Skip to main content
Version: Develop

Accessing the a9s Public API

This pages describes how to access the a9s Public API endpoints.

Authentication

To correctly authorize the request when accessing using cURL, the user must first get the token from Cloud Foundry:

bearer_token=$(cf oauth-token | grep bearer)

Then, get the a9s Service Dashboard URL using cf service:

$ cf service <service_name>

This should give you an output like:

Showing info of service my-service in org example / space example as admin...

name:            my-service
service:         a9s-keyvalue
[...]
dashboard:       https://a9s-keyvalue-dashboard.example.com/service-instances/db8d8ad3-3d72-4f5a-b84a-47aa9df70a7d

Showing status of last operation from service my-service...

status:    create succeeded
[...]
Path Differences between a9s Service Dashboard URL and API V1

When using API V1 the path has to be modified in order for the cURL command to work. This is done by replacing the current base path /service-instances with the base path /v1/instances; while the scheme, host, and Service Instance id remain the same.

For API V1, the URL ends up looking like this:

url="https://a9s-keyvalue-dashboard.example.com/v1/instances/db8d8ad3-3d72-4f5a-b84a-47aa9df70a7d"

Authorization

The user must execute the following command with the given Cloud Foundry token and a9s Service Dashboard URL, and then it creates the cookie authorized to be used in future API requests.

curl --cookie session.cookie --cookie-jar session.cookie \
  --location --insecure --header "Authorization: ${bearer_token}" "${url}"
  • Remember to use --location, since the a9s SSO Proxy redirects to the real endpoint.
  • Use --insecure only, if running the Service Instance with self generated certificates.
  • Use --cookie-jar to store the authorized cookie in a file to be used in future API requests.

The authentication is handled by Cloud Foundry, so when you have a valid token, you are authenticated. With this token, the a9s SSO Proxy checks if you are authorized to access the a9s Service Dashboard for the given instance.

Once the user is authorized, this information is stored in the session, which is then stored in the cookie. After this, the requests can be redirected to the a9s Public API and the user can access all the provided endpoints as described below.

info

This authorization step must be done before the API request when the user is not authorized yet.

Headers

The following HTTP Headers are defined for the operations on this API:

HeaderTypeDescription
Authorization*stringA token that is authorized to access the a9s Public API for the given Service Instance.

* Headers with an asterisk are required.