API Documentation

Qalcwise API version: 2.1.0.x

The following documentation demonstrate usage of the most common functionality of Qalcwise API. All the examples assume the API base address BASE_URL is subdomain.qalcwise.com, where "subdomain" is your company subdomain name.

Table of contents:

1. Basics
2. data types
3. basic response
4. basic request
5. Authentication
6. obtaining a token
7. create a token
8. Record
9. get all records
10. search for records
11. get single record
12. get multiple records with given keys
13. add new records
14. update records
15. update or insert records
16. delete all records
17. delete single record
18. delete multiple records with given keys
19. Application
20. get application instance
21. search for application instance
22. create application instance
23. execute action in application instance
24. Attachment
25. get the list of attachments in application instance
26. download an attachment, with given id
27. download an attachment, with given name
28. delete an attachment, with given id
29. add an attachment to application instance

1. Date is passed like:
     value : "2012-04-23"

   DateTime is passed like:
     value : "2014-05-19T18:25:43.511"

   DateTimeUTC is passed like:
     value : "2012-04-23T18:15:43.511Z"

   Boolean values are passed like:
     value : true
     value : false

   Numbers are passed like:
     value : 22
     value : 3.141592

   Strings are passed like:
     value : "some text"

If the response is different than GET and error is not a default(for example when resource is not found, or the Token is not provided) API error the json is returned. It always contains:

{
  IsSuccess: Boolean,
  ErrorMessage: String
}

If the request was successful the "IsSuccess" is set TRUE.

If there are errors the "IsSuccess" is set FALSE, additionally there may be a custom message in "ErrorMessage" field.

1. Each API request has to have "Authorization" header with value Token and "Content-Type" header with value "application-json".

   Content-Type: application/json
   Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yM[...] 

    

IMPORTANT! Each Request to API has to meet the Basic Request requirement.

Endpoint responsible for authenticating provided credentials.

POST /api/token 

The user has to POST x-www-form-urlencoded user credentials together with "grant_type" (for now only "password" grant type is supported):

username: user_identifier
password: password
grant_type: password

Together with header:
"Content-Type":"application/x-www-form-urlencoded"

If the authentication request returns an error "401 - Unauthorized", it most likely means that the user is not in group API and is not authorized to use API (User can be added to group API by editing a system datatable SYSUSERINGROUP).

When User is authenticated successfully the endpoint returns the json containing "access_token", together with "token_type", who requested it and expiration information.

{
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTM4NCJ9.eyJlbWFpbCI6ImFkbWluQHRlc3QucGwiLCJ1bmlxdWVfbmFtZSI6IkFkbWluaXN0cmF0b3IiLCJodHRwOi8vcWFsY3dpc2UvY2xhaW1zL2RiaWQiOiIxLUxpc3QtU1lTVVNFUi1BRE1JTkBURVNULlBMIiwicm9sZSI6WyIqT3duZXIiLCJBRE1JTklTVFJBVE9SUyIsIkFMTCIsIkRFU0lHTkVSUyIsIlVTRUxPQ0FMQVBQUyQiLCJBUEkiXSwiaXNzIjoiUWFsY3dpc2UiLCJhdWQiOiIqIiwiZXhwIjoxNDk5OTg0OTQzLCJuYmYiOjE0OTk5NDE3NDN9.u0PeBG5nDHnhVooXSQ_X_Rgq5riV4ybETs_7db6L8YcDLG3IMw6zprD--gQ7FqRC",
  "token_type": "bearer",
  "expires_in": 43199
}

"access_token" and "token_type" are the most important. They are used to create the Token value that should be stored by the Client using the API.

Concatenate values "token_type" with "access_token" from /api/token JSON response.

IMPORTANT!: The "token_type" with "access_token" have to be space( " " ) separated.

Example token:
"bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTM4NCJ9.eyJlbWFpbCI6ImFkbWluQHRlc3QucGwiLCJ1bmlxdWVfbmFtZSI6IkFkbWluaXN0cmF0b3IiLCJodHRwOi8vcWFsY3dpc2UvY2xhaW1zL2RiaWQiOiIxLUxpc3QtU1lTVVNFUi1BRE1JTkBURVNULlBMIiwicm9sZSI6WyIqT3duZXIiLCJBRE1JTklTVFJBVE9SUyIsIkFMTCIsIkRFU0lHTkVSUyIsIlVTRUxPQ0FMQVBQUyQiLCJBUEkiXSwiaXNzIjoiUWFsY3dpc2UiLCJhdWQiOiIqIiwiZXhwIjoxNDk5OTg0OTQzLCJuYmYiOjE0OTk5NDE3NDN9.u0PeBG5nDHnhVooXSQ_X_Rgq5riV4ybETs_7db6L8YcDLG3IMw6zprD--gQ7FqRC"

Token is the way that the user is authenticated and authorized on the server side. Each API Request which requires authentication has to have it as "Authorization" header.

Contains all the basic CRUD functionality for records in definitions.

name - Name of the Definition we want to get records from

recordID - Unique ID of a record(can be a single value or composite).

Get all records of given definition, offset and limit can be specified.

GET /api/record/{name}?offset=0&limit=0

parameters:

• offset - how many records should be skipped

  optional: true

  type: integer >= 0

• limit - limits number of returned records

  optional: true

  type: integer >=0

json returned:

[
    {
        "_id": "1-List-SYSUSER-JOHN.DOE@GO.COM",
        "IDENTIFIER": "JOHN.DOE@GO.COM",
        "EMAIL": "JOHN.DOE@GO.COM",
        "NAME": "JOHN DOE",
        "ISACTIVE": true,
    },
    {
        "_id": "1-List-SYSUSER-TESTUSERID",
        "IDENTIFIER": "TESTUSERID",
        "EMAIL": "test@go.com",
        "NAME": "Test User"
        "ISACTIVE": true,
    }
]

Explanation:

This Method is responsible for getting rows(records) from the given definition, either List or a Table. If no limit and no offset are specified the Response should contain all the rows stored within that definition.

Offset parameter specifies how many initial records should be skipped.

Limit parameter limits number of returned rows to given value.

Both Parameters are optional and should have values bigger or equal 0.

Example:

GET /api/record/USER-LIST?offset=5&limit=10 - skipps first 5 records and gets next 10 from USER-LIST

Get single record by id.

GET api/record/{name}/{recordID}

json returned: 

{
   "_id": "1-List-SYSUSER-JOHN.DOE@GO.COM",
   "IDENTIFIER": "JOHN.DOE@GO.COM",
   "EMAIL": "JOHN.DOE@GO.COM",
   "NAME": "JOHN DOE",
   "ISACTIVE": true
 }

Explanation:

Gets the uniquely identifiable record from given definition and returns it as json.

404 - record doesn’t exist

Example:

GET /api/record/USER-LIST/1

Search for records of given definition, version > 2.1.0.x.

GET api/recordsearch/{name}?filter=QUERY&select=COLUMN_LIST&limit=LIMIT&bookmark=BOOKMARK

parameters:

• filter - query parameter to retrieve just a subset of a collection - use Lookup query syntax

  optional: true

  type: string

• select - coma separated list of columns that will be returned

  optional: true

  type: string

• limit - limits number of returned records

  optional: true

  type: integer (max 200)

• bookmark - bookmark parameter allows to get next page of results

json returned: 

{
    "NextPageUrl": "next page URL with bookmark parameter filled",
    "TotalRecordCount": 2,
    "Records": [
        {
            "_id": "1-List-SYSUSER-JOHN.DOE@GO.COM",
            "EMAIL": "JOHN.DOE@GO.COM",
            "NAME": "John Doe"
        },
        {
            "_id": "1-List-SYSUSER-TESTUSERID",
            "EMAIL": "test@go.com",
            "NAME": "Test User"
        }
    ]
}

Explanation:

Search for records from given definition according to filter parameter and returns records data specified.

404 - record doesn’t exist

Example:

GET /api/recordsearch/sysuser?filter=email>'d'&select=_id,email,name&limit=1

GET /api/recordsearch/sysuser?filter=created>DATE(2020,1,1)&select=_id,email,name

Get multiple records with given keys.

POST /api/getrecords/{name}

Explanation:

This method needs a model which contains rows with single or composite keys for rows. Those rows that have matching records in a provided by {name} definition are returned in a JSON.

Model (Array of objects):

[
  {
    "KeyField" : value,
    "KeyField2" : value2
  }
]

Example:

[
  {
    "TYPE" : 1,
    "NAME" : "cheapProduct"
  },
  {
    "TYPE" : 2,
    "NAME" : "secondProduct"
  }
]

POST /api/getrecords/TEST-TABLE

Gets 2 rows from TEST-TABLE, with given ids, first row key(1, abc), second row key(11, abc)

Add one or more records.

POST /api/record/{name}

Explanation:

Saves the records provided in the model to definition with {name}.

Model (Array of objects):

[
  {
    "KeyField" : value,
    "KeyField2" : value2,
    "Field" : value3
  }
]

key - column name

Example:

[
  {
    "TYPE" : 2,
    "NAME" : "newProduct",
    "COUNT" : 331
  },
  {
    "TYPE" : 2,
    "NAME" : "newerProduct",
    "COUNT" : 241
  }
]

POST /api/record/PRODUCTS

Update one or more records.

PUT /api/record/{name}

Explanation:

Updates the records provided in the model. If the record is nonexistent it does NOT create it.

Model:

[
  {
    "KeyField" : value,
    "KeyField2" : value2,
    "Field" : value3
  }
] 

The row to be updated is determined by the key values, they can not be updated. Only the other values which do not belong to the key are updated.

Example:

[
  {
      "TYPE" : 2,
      "NAME" : "newProduct",
      "COUNT" : 1337
    }
]

PUT /api/record/PRODUCTS

The row defined by composite key(2, "newProduct") will have updated non Key Column "count" value to  1337.

Upsert (Update or Insert) multiple records.

PUT /api/recordupsert/{name}

Explanation:

Updates or inserts the records provided in the model. If the record is nonexistent it is created it, if it exists it is updated.

Model:

[
  {
    "KeyField" : value,
    "KeyField2" : value2,
    "Field" : value3
  }
] 

For the records that exist, the row to be updated is determined by the key values, they can not be updated. Only the other values which do not belong to the key are updated. Records that do not exist are created and added to definition with {name}.

Example:

[
  {
      "TYPE" : 3,
      "NAME" : "someProduct",
      "COUNT" : 300
    }
]

PUT /api/recordupsert/PRODUCTS

If the record exists the row defined by composite key(3, "someProduct"), will have updated non Key Column "count" value to  300. However if the record does not exists it will be created instead.

Delete all records from definition.

DELETE api/deleteallrecords/{name}

Explanation:

Deletes all the records that are currently in a definition with given name.

Example:

DELETE  /api/deleteallrecords/USER-LIST

Delete single record.

DELETE /api/record/{name}/{recordID}

Explanation:

Deletes an exact record identified by ID,  from definition with given name.

Example:

DELETE  /api/record/USER-LIST/1

Delete selected rows.

DELETE /api/record/{name}

Explanation:

This method needs a model which contains rows with single or composite keys for rows. Those rows that have matching records in a provided by {name} definition are removed.

Model (Array of objects):

[
  {

    "KeyField" : value,
    "KeyField2" : value2
  }
]

key - name of the column containing key
value - value of a key for given row and column

Example:

[
  {
    "TYPE" : 2,
    "NAME" : "valuableProduct"
  }
]

DELETE /api/record/TEST-TABLE

This will delete from TEST-TABLE the row with composite key(2,"valuableProduct")

REMARK!: Not all values of columns for the row are necessary, it is enough to provide only row values of columns which are marked as keys.

Enables simple Application interaction in forms of, executing actions on instances and distributing applications to users.

Get one application data, version > 2.1.0.x

POST /api/app/{name}/{appID}

parameters:

• name - application definition name

  optional: false

  type: string

• appID - application instance ID
  

  optional: false

  type: string

json returned: 

{
    "_id": "1-App-APISEARCH-3-7526f7cafbeb4e86b7c9b4a7a192cb47",
    "_archived": false,
    "_modified": "2021-05-28T11:20:44.679Z",
    "_editor": "ADMINUSER",
    "_from": "ADMINUSER",
    "_message": "",
    "_state": "saved",
    "ALIAS_TEXT": "some text",
    "ALIAS_NUMBER": 33.0,
    "ALIAS_BOOLEAN": false,
    "_attachments": [
        {
            "Id": "ea3026ad885a443db959f7f52602b715",
            "Name": "logo.pdn",
            "SectionName": "SECTION5"
        },
        {
            "Id": "7fd95218153647c49c667c161fc199c1",
            "Name": "history.png",
            "SectionName": "SECTION5"
        }
    ]
}

Explanation:

User can use this method to get one application instance data.

values started with underscore _ are metadata of application instance

uppercased values are application aliases

Examples:

POST /api/app/1-App-APISEARCH-3-7526f7cafbeb4e86b7c9b4a7a192cb47

Search for application instances of given application, version > 2.1.0.x.

GET api/appsearch/{name}?filter=QUERY&select=COLUMN_LIST&limit=LIMIT&bookmark=BOOKMARK

parameters:

• filter - query parameter to retrieve just a subset of a collection - use Lookup query syntax

  optional: true

  type: string

• select - coma separated list of values that will be returned

  optional: true

  type: string

• limit - limits number of returned records

  optional: true

  type: integer (max 200)

• bookmark - bookmark parameter allows to get next page of results

json returned: 

{
    "NextPageUrl": "https://DOMAIN/api/appsearch/APP_NAME?bookmark=g2wAAAABaANkABFjb3VjaGRiQGxvY2FsaG9zdGwAAAACYQBuBAD_____amgCRj_1k3lAAAAAYQlq",
    "TotalRecordCount": 10,
    "Records": [
        {
            "_id": "1-App-APP_NAME-1-b80448fa12244fecb88d53de5933c1c3",
            "_archived": false,
            "_modified": "2021-05-26T11:02:15.846Z",
            "_editor": null,
            "_from": "ADMIN",
            "_message": "",
            "_state": "saved",
            "A_TEXT": "AAA",
            "A_DATA": "2021-05-13",
            "A_DATACZAS": "2021-05-29T16:18:00.000",
            "A_UTC": "2021-05-01T05:30:00.000Z",
            "A_NUMBER": 12.34,
            "A_BOOLEAN": true
        },
        {
            "_id": "1-App-APP_NAME-1-98ff54fcd1e049d68579b06e46fdf24d",
            "_archived": false,
            "_modified": "2021-05-26T11:02:31.017Z",
            "_editor": null,
            "_from": "ADMIN",
            "_message": "",
            "_state": "saved",
            "A_TEXT": "BBB",
            "A_DATA": "2021-03-17",
            "A_DATACZAS": "2021-05-13T05:25:00.000",
            "A_UTC": "2021-05-16T14:20:00.000Z",
            "A_NUMBER": 23.0,
            "A_BOOLEAN": false
        }
    ]
}

Explanation:

Search for application instances from given definition according to filter parameter and returns records data specified.

404 - record doesn’t exist

Example:

GET /api/appsearch/APP_NAME?filter=A_TEXT>'a'&select=_id,_from,A_TEXT&limit=1

GET /api/appsearch/APP_NAME?filter=A_DATA>DATE(2020,1,1)&select=_id,_from,A_TEXT&limit=1

Distribute application.

POST /api/app

Explanation:

User can use this method to distribute the application to either one or many of the defined groups or to list of users by providing their emails. Application to be distributed is defined using a unique "Identifier", its name. Provided "InputParameters" will be passed as input parameters for each created instance of the application.

User needs to have editor permissions in an app definition in order to be able to distribute it.

Model:

Identifier: String

DestinationUsers: Array of [String] - optional

DestinationGroups: Array of [String] - optional

InputParameters:[
  {
    "ParameterName": Value
  }
]

Examples:

Distributing App with input parameters:

{
  "Identifier" : "PARAMETERSTEST",
  "inputParameters" : {
    "INPUTBOOLEANVALUE" : true,
    "INPUTSTRINGTEXT" : "second parameter"
  },
  "DestinationGroups" : ["All"],
}

POST /api/instance

Execute workflow Action.

POST /api/app/{appID}

Explanation:

User can use this method to execute a defined workflow action. There are multiple requirements that have to be met to execute this. User needs to be an editor at current state. Current State has to have defined workflow step for the action trying to execute. 

Remark: It doesn't matter if the action is visible or not, as long as the execution condition is met it will be executed.

Model:

Action: String

Action is the case sensitive name of the action we want to execute.
{AppID} from URL  is an actual ID of an instance of application(can be viewed for example when visiting a saved instance of an application from the main stream, the ID is part of the url).

Example:

{
  "Action" : "actionname",
}

PUT /api/instance/1-App-TESTAPP-1-743bf042411c405d91588317c82d5c55

Enables simple attachment management in application instances.

Get a list of application instance attachments

GET /api/attachment/{InstanceID}

Explanation:

This method returns the list of attachments currently stored in an application instance.

Example:

GET /api/attachment/1-App-EXAMPLEAPP-1-7cc1ea9d268b495eaedf49b9a2a08c3d

REMARK!: This returns attachments stored in all sections of type Attachment and Image.

Download a specific attachment from application instance 

GET /api/attachment/{InstanceID}?attachmentId=SomeAttachmentId

parameters:

• name: attachmentId

optional: false

type: string

Explanation:

This method downloads the attachment specified by attachmentId parameter.

Example:

GET /api/attachment/1-App-EXAMPLEAPP-1-7cc1ea9d268b495eaedf49b9a2a08c3d?attachmentId=

REMARK!: To know the exact name of the attachment it is best to first get using API the list of all attachments stored in the given application instance.

Download a specific attachment from application instance 

GET /api/attachment/{InstanceID}?attachmentName=SomeAttachmentName

parameters:

• name: attachmentName

optional: false

type: string

Explanation:

This method downloads the attachment specified by attachmentName parameter.

Example:

GET /api/attachment/1-App-EXAMPLEAPP-1-7cc1ea9d268b495eaedf49b9a2a08c3d?attachmentName=companylogo.jpg

REMARK!: To know the exact name of the attachment it is best to first get using API the list of all attachments stored in the given application instance.

Delete an attachment from application instance 

DELETE /api/attachment/{InstanceID}/{SectionName}?action=ActionName&attachmentId=SomeAttachmentId

parameters:

• name: attachmentName

optional: false

type: string

• name: action

optional: false

type: string

Explanation:

This method deletes the attachment specified by attachmentName parameter and executes the action on given instance to save the changes.

Example:

DELETE /api/attachment/1-App-EXAMPLEAPP-1-7cc1ea9d268b495eaedf49b9a2a08c3d?action=Save&attachmentId=ea3026ad885a443db959f7f52602b715

REMARK!: To know the exact name of the attachment it is best to first get using API the list of all attachments stored in the given application instance.

Add attachments to application instance

POST  /api/attachment/{InstanceID}/{SectionName}?action=ActionName

parameters:

• name: action

optional: false

type: string

Explanation:

This method adds the attachments included in the request in the form and executes the action to save the application instance.

Model: 

The request has to be of content type: multipart/form-data

with loaded files that are to be saved in the application instance.

Example:

POST /api/attachment/1-App-EXAMPLEAPP-1-7cc1ea9d268b495eaedf49b9a2a08c3d?action=Save

REMARK!: In the multipart/form-data only the name of the file matters, and the file is saved under that name. If the name is a duplicate the consecutive incremented integer is added at the end of the name before the file type to make it unique. (It is best to take a look at what was stored after POST )