Create package anonymous webservice created using guide from academy
Hi,
Is there a way to package an anonymus webservice created using the guide from the academy?
https://academy.bpmonline.com/documents/technic-sdk/7-13/creating-anony…
I need to have a public endpoint to integrate with a texting app that notifies of messages realtime, but the endpoint cant have authentication. Is there any other way to expose a public endpoint?
Regards,
Luciano
Like
Hello Luciano,
Basically, to implement the anonymous webservice you should simply follow the instructions from the article that you sent. Anonymous webservice concept means that authentication is not a required step to interact with this service.
Also, if you use onsite version of bpm'online, don`t forget to register the service (there is an explanation how to do it in the article).
In case your site is located in cloud you should email support@bpmonline.com so the support team will help you with registration.
Best regards,
Alex
Alex_Tim,
Thank you for the answer, so the the package only contains the webservice class, the svc creation and .config changes are done by support, right?
Edit:
Additionally if also want to package this to make it available on the store, how would it work? do every customer that's bpm hosted needs to email support to get the webservice registered?
Regards,
Luciano
Luciano De Munno,
Hello, yes, you can create the webservice class in any package that you want.
Svc creation and changes in config should be done by support team.
You can upload the package to the marketplace, but since changes should also be made in .config and svc files every customer will need to email support to register the webservice.
Best regards,
Alex
Alex_Tim,
Hi, do you know fi it's possible to use POST o r PUT instead of GET? whenever i put
WebInvoke(Method = "POST") i keep getting 403
Luciano De Munno,
Hello! Error 403 means that there is no header with a CSRF token. To make a request using ARC, you need to add a header with a valid csrf token for the current session. You can get it, for example, by taking any post request from the network chrome tab. It is also better to put a header with cookies.
Read more about CSRF in the article:https://academy.bpmonline.com/documents/technic-sdk/7-13/protection-csrf-attacks-during-integration-bpmonline