Difference between revisions of "NATS API Best Practices"

Latest revision as of 22:27, 10 April 2019

About NATS 4
NATS4 Requirements
NATS4 vs NATS3 Advantages
IPSP Integration
NATS4 Changelog

For Affiliates
Affiliate Adtools
Automatic Campaigns
Affiliate Payment Information
Affiliate Defaults
Linkcodes
Affiliate Stats Dumps
ASP Query String
Deep Linking
Main Program Page
NATSCode

NATS 4.1 Affiliate Area
NATS 4.1 Affiliate Area
Affiliate Account Details
Affiliate Account Change Log
Affiliate Adtools
Affiliate Adtools Search
Affiliate Campaigns
Affiliate Dashboard
Dashboard Key Statistics
Dashboard Statistics Summary
Affiliate Display Settings
Affiliate Email and Notification Settings
Affiliate Linkcodes
Affiliate Linkcode Settings
Affiliate Login History
Affiliate Messages
Affiliate Payment History
Affiliate Referrals Report
Affiliate Referring URL Report
Affiliate Signup
Affiliate Skins and Languages
Affiliate Statistic Filters
Affiliate Statistic Views
Quick Links
Affiliate Bonus Rewards

NATS 4 Upgrade Changelog
Administration Changes
Admins
Admin Overview
Reports Admin
Payments Admin
News and Notifications Admin
Affiliates Admin
Members Admin
Sites Admin
Difference between NATS4 and NATS3 Postback URL
Programs Admin
Billers Admin
Adtools Admin
Upsells Admin
Includes Admin
Mailing Admin
Skins & Templates Admin
Configuration Admin
Cleanup and Maintenance Admin
Logs Admin
Affiliate Changes
Affiliate Dashboard
Affiliate Statistics
Affiliate Adtools
Affiliate My Account
Affiliate Support

NATS Setup
Post-Installation Steps
Apache Configuration
MySQL Settings
Creating Admin Accounts
Multiple Server Setup
Using Memcached for Caching
File Upload Setup
Link Domain
HTTPS Setup
NATS4 Files and Directories
NATS4 Go Live Checklist
NATS3 to NATS4 Going Live Checklist
Moving NATS4

Admin Overview
The Admin Overview

Reporting Admin
The Reporting Admin
track and strack
Fraud Reports

Report Breakdowns
The Profit and Loss Report
The Retention Report
The Subscription Report
The Transactions Report
The Detailed Trial Report
The Cascade Activity Report
The Fraud Report
The Account Rep Report
The Surfer Actions Report
The Affiliate Referral Tier Payouts Report
The Affiliate Referral Signup Payouts Report
The Additional Payout Report
The Graphical Affiliate Comparison Report
The Single Day Comparison Report
The Affiliate Liability Details Report

Payments Admin
The Payments Admin
Creating and Editing PayVia Options and Dump Formats
Pay Via Types
Check Functions
Payment Dump Entry Numbers
Bulk Invoice Import
Payment Dump Variables
Payment Periods
Payout Period Configuration
Manual Invoices

Payment Methods
Intercash
RevUpCard
ePayService
Payza

News and Notifications Admin
The News and Notifications Admin
Add News Item
Sending Messages

Affiliates Admin
The Affiliates Admin
ID Numbers
Account Representatives
Affiliate Referrals
Affiliate Activation
Affiliate Access Permissions
Affiliate Admin Settings
Affiliate Overrides
Creating Admin Accounts
In-House Accounts
Affiliate-Specific Join Options and Payouts
Add Manual Sale
Manual Invoices
Affiliate Groups
Affiliate Documents
Change Affiliate Status

Members Admin
The Members Admin
View Member Details
Add Member
MySQL Auth
Mod Authn DB
Multisite Access
Member Logging
Member Password Retrieval
OpenID Connect
Mod Auth OpenIDC
ID Numbers

Sites Admin
The Sites Admin
Sites
Site Setup
Site Templates
Tour Setup
Join Options
No Cost Registration
Special Pricing Options
Join Option Rules
Post URL Usage
Post URLs in NATS4
Approval/Upgrade/Denial Variables
Approval/Upgrade/Denial Template Variables
Mobile Tours
Token Sites
ID Numbers
Site Partner
Site User Management
Example Postbacks for Site User Management
Configure Redirects
Split A-B Testing
Username Checking
Form Validation
Post-Biller Templates
Send Information To Special Biller
Join Option Box vs Button
Qualified Join Page Hits
Allowed languages
Customize Join Form
Package Plus
Token Plus
Signup Plus
Type-In Traffic
Coupon Codes
Setting Rules
Site Groups
Options Simulator
ATVOD Verification Process

Programs Admin
The Programs Admin
Adding Programs
Payout Changes
NATS4 Affiliate Referrals
ID Numbers
NATS Program
Special Pricing Options
Setting Rules

Billers Admin
The Billers Admin
Biller
Biller Fees
Taxes
NATS Cascades
Add Cascade
Cascade Weight
Autocascade
Hidden Cascades
Geo-Targeting Cascades
Post-Biller Templates
HTTPS Gateways
Timed Cascade Rules
Upgrade Plus
Token Plus
Gateway One Step Join
Extra Biller Fields
Send Information To Special Biller
Setting Rules
Cross Sell Supported Billers
Upsell Supported Billers
Packageplus Supported Billers
Tokenplus Supported Billers

Biller Instructions
NATS4 Biller List
2000Charge
2000Charge Gateway
2KCHARGE
A1Payments
Aebill
Aconti
Allopass
AltoBilling
Argus
Authorize.net
Bill1st Gateway
BillAPay Gateway
Billing Revolution
Billing United
Bit-Pay
BoaCompra
Braintree Payments
C2Bill
CardFlex
CCBill
CCBill Flexform
CCBill Web900
CashSend
CashtoCode
Centili
Centrobill
Clearcard
Clearcard IDV
Click and Buy
CoinGate
CoinPayments
CommerceGate
CurePay
DHD
DHDGateway
DIMOCO
EGatePay
ElectraCash
eMerchantPay Gateway
eMPPay.com
Epoch
Escalion
EuroBill
EPGBill.com
Ezic, Inc.
Focal Payments
FXBilling
FXBilling Native
Gateway tokens
Gigadat
Global Access
GlobalCharge
Global DPS
GoCoin
Greta 11 (G11Bill)
GTBill
GTBill GATEWAY
GXBill
ICN Ltd.
Itelebill
Jettis International
Jettis International Gateway
LocalBilling
MobiusPay
MerlinBill
NETbilling
NETbilling Native
NetCash
NetMobile
Netpay International
NoCreditCard
OrbitalPay
Password By Phone
Pay4
Pay900
Payment Network
Paygarden
Paygea
PayPal
Paysite Cash
Payspace
Payspace Gateway
Plug'n Pay
Prime Orange
Probiller
PumaPay
Rocketfuel
RocketGate
RocketGate Native
RSBilling
RSBilling Native
SafeCharge
SafeCharge Native
Secure Billing Worldwide
Secure Billing Worldwide Gateway
Secure Trading
SecurionPay
SegPay
SegPay Gateway
SOFORTdauerauftrag
Sonic Bill
StandardBill
TrustCharge
Telecom
UKash
Vendo Services
Vendo
Verotel Pro
Voxtel
VXSBill
WebBilling
Wispay
WTS
WTSeu
Zombaio
Shopping Cart Sales
Switching From Epoch to Epoch EU

Third Party Admin
Third Parties
Supported Third Parties
AdultFriendFinder
AdultFriendFinderAPI
Cams.com
Datingfactory
DatingGold
EffexMedia
Fling
Flirt4Free
GameLink
MallCom
MyDirtyHobby
SexGoesMobile (SGM)
StreaMate
WebCamClub
WebCams
Wister
XloveCash
XOnDemand

Adtools Admin
The Adtools Admin
Duplicating Adtool Types
Add New Adtools
Add New Adtool Type
Bulk Import Adtools
Downloadable Content Adtool Type
Get Hosted Galleries
Adtool Templates
Content of the Day
Linkcodes and Tools Admin
Setting Rules

Default Adtool Types
Adtool Types
Image Banners
Geo Banners
Flash Banners
Free Hosted Galleries
Mailers
Feeds
Content
Fan Signs
Flash Videos
Embedded Videos
Hosted Videos
Page Peels
IM Popups
Footer Ads
Page Ads
Hosted Free Sites
Overlays

Upsells Admin
The Upsells Admin
Configuring Cross Sells
Configuring Upsells
Cross Sell Supported Billers
Upsell Supported Billers
Process Gateway Cross Sales Outside NATS
Cross Sells: A to Z
Upsells: A to Z
Upsell Plus
Setting Rules

Includes Admin
The Includes Admin
The Promotionals Admin
IntelliChat

Mailing Admin
The Mailing Admin
Create New Mailer
Email Configuration
The Mailing Queue
Mailer Template Variables
Mass Mailing Template Variables
Common Mailer Examples
Setting Rules

Skins and Templates Admin
The Skins and Templates Admin
Skins
Templates
Site Templates
Language Skins
Language Files
custom_errors.php
Join Page Variables
Skipping NATS Join Form
Post URL Variables
Member Usernames & Passwords
Form Validation
Username Recommendations
Password Retrieval
Post-Biller Templates
Geo-Target Join Options
Random Usernames and Passwords
Smarty
Smarty print array
Smarty Plugins
Available Smarty Functions
Affiliate Support Template
Adding a Verification Image
Custom Program and Campaign Selection Pages
Output An Affiliate's Last Paid Date
Affiliate Signup Email
Affiliate Join Page Linkcodes
Approval/Upgrade/Denial Variables
Approval/Upgrade/Denial Template Variables
CSS Theme Builder

Template Functions
nats_add_to_array
nats_adtool_replace_linkcode
nats_array_flip
nats_array_to_xml
nats_build_array_by_reference
nats_convert_bytes
nats_decode
nats_display_account_campaigns
nats_display_account_change_history
nats_display_account_notifications
nats_display_account_preview
nats_display_admin_links
nats_display_admin_message
nats_display_adtool_form
nats_display_adtool_types
nats_display_adtools
nats_display_adtools_type_limit
nats_display_choose_adtools_group
nats_display_code_info
nats_display_create_campaign
nats_display_edit_account_details
nats_display_edit_account_settings
nats_display_edit_defaults
nats_display_edit_password
nats_display_edit_payvia
nats_display_edit_payvia_info
nats_display_edit_skin
nats_display_gallery_builder
nats_display_graph
nats_display_hourly_sales
nats_display_latest_adtools
nats_display_map
nats_display_news
nats_display_page_peel
nats_display_payment_history
nats_display_payment_summary
nats_display_ratio
nats_display_reward_category
nats_display_reward_order
nats_display_reward_purchases
nats_display_signup_advanced
nats_display_signup_basic
nats_display_signup_payvia
nats_display_stats
nats_display_stats_calendar
nats_display_stats_form
nats_display_stats_referrals
nats_display_stats_retention
nats_display_stats_subscription_details
nats_display_stats_table
nats_display_timezones
nats_display_top_stats
nats_dump_data
nats_encode
nats_get_first_in_array
nats_get_payment_breakdown
nats_get_period_end
nats_get_reward_categories
nats_get_member
nats_list_adtool_groups
nats_list_affiliates
nats_list_billers
nats_list_campaigns
nats_list_linkcodes
nats_list_options
nats_get_option_details
nats_list_programs
nats_list_sites
nats_list_tool_categories
nats_list_tours
nats_list_xsells
nats_smarty_function_amount_owed
nats_smarty_function_getbonus
nats_smarty_rebuild_form
nats_smarty_rebuild_link
nats_smarty_rebuild_query
nats_tooltip
nats_track_link
nats_strack_link
tmm_admin_pagination
Template Shortcuts
add_to_array
adtool_replace_linkcode
affiliate_select_form
array_flip
array_to_xml
amount_owed
build_array_by_reference
convert_bytes
display_account_campaigns
display_account_change_history
display_account_notifications
display_account_preview
display_admin_links
display_adtool_form
display_adtool_types
display_adtools
display_adtools_type_limit
display_choose_adtools_group
display_code_info
display_create_campaign
display_gallery_builder
display_stats_referrals
display_edit_account_details
display_edit_account_settings
display_edit_defaults
display_edit_password
display_edit_payvia
display_edit_payvia_info
display_edit_skin
display_graph
display_hourly_sales
display_latest_adtools
display_map
display_news
display_page_peel
display_payment_history
display_payment_summary
display_ratio
display_reward_category
display_reward_order
display_reward_purchases
display_signup_advanced
display_signup_basic
display_signup_payvia
display_stats
display_stats_calendar
display_stats_table
display_stats_form
display_stats_retention
display_stats_subscription_details
display_top_stats
display_timezones
dump_data
get_first
get_period_end
get_reward_categories
list_billers
list_campaigns
list_linkcodes
list_options
list_programs
list_sites
list_tool_categories
list_tours
list_xsells
rebuild_form
rebuild_link
rebuild_query
reward_points
tooltip
Common Parameters
assign
assign_prefix
count
data_only
display_on_assign
start
tpl

NATS Configuration Admin
The Configuration Admin
Log Admin Activity
IP Address Filtering
MEMBER_EXPIRE_PAD
SKIP COUNTRIES
Fraud Configuration
Email Configuration
Affiliate Signup Email
Affiliate Postback
Affiliate Postback NEW
Affiliate Analytics
Throttling
NATS4 Terms of Service feature
GeoIP2

SOAP API
API
API Best Practices
WSDL Cache
Add Affiliate
Add Member Note
Admin Get Adtools
Adtool Categories
Adtool Types
Affiliate Get Campaigns
Bulk Import Adtools
Caching
Decode Natscode
Expire Manual Member
Get Affiliate Campaigns
Get Affiliate Hit Data
Get Affiliate Loginids
Get Affiliate Nats Codes
Get Affiliate Payout
Get Affiliate Program Campaign List
Get_Affiliate_Program_Campaign_List
Get Member Details
Get Member Instant Upgrade String
Get Member Package Upgrade String
Get Member Token Rebuy String
Get Member Upsell String
Get Payment Data
Get Payvia Rule
Get Profit Loss Report
Ping
Record Member Login
Search Affiliate Info
Search Member Info
Send Email API Function
Set Affiliate Admin Settings
Set Affiliate Customs
Set Affiliate Defaults
Set Affiliate Information
Set Affiliate Settings
Set Member Details
Set Payment Status
Set Payvia Rule

REST API
API Overview
API Best Practices
REST API PATH UPDATES
Adtools
GET /adtools/admin
GET /adtools/categories
GET /adtools/types
POST /adtools/importdump
Affiliate
GET /affiliate/campaigns
GET /affiliate/hitdata
GET /affiliate/payout
GET /affiliate/searchinfo
POST /affiliate/addaffiliate
POST /affiliate/invoice
PATCH /affiliate/setadminsettings
PATCH /affiliate/setcustoms
PATCH /affiliate/setdefaults
PATCH /affiliate/setinformation
PATCH /affiliate/setpayviainfo
PATCH /affiliate/setsettings
PATCH /affiliate/status
Member
GET /member/authstring
GET /member/details
GET /member/searchinfo
GET /suggestedcanceloffers
PATCH /member/setdetails
PATCH /member/setexpiration
POST /member/addnote
POST /member/recordlogin
PUT /member/expiremanual
PATCH /member/forget
Option
GET /option/options
GET /option/rule
PATCH /option/rule
PATCH/option/text
POST /option/rule
Payments
GET /payments/getpayments
GET /payviarule
PATCH /payments/setstatus
PATCH /payviarule
Report
GET /profitlossreport
Get /transactionpayouts
GET /report/transaction
Service
GET /service/decodenatscode
GET /service/ping
POST /service/sendemail

Misc. Admins
Database Cleanup
Support Admin
Logs Admin
Rules
Freeform Date
Rewards Admin

Troubleshooting
Common Errors
Email_Issues
Fix Graphs
Expired License
Zend License
Zip Files in Internet Explorer

NATS Extras
TMMid
Gallery Builder Module
CAPTCHA
Remote Affiliate Authentication
Build Your Own Anything Module
Shopping Cart Sales
Moving Tours, Members' Area, and Galleries
Admin Areas
Extended Sales
NATS Code Wordpress Plugin
Error_message_display
ATVOD Verification Process

Please note: This information is best represented on NATS versions higher than 4.1.16.1

This article lists out several best practices for using the NATS API. These practices are encouraged in order to prevent unwanted access to processes within NATS that would otherwise not be available unless logged in. We encourage you to use the REST API system rather than the SOAP API system, as the SOAP API in NATS is deprecated and included only for backward compatibility.

Restrict Access by IP Address

In order to use the NATS API, you will need to provide a list of IP addresses will be granted access to the NATS API. In the "Security" section of the Configuration Admin, this information is stored as a comma separated list of IP addresses set in the "ADMIN_API_ALLOWED_IPS" variable. We recommend that you grant access to only the IP addresses of those who will be actively using the NATS API itself.

In the "Security" section of the Configuration Admin, set the ADMIN_API_ALLOWED_IPS configuration to limit the IPs that are able to use the API.

API ON/OFF switch

In addition to allowing API access to IP addresses, you will need to enable the NATS API itself. In the the "Security" section of the Configuration Admin, turn on the API by checking the box for the "ENABLE_SOAP_API" or "ENABLE_REST_API" settings, depending on which system you plan to use. This configuration is disabled by default, and is available to provide a way for you to quickly turn off both the NATS API to all users should the need arise. We recommend enabling only the API systems you plan to use.

In the "Security" section of the Configuration Admin, check the ENABLE_SOAP_API or ENABLE_REST_API settings depending on your use.

API Users per System or Server

We recommend creating separate API accounts for separate uses or servers. This makes it so access to the API systems are limited should that account be compromised. An example of this type of set up would be creating an account for API use in your members area, and creating a separate account for API use on an external Adtool system. If you have members areas on separate servers, it would be best to create a separate account for each server as well.

We recommend having separate accounts for specific API purposes.

API Permissions

For each account able to access the API system, we provide the ability to restrict the resources or functions available to them. The permissions system allows you to make available only those systems that an account needs to use. We encourage you to only make available the functions or resources that are necessary to the account itself. For example, if an account is to be used for membership authentication, set the account's API permissions to only allow them access to the member search function.

SOAP API Permissions

By default, an account has access to all available SOAP API functions, and you have the ability to disable any functions that are not necessary for the account. Use the check boxes next to each of the functions to select which you wish to make either Enabled or Disabled. Once selected, use the "Disable APIs -->" and "<-- Enable APIs" buttons to move the selected functions from one column to the other. You can also use the "Auto Check:" links to quickly check "All" or "None" of the functions, or "Invert" your selection before Enabling or Disabling functions.

SOAP API permissions allow you to set available functions per account.

REST API Permissions

By Default, an account does not have access to any of the available REST API resources. Use the check boxes in the "Enabled" column to select which of the collection, method, and resource combinations you would like to Enable for the account. Save the configuration by clicking "Save REST API Permissions" at the bottom of the page. Collections, Methods, or Resources set with ANY allow the account access to any of the specific option in the combination. For example, Collection/Method/Resource with each option set to ANY allows the account access to all REST API functions, whereas the Collection of "Adtool" and Method/Resource set to ANY will give the account access to all functions available only in the "Adtool" collection.

REST API permissions allow you to set available collections/resources/methods per account.

Examples of API Settings

Membership Authentication API Account

This is an example configuration for an account to be used for membership authentication through a restricted members area. The image on the left shows the SOAP API permissions for this account with access to only the following functions: get_member_details, record_member_login, and set_member_details. The image on the right shows the account set to the equivalent resources. In this example, this account would be used to authenticate, to record the login to NATS, and to allow the update of member information.

Members Area Across Multiple Servers

If you have members areas across multiple servers, we recommend utilizing a separate API account for each server as shown in this example.

@@ Line 1: / Line 1: @@
 {{NATS4 Manual
-| show_members_admin_section = true
+| show_api_admin_section = true
 }}
-<pre style="color: red;font-weight: bold;">Please note: This information is best represented on NATS versions higher thatn 4.1.16.1</pre>
+<pre style="color: red;font-weight: bold;">Please note: This information is best represented on NATS versions higher than 4.1.16.1</pre>
-The following lists out several best practices for using the NATS API.  These practices are encouraged in order to prevent unwanted access to processes within NATS that would otherwise not be available unless logged in.  We encourage you to use the REST API system rather than the SOAP API system as we are deprecating the SOAP API system in NATS.
+This article lists out several best practices for using the NATS API.  These practices are encouraged in order to prevent unwanted access to processes within NATS that would otherwise not be available unless logged in.  We encourage you to use the REST API system rather than the SOAP API system, as the SOAP API in NATS is deprecated and included only for backward compatibility.
 == Restrict Access by IP Address ==
-In the configuration admin under the "Security" section, you are able to make use of the API you will need to provide a list of IP addresses who will have access to the NATS API.  This information is set as a comma separated list of IP addresses set in the "ADMIN_API_ALLOWED_IPS" variable.  We recommend that you put the IP addresses of only those who will be actively using the API itself.
+In order to use the NATS API, you will need to provide a list of IP addresses will be granted access to the NATS API.  In the "Security" section of the [[NATS4 Configuration Admin|Configuration Admin]], this information is stored as a comma separated list of IP addresses set in the "ADMIN_API_ALLOWED_IPS" variable.  We recommend that you grant access to only the IP addresses of those who will be actively using the NATS API itself.
@@ Line 16: / Line 16: @@
 == API ON/OFF switch ==
-In addition to allowing only certain IP addresses you will need to turn the API itself on.  In the configuration under the "Security" section, turn on the API by checking the box for "ENABLE_SOAP_API" or "ENABLE_REST_API" depending on which system you are planning on using.  This configuration is turned off by default and allows you to quickly turn off both the SOAP and REST API to all users should the need arise.  We recommend having only the API system you plan to use be enabled.
+In addition to allowing API access to IP addresses, you will need to enable the NATS API itself.  In the the "Security" section of the Configuration Admin, turn on the API by checking the box for the "ENABLE_SOAP_API" or "ENABLE_REST_API" settings, depending on which system you plan to use.  This configuration is disabled by default, and is available to provide a way for you to quickly turn off both the NATS API to all users should the need arise.  We recommend enabling only the API systems you plan to use.
-[[Image:API_PERM_WIKI_SCREEN_04.png|frame|300px|center||||'''In the "Security" section of the Configuration Admin, set the ADMIN_API_ALLOWED_IPS configuration to limit the IPs that are able to use the API.''']]
+[[Image:API_PERM_WIKI_SCREEN_04.png|frame|300px|center||||'''In the "Security" section of the Configuration Admin, check the ENABLE_SOAP_API or ENABLE_REST_API settings depending on your use.''']]
 == API Users per System or Server ==
-We recommend having separate API Accounts for separate uses or servers.  This makes it so access to the API systems are limited should that account be compromised.  Examples of this type of set up would be having one account to be used within your members area, while another account be used on an external Adtool system.  If you have members areas on separate servers it would be best to have an account per server as well.
+We recommend creating separate API accounts for separate uses or servers.  This makes it so access to the API systems are limited should that account be compromised.  An example of this type of set up would be creating an account for API use in your members area, and creating a separate account for API use on an external Adtool system.  If you have members areas on separate servers, it would be best to create a separate account for each server as well.
 [[Image:API_PERM_WIKI_SCREEN_02.png|frame|300px|center||||'''We recommend having separate accounts for specific API purposes.''']]
 == API Permissions ==
-For each account able to access the API system, we provide the ability to restrict the resources or functions available to them.  The permissions system allows you to only make available those systems that the account would use.  We encourage you to only make available those functions or resources that are necessary to the account itself.  If the account is used for Membership authentication, only allow them access to the member search function.
+For each account able to access the API system, we provide the ability to restrict the resources or functions available to them.  The permissions system allows you to make available only those systems that an account needs to use.  We encourage you to only make available the functions or resources that are necessary to the account itself.  For example, if an account is to be used for membership authentication, set the account's API permissions to only allow them access to the member search function.
 === SOAP API Permissions ===
-By default, an account has access to all SOAP API functions available and you are able to disable all those options that are not necessary for that account. Use the check boxes next to each of the functions to select which you wish to make either Enabled or Disabled.  Once selected, use the "Disable APIs -->" and "<-- Enable APIs" to move the function from one column to another. You can also use the "Auto Check:" links to quickly check "All", "None", or "Invert" your selection before switching functions to be Enabled/Disabled.
+By default, an account has access to all available SOAP API functions, and you have the ability to disable any functions that are not necessary for the account. Use the check boxes next to each of the functions to select which you wish to make either Enabled or Disabled.  Once selected, use the "Disable APIs -->" and "<-- Enable APIs" buttons to move the selected functions from one column to the other. You can also use the "Auto Check:" links to quickly check "All" or "None" of the functions, or "Invert" your selection before Enabling or Disabling functions.
@@ Line 36: / Line 36: @@
 === REST API Permissions ===
-By Default, an account does not have any access to the available REST API resources available.  Use the check boxes in the "Enabled" column to set which of these of the collection, method, and resource combinations is enabled for this Account.  Save the configuration by clicking "Save REST API Permissions" at the bottom of the page.  Collections, Methods, or Resources set with "Any" allow the Account access to any of the specific option in the combination.  For example, Collection/Method/Resource with each option set to "Any" allows the Account access to all REST API functions where as the Collection of "Adtool" and Method/Resource set to "Any" will give the Account access to all functions available only in the "Adtool" collection.
+By Default, an account does not have access to any of the available REST API resources.  Use the check boxes in the "Enabled" column to select which of the collection, method, and resource combinations you would like to Enable for the account.  Save the configuration by clicking "Save REST API Permissions" at the bottom of the page.  Collections, Methods, or Resources set with '''ANY''' allow the account access to any of the specific option in the combination.  For example, Collection/Method/Resource with each option set to '''ANY''' allows the account access to all REST API functions, whereas the Collection of "Adtool" and Method/Resource set to '''ANY''' will give the account access to all functions available only in the "Adtool" collection.
-[[Image:API_PERM_WIKI_SCREEN_05.png|frame|300px|center||||'''SOAP API permissions allow you to set available functions per account.''']]
+[[Image:API_PERM_WIKI_SCREEN_05.png|frame|300px|center||||'''REST API permissions allow you to set available collections/resources/methods per account.''']]
@@ Line 46: / Line 46: @@
 === Membership Authentication API Account ===
-This example shows the settings that would be set for an account that would be used as a form of membership authentication through a restricted members area. The image on the Left shows the SOAP API permissions for this account only have access to the functions: get_member_details, record_member_login, and set_member_details. The image on the right shows the account set to the equivilant resources.  In this example, this account would be used to authenticate, to record the login to NATS, and to allow the update of member information.
+This is an example configuration for an account to be used for membership authentication through a restricted members area. The image on the left shows the SOAP API permissions for this account with access to only the following functions: get_member_details, record_member_login, and set_member_details. The image on the right shows the account set to the equivalent resources.  In this example, this account would be used to authenticate, to record the login to NATS, and to allow the update of member information.
-[[Image:API_PERM_WIKI_SCREEN_06.png|800px||||||'''SOAP API permissions allow you to set available functions per account.''']]
+[[Image:API_PERM_WIKI_SCREEN_06.png|800px|||||'''SOAP API Member Authentication Account Example''']]
-[[Image:API_PERM_WIKI_SCREEN_07.png|800px||||||'''SOAP API permissions allow you to set available functions per account.''']]
+[[Image:API_PERM_WIKI_SCREEN_07.png|800px|||||'''REST API Member Authentication Account Example''']]
-=== Members area across multiple Servers ===
+=== Members Area Across Multiple Servers ===
-If you have members areas across multiple servers we recommend utilizeing an account per server as shown in this example.
+If you have members areas across multiple servers, we recommend utilizing a separate API account for each server as shown in this example.
 [[Image:API_PERM_WIKI_SCREEN_08.png]]

Difference between revisions of "NATS API Best Practices"

Latest revision as of 22:27, 10 April 2019

Contents

Restrict Access by IP Address

API ON/OFF switch

API Users per System or Server

API Permissions

SOAP API Permissions

REST API Permissions

Examples of API Settings

Membership Authentication API Account

Members Area Across Multiple Servers

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Products

Tools

Search