What is the Core API?
The Resolver Core API is a set of web services that allow you to control Core from a third-party application. The API is the only method through which the application’s UI communicates with Core’s services.
What does the API offer?
The API offers a complete set of functionalities for the application. Everything that can be done through the Core user interface can be achieved (with varying amounts of difficulty) through the API, which is accessed through Swagger, a web-based API browser.
Swagger provides a complete list of all the Core APIs along with some details of the expected usage and response payloads, allowing you to test out the API calls without having to use a browser or another tool. Our Swagger documentation is still a work in progress, but it continues to improve with every release.
What technology does the API use?
The Core API is a RESTful web service that leverages JSON for both request and response payloads. Some URLs include inline parameters or query parameters, while some URLs take POST payloads to execute. The HTTP verbs GET, PUT, POST, and DELETE are used throughout the API where appropriate.
Is the API available to all customers?
Do I need a special license to use the API?
Are there any limitations or restrictions when using the API?
If you can perform the action through the UI, that same action can be performed via the API. However, some actions may involve numerous API calls or complex payloads and may require assistance from Resolver Support.
How do the API security and authentication processes work?
Every request to the API requires that a JWT token is provided in the Authorization header of the request. Additionally, every call made to the server requires a valid token, which is passed to the server as a header parameter. The header parameter is “Authorization” and the content is “Bearer XXXXXXXX” (the “XXXXXXXX” being the token from the Authenticate response).
To get a token, the POST https://services.core-ca.resolver.com/user/authenticate endpoint is selected and the payload is provided (email: "firstname.lastname@example.org", password: "password"). The endpoint will then respond with a payload and a token that can be used for subsequent calls. This token is typically valid for 15 minutes.
A new token can be issued by selecting the GET https://services.core-ca.resolver.com/user/authenticate endpoint and entering the existing token in the Authorization header (as with other requests). Doing so will provide a payload with a new token, which is valid for an additional 15 minutes. If no token renewal is performed after 15 minutes, a new token must be requested via the POST endpoint using the email address and password.