APIs Admin API

Questions and Answers

What architecture does the Optimizely Configured Commerce Admin Console employ for improved performance?

• Modularized architecture (correct)
• Layered architecture
• Monolithic architecture
• Microservices architecture

Which method is used to generate OData controllers in Configured Commerce?

• OData Web API
• Data Access Layer
• Code-First migration
• Entity Framework Code First (correct)

Which property setting archives a product entity in Configured Commerce?

• Removing the product from the catalog
• Deactivating the entity
• Setting the DateTime deactivate property (correct)
• Changing the archive property to True

How is the Admin API for retrieving archived entities accessed?

By appending &archiveFilter=1 to the endpoint (B)

Which third-party tool can be used to build and consume APIs effectively?

Postman (C)

What is true about the archiving of entities in Configured Commerce?

Deleting an entity directly archives it (D)

Where are the querying, updating, and deleting operations located in Configured Commerce?

In the Controllers/Odata folder (A)

What attribute is used in the Admin API for authentication when consuming Storefront REST APIs?

Basic Auth (C)

What is the purpose of the refresh token in the authorization process?

To obtain a new bearer token without username and password (C)

What happens when an API call is made with an expired bearer token?

The call receives a 401 Unauthorized response (A)

Which of the following keys should be included in the body when requesting a new bearer token?

grant_type (A)

What is the scope needed to access the Admin API?

isc_admin_api offline_access (C)

Where is the refresh token stored after it is received?

In local storage (B)

What should be done to consume the Admin REST API?

Create a POST request with the correct URL (B)

Which HTTP verb is used to create a new object in the Admin API?

POST (C)

What is the difference in credential requirements between the Admin API and regular user access?

Admin API requires different scope and user credentials (B)

Which type of authentication is used for the Admin API?

Basic Authentication (C)

What is the URL prefix for accessing Admin API endpoints?

/api/v1/admin/ (A)

What operation is performed by the HTTP verb PATCH in the Admin API?

Updates properties on an existing object by Unique Id (D)

Which of the following operations will retrieve a single object using its Unique Id?

GET entity({id}) (D)

What is the purpose of the GET entity/Default.Default() operation?

Returns a new instance of that object with all of the default values (A)

Which HTTP verb is NOT used for object retrieval in the Admin API?

POST (D)

Which API endpoint retrieves the value of a single custom property on an object?

GET entity({key})/customproperties({custompropertyKey}) (A)

What happens when the DELETE entity({id}) operation is performed?

An object is deleted by its Unique Id (A)

What is the maximum number of results that can be returned in a single Admin API request?

100 (A)

Which syntax is used to retrieve a single product via the Admin API?

/api/v1/admin/products(f88d5c07-eb72-42eb-ab36-a5d201168a49) (D)

How can a child collection be retrieved using the Admin API?

Using the expand parameter or the name of the child entity after the slash (C)

What format is used to update an entity's 'isActive' property in the Admin API?

JSON format (A)

Which library replaced the Insite.Model library in Configured Commerce?

Insite.Data.Entities (C)

What is a key characteristic of the entities in the Insite.Data.Entities library?

They are simple objects without business logic. (D)

What token must be included in the request header to perform updates using the Admin API?

Authentication bearer token (B)

What does the OData.NextLink typically contain when retrieving results?

The name of the API endpoint plus query string with skip=100. (B)

Flashcards

Admin API

An API used to manage data in Configured Commerce, accessed via RESTful endpoints.

RESTful APIs

APIs that use HTTP methods (e.g., GET, POST, PUT, DELETE) to access and manipulate data.

Entity Framework Code First

A framework that automatically creates database tables from classes (entities).

OData

A protocol for querying data by adding query parameters to URLs

OData controllers

Controllers that handle calls using OData's query string formatting.

T4 template

A template used to generate code (like controllers).

Archiving

Marking data as inactive but not deleting it.

Archived Filter

A parameter used for retrieving archived entities.

Bearer Token

A token used for authentication with the admin API.

Refresh Token

A token allowing for new bearer tokens without login credentials.

Postman

A tool used for managing, testing, and developing APIs.

Curl

A command-line tool to make HTTP requests.

Fiddler

A tool to inspect and manage HTTP requests.

Authentication scope

Specific access rights granted via the token (e.g., access to the admin API).

Basic Auth

Authentication method using username and password.

Patch endpoint

Endpoint to update existing resources.

Max Results

Maximum entities returned in one request on Admin API.

OData.NextLink

Provides the link to the next page of results.

Child Collection

Nested data associated with an object.

Expand parameter

OData parameter to include related data.

UnitOfWork

Pattern for grouping database operations.

Custom Properties

Added properties to entities.

Data Provider

Manages data access for database operations.

Study Notes

Configured Commerce Admin API Overview

• The Optimizely Configured Commerce Admin Console has a modularized software architecture for performance, upgrades, and integration.
• Each module communicates using RESTful APIs enabling third-party applications to interact with administration data.
• You can view and test endpoints using the OpenAPI Specification (aka Swagger) at [YOUR_WEBSITE_URL]/swagger.

Admin API Architecture Details

• Entity Framework Code First version 6 autogenerates OData controllers for Configured Commerce.
• A custom-built OData T4 template generates these controllers based on available entities.
• The ODataControllers.tt T4 template is maintained in the Insite.Admin library.
• Configured Commerce supports one level deep of any child navigation property.
• Entities can have properties marked as archivable with an active or deactivated state.
• Deleting items archives the entity.
• Archiving is used generically across entities.
• To retrieve archived entities, use the archivedFilter=1 OData query.
• For example, to retrieve archived customers: /api/v1/admin/customers?&archiveFilter=1.

Consuming the Admin API

• Postman simplifies API development and helps manage the API lifecycle.
• You can use tools like Curl or Fiddler to consume the Admin API.
• To consume storefront REST APIs, create a POST request at: [http or https]://[YOUR_WEBS-TE_URL]/identity/connect/token.
• Use Basic Auth with username 'isc' and password '009AC476-B28E-4E33-8BAE-B5F103A142BC'.
• In the Body, select x-www-form-urlencoded.
• Fill in the required information:
  • grant_type: password
  • username: [web user name (e.g., basicuser)]
  • password: [web user password (e.g., Password1)]
  • scope: iscapi offline_access

Admin API Authentication

• The Admin API uses different scope and user credentials compared to the website access.
• The offline_access scope returns a refresh token along with the bearer token.
• The bearer token expires after 15 minutes (900 seconds).
• The refresh token allows you to get a new bearer token without specifying the username and password.
• The refresh token is stored in local storage and used only when requesting a new bearer token.
• To consume Admin REST API, create a POST request at: [http or https]://[YOUR_WEBSITE_URL]/identity/connect/token.
• Use Basic Auth with username 'isc_admin' and password 'F684FC94-B3BE-4BC7-B924-636561177C8F'.
• In the Body, select x-www-form-urlencoded.
• Fill in the required information:
  • grant_type: password
  • username: admin_[console user name] (e.g., admin)
  • password: [console user password (e.g., Password1)]
  • scope: isc_admin_api offline_access

Admin API Response Handling

• If the bearer token is expired, any call to the Admin API will receive a 401 Unauthorized response.
• You can apply OData query string parameters to refine requests using OData standards.
• Configured Commerce returns a maximum of 100 results per request.
• OData.NextLink provides the next set of results.

Admin API and OData

• Configured Commerce uses OData syntax for the Admin API, unlike the Storefront API.
• For example, to retrieve a single product:
  • Storefront API: /api/v1/products/f88d5c07-eb72-42eb-ab36-a5d201168a49
  • Admin API: /api/v1/admin/products(f88d5c07-eb72-42eb-ab36-a5d201168a49)

Child Collection Retrieval

• Configured Commerce supports one level deep of child collections using OData.
• You can retrieve child collections using two methods:
  • Using the expand parameter in the query string (e.g. /api/v1/websites(d24h5c07-eb72-42eb-ab36-a5d201168jh5)?$expand=countries)
  • Using the child entity name after the slash (e.g. /api/v1/websites(d24h5c07-eb72-42eb-ab36-a5d201168jh5)/countries)

Updating Entities

• All entities in Configured Commerce have a Patch endpoint for the Admin API.
• To update an entity, include the new property and value in the JSON body and the authentication bearer token in the request header.

Entities and Data Provider

• The Insite.Data.Entities library contains the model objects without business logic.
• Configured Commerce uses the UnitOfWork pattern and a data provider implementation for Entity Framework.
• You can use repositories from Unit of work to retrieve an IQueryable object.
• All entities have an OData RESTful service.
• The T4 template generates the classes and enables extensibility through partial classes.

Swagger

• Use Swagger to view and interact with the Storefront and Admin API endpoints.
• You can access the endpoints in the left navigation (Storefront API V1, Storefront API V2, or Admin API V1).

Admin API Endpoints

• Url Prefix: /api/v1/admin/
• The table below summarizes the generic endpoint definitions. | HTTP Verb | URL | Description | |-------------|-----------------------------|-------------------------------------------------------------------------------------------------------------------| | GET | entity | Retrieves all the objects | | POST | entity | Creates a new object. Use entity/Default.Default() to get an instance with default values. | | GET | entity({id}) | Retrieves the object by the specified ID. | | PUT | entity({id}) | Update or create an object by the specified ID. | | DELETE | entity({id}) | Deletes an object by the specified ID. | | PATCH | entity({id}) | Updates properties on an existing object by the specified ID. | | GET | entity({key})/child({childKey}) | Retrieves a single child by its ID relative to the parent object. | | GET | entity({key})/customproperties({custompropertyKey}) | Retrieves the value of a single custom property on an object. |

Description

Explore the modular architecture and RESTful APIs of the Optimizely Configured Commerce Admin Console. This quiz covers various aspects including OData controllers and archivable entities, offering insights into effective third-party application integration.