Custom API

2 posts, 0 answers
  1. Josh
    Josh avatar
    50 posts
    Member since:
    Jul 2009

    Posted 08 Oct 2015 Link to this post

    My application would be a companion mobile application to a public website.  The subset of functions the mobile application (phone/tablet) would be a subset of what is possible in the main website.

     The platform looks very impression and the Data Connectors and Cloud Functions offer many possibilities to acheive custom functionality.  Basically all of my data will be exposed via SQL Data Connectors.  I see a possible issue with authentication as we will store our passwords using a custom algorithem which we will code for using our server.  

     Question 1:  Is it possible to call a custom WEB API service through cloud functions?  I see in the example with yahoo api being called.  If I want to isolate business logic no only at the data level through stored procedures but at the functional level through my own API calls.

     Question 2: Could I in theory accomplish any custom functionality through cloud functions into my own custom API?  For instance, authentication, I would like to call my own server .NET code to take a plaintext password and HASH it the way I intend.  Would the recommended way to do this be to have a CF call into my own exposed public API endpoint?

     Question 3: Is there a global place where I can store custom security app settings or config level variables within the platform?  Can I tell the Cloud Functions to auto append "this key" to each request to "this web service".  I can see this being a common practice in exposing mobile public functions form my enterprise environment and would like to know if there is a best practice in globalizing the calling of my own APIs from CF.

  2. Anton Dobrev
    Admin
    Anton Dobrev avatar
    539 posts

    Posted 09 Oct 2015 Link to this post

    Hello Josh,

    As to your questions.

    1.  Yes, you can make an external call via a cloud code logic as shown here.

    2.  You can parse a body or query string parameters sent to the cloud function. Then handle them as required. More information on query parameters is available here and an example how to handle the request body here. You can also consider calling your endpoint on this directly from the app.

    3.  In the context of a cloud function, you can have these variables/settings within the code logic. This seems like the simplest, yet applicable approach. However, this context will be available only for a given cloud function. I am making a note for this and we will consider the suggestion.

    In addition, I’d suggest that you explore the data and business logic validation rules you can apply from within the Backend Services API. For example, you may want to use the Cloud Code events for a type cancel the request for a user that cannot be verified with your API, or mark all data types as read-only.

    I hope that this helps. Let me know if you have further questions.


    Regards,
    Anton Dobrev
    Telerik
     
    Everlive is now Telerik Backend Services, and is part of the Telerik Platform.
     
Back to Top