The API functionality allows external applications to connect to Asset Bank and achieve things including performing searches, retrieving assets, adding assets, adding metadata, etc.
The API (Application Programming Interface) allows external applications to connect to Asset Bank to search and retrieve assets.
We are happy to provide help to your developers in their use of the API, we charge for this on a Time & Materials basis.
The URL of your REST API will be the URL of your Asset Bank (including the webapp name) plus /rest, for example: http://yourassetbank/asset-bank/rest
API requests should be authenticated using an OAuth 2.0 token.
From the Admin > System > REST API Settings page:
- Enable the Rest API: Yes
- Allowed IP addresses: <blank for OAuth 2.0 access only>
For more information on accessing Asset Bank through OAuth 2.0, see our OAuth 2.0 Workflow article.
Versions prior to 3.1755
The previous authentication technique for older instances of Asset Bank is to restrict access by IP address (to only allow connections from certain clients).
When using IP restriction, we recommend that you only allow access the API from servers, and not as web-browsing clients, to avoid the risk of CSRF attacks.
The ApplicationSettings.properties settings needed to enable the API are:
api-restrict-by-ip=[true or false]
api-allowed-ip-addresses=[comma separated list of ip addresses]
Direct Link Cache
The 'direct link cache' enables clients (which can be browsers) to call a URL that converts and returns an image based on request parameters. This can be used to display images resized to particular requirements. See Direct Link Cache