The Everyware Cloud exposes a comprehensive set of Web Service APIs for application integration purposes. The Everyware Cloud REST API allows you to build applications that use Representational State Transfer HTTP calls to retrieve, modify, or publish platform data. For example through the APIs, you are able to access all the functionality of the Console or to control a device from your application built on top of the Everyware Cloud.
The Everyware Cloud platform conforms to standard REpresentational State Transfer (REST) protocol to expose its Application Programming Interfaces (API). REST has emerged over the past few years as a predominant Web service design model. REST-style architectures consist of clients and servers. Clients initiate requests to servers, while servers process requests and return appropriate responses. Requests and responses are built around the transfer of representations of resources. A resource can be essentially any coherent and meaningful concept that may be addressed. A representation of a resource is typically a document that captures the current or intended state of a resource.
Everyware Cloud RESTful APIs expose the standard action types (create, read, update, delete) over the platform objects. They are capable of retrieving a resource representation in XML or JSON format. You can use the REST HTTP Accept Header to specify the representation requested using the "application/xml" and "application/json" Media Types. As an alternative to the Accept header, you can specify the requested data representation by appending an ".xml" or ".json" suffix to the path part of your request URLs.
In order to get access to the API a user or a client application must authenticate with EC. The authentication API creates a JWT token that have to be set in the Authorization header of the HTTP request of all the subsequent API invocations.
Authentication is itself an API available at the following mount point:
if successful, the authentication response contains a tokenId field whose value is the JWT token. The tokenId value is the one that have to be set in the Authorization header.
The authentication api exposes several authentication methods one for each credential type (e.g. username/password, api key, etc), the user has to chose the one that fits his needs.
When an authenticated user or client application need to logout it has to invoke the /authentication/logout api.