Client-side REST Invocations in Rollbase

April 10, 2017 Data & AI

Learn all about how to use a Rollbase client-side API to make RESTful service invocations.

Support for integrating services/data from external service providers into Rollbase has been taken a step further with the addition of Client-side API for RESTful service invocations. That is, now from within a Rollbase Application/Portal page, REST calls can be made to services hosted by external domains.

Possible Use-cases:

  • In an application form page, retrieve the latest exchange rates for computing invoice statement form fields
  • A dashboard page leveraging Weather Service for real time data
  • Pulling and projecting Enterprise application data from existing systems into Rollbase

How Does it Work?

To circumvent the CORS restriction, the actual HTTP Client connection will be made on a Rollbase server and not directly from the browser client. That is, the browser client will simply make a generic HTTP POST request (AJAX) to the Rollbase server with all details regarding RESTful service invocation captured in a particular format.

On server-side, the HTTP Request will be constructed and executed by setting up an HTTP Client. The HTTP response received will be written back to the browser in a generic format, encapsulating all details including HTTP status, response headers and response body.

The following list of HTTP Methods are supported: POST, GET, PUT, DELETE

In summary, this API client will serve as an intermediary for making an HTTP request and will forward & return a corresponding HTTP request and response details in a generic format. No content validation/parsing will be done. That is, if the Content-Type header is set as 'application/xml' and request body content does not have valid XML, the same will be propagated as-is to the external service provider. A resulting BAD REQUEST (HTTP 400) response will similarly be propagated back to the client.

An error service response does not get any special handling. As the client is just an intermediary, both successful and error responses are encapsulated in a particular JSON format and propagated to API client.

API Example

An example use of this API is to fetch live exchange rates and compute the PurchaseOrder total in Euros for the total OrderItem price—which, say, is listed in USD.

// client-side api call for RESTful service invocation
// api signature:
// rbf_sendHttpRequest(url,httpMethod,headers,params,body,options)
rbf_sendHttpRequest(
  'GET', //http method
  // headers
  { 'Accept': 'text/xml' },
  // request params
  {
    'q''select * from yahoo.finance.xchange where pair in ("USDEUR")',
  },
  null, //empty body
  //options
  {
    // API has asynchronous behavior,
    // configure callback  handler to process response
    callback: processExchangeRates
  }
);
 
//process exchange rate service response
function processExchangeRates(resp) {
  if (resp.status == 200) {
     var node = $.parseXML(resp.body); //parse xml string literal
     var currRate = $(node).find('Rate').text();
 
     //compute form field values as per the exchange rate retrieved...
     var usdTotal = rbf_getFieldValue('total$');
     rbf_setFieldValue('totalEUR',usdTotal * Number(currRate));
  }
}

 

Additional Provisions

Application Data

Many external system interactions using this API will require sharing of application data, current user context etc. To address such requirements, Rollbase tokens can be used while making API calls. That is, Rollbase tokens are allowed as API parameter values and the same will be resolved before making an HTTP request.

Rollbase tokens used as is, such as ‘{!#SETTINGS.WeatherAppID}’, will be replaced in the client page script at the time of rendering the page. However, for sensitive data it is advised to delay such token evaluations to a later stage, i.e. server-side processing on API invocation. So on a client-side API call, the unresolved token is passed as is to the Rollbase server. On server-side, before making the actual HTTP call it is resolved and replaced in the constructed HTTP request. To force such a delayed token evaluation, code token strings as follows: ‘{!\u0021SETTINGS.WeatherAppID}’ .

Security

Rollbase will not store HTTP request and response messages made via this API and will simply setup an HTTP client, with the Rollbase server playing the role of an intermediary. However, to support troubleshooting, logging can be enabled on demand in development environments and HTTP call request/response messages can be traced in Customer Tenant logs. 

Use Rollbase to make RESTful Service Invocations

In conclusion, you can use this Rollbase client-side API to make RESTful service invocations. On API invocation, this will setup an HTTP client with the Rollbase server playing the role of an intermediary making an HTTP request and propagating service response messages back to the API client. The API client, on receiving a service response, can read the response status code & process response body content on the basis of the Content-Type header.

If you want to give Rollbase a try, you can sign up for a free trial today.

Mohammed Siraj

Mohammed Siraj Ahmed, a computer science engineering graduate, has around 10 years of working experience in the field of Information Technology. Presently, he is working as a Principal Engineer for Rollbase. He has significantly contributed towards its NewUI revision project targeting a more modern User Interface with responsive elements & an enhanced end-user experience.