REST guidelines

In this section REST guidelines are stated. Communication between the service calling the provided API and DUM Engine is implemented using REST.

Stateless communication

The communication between the service calling the API and DUM Engine is stateless.

Non cacheable communication

The communication between the service calling the API and DUM Engine is not cacheable. DUM Engine will mark the communication as being so:

Cache-Control: no-store
Pragma: no-cache

JSON

The service using the API can use JSON to communicate with DUM Engine. To receive JSON messages another header must be added:

Accept: application/json

UTF-8 encoding

DUM Engine uses UTF-8 encoding:

Content-Type: application/json;charset=UTF-8

Security

All APIs are protected with HTTP basic authentication.

The Authorization header needs to be added every request.

The Authorization header is constructed as follows:

  1. Username and password are combined into a string "username:password"
  2. The resulting string is then encoded using the RFC2045-MIME variant of Base64, except not limited to 76 char/line
  3. The authorization method and a space i.e. "Basic " is then put before the encoded string.

For example, if the user agent uses 'Aladdin' as the username and 'open sesame' as the password then the header is formed as follows:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==