URL must contain an id.

POST /concerto/services/rest/RepositoryService/v1/SeedData/{id}

Response

If the append is successful, the response will be 204 No Content.

Example

curl --request POST "https://[host]/concerto/services/rest/RepositoryService/v1/SeedData/42"
    --header "X-Auth-Token: f373b8e8-bf4a-4473-801a-b5d9b6b0ae5a"
    --data-binary @newrows.csv

DELETE

Truncates the entire seed data.

Headers

Name Description
X-Auth-Token Security token obtained from the Tokens API.

URL Syntax

The URL must contain an id.

DELETE /concerto/services/rest/RepositoryService/v1/SeedData/{id}

Response

If the truncate is successful, the response will be 204 No Content.

Example

curl --request DELETE "https://[host]/concerto/services/rest/RepositoryService/v1/SeedData/42"
    --header "X-Auth-Token: f373b8e8-bf4a-4473-801a-b5d9b6b0ae5a"

Errors

The Repository API uses the following error codes:

Error Code Description
400 Bad request. The URL or JSON is invalid.
401 Unauthorized. The security token is missing or invalid.
404 Not found. The requested object does not exist.
500 Internal server error. Try again later.