Build Delivery APIs

In FoxNose CMS, you have the flexibility to create multiple Delivery APIs within a single environment. Each API represents a specific set of connected folders from which you can distribute data. This allows for granular control over which content is exposed and how it's organized for consumption.

Key Concepts

Each Delivery API has a unique prefix that serves as the starting point for its URLs structure. This helps in differentiating between multiple APIs within the same environment.

Example 1

https://7c9h4pwu.fxns.io/my_api_prefix/.../

Example 2

https://7c9h4pwu.fxns.io/another_prefix/.../

After creating an API, you connect folders to it. Only the data from these connected folders will be accessible through the Delivery API. You can connect multiple folders to the same API, each with its own configuration.

URL Structure

The structure of the API mirrors the structure of the connected folders. This means the endpoints are organized based on how folders and subfolders are arranged. Endpoints parts are generated using the api_key_plural property of the folders. This ensures meaningful and consistent URL paths.

...fxns.io/my_public_api/manufacturers/:manufacturer_key/products/:product_key/.../

Inheritance and strict_reference

When you connect a folder that has strict_reference enabled to your Delivery API, FoxNose CMS automatically includes certain ancestor folders in the API's URL structure. Here's how it works:

  1. Automatic Inclusion of Ancestor Folders
  • Chain of strict_reference Folders: Only ancestor folders that have strict_reference enabled are automatically included in the API's URL structure.
  • Stops at non-strict_reference Folders: If an ancestor folder does not have strict_reference enabled, the automatic inclusion stops there. Any higher-level ancestors without strict_reference are skipped in the URL structure.
  1. Role of Included Ancestor Folders
  • URL Structure Only: These ancestor folders are added to the API with allowed_methods set to an empty list []. This means they become part of the URL path but do not allow direct access to their content.
  • No Direct Data Access: Since allowed_methods is empty, clients cannot perform actions like retrieving lists or individual items from these folders through the API.
  1. Explicit Connection for Data Access
  • Connect to Serve Content: If you want the ancestor folders to serve content (e.g., allow get_many or get_one), you need to explicitly connect them to the API and specify the desired allowed_methods using the Update Connected Folder endpoint.

Why This Matters

  • Accurate URL Paths: Including ancestor folders with strict_reference in the URL ensures that your API endpoints accurately reflect the content hierarchy. This is important for correctly identifying and accessing nested records.
  • Controlled Access: By not automatically enabling data access to ancestor folders, you maintain control over which folders expose their content via the API.

Example Setup

Consider the following folder structure:

πŸ“ Blog (api_key_plural: articles, strict_reference: false)
└── πŸ“ Articles (api_key_plural: articles, strict_reference: false)
    └── πŸ“ Categories (api_key_plural: categories, strict_reference: true)
        β”œβ”€β”€ πŸ“ Tech (api_key_plural: tech, strict_reference: true)
        β”‚    └── πŸ“„ Document 1
        └── πŸ“ Lifestyle (api_key_plural: lifestyle, strict_reference: true)
             └── πŸ“„ Document 2

Let’s say only Articles and Tech folders are connected to the Delivery API with the strict_reference setting enabled for Tech. This means that Categories will also be part of the URL structure but will not serve content unless explicitly connected.

In this example:

If Tech is connected to the API with strict_reference, only its immediate ancestor folders (Categories) with strict_reference are automatically added to the URL structure.

URL to get a list of articles under the Tech category:

/api_prefix/categories/:category_key/tech/

URL to retrieve a specific article in Tech:

/api_prefix/categories/:category_key/tech/:article_key/

The Blog and Articles folders are not added to the URL structure because they lack strict_reference. Even though they are part of the hierarchy, they do not appear in the API structure, keeping the URL concise and relevant.

Attempting to access /api_prefix/categories/ directly will result in a β€œMethod Not Allowed” error, as Categories only serves as a structural element in the URL path without exposing its content directly.

Permissions

When connecting a folder to an API, you can specify an array of actions (permissions) that are allowed for that folder, providing control over what operations can be performed on the data.

Delivery API Model

Properties

  • Name
    key
    Type
    string πŸ”’
    Description

    The unique identifier for the API within the system.

  • Name
    name
    Type
    string
    Description

    The human-readable name of the API.

  • Name
    description
    Type
    string
    Description

    A description of the API's purpose.

  • Name
    prefix
    Type
    string
    Description

    The unique URL prefix for the API. Must be alphanumeric and unique within the environment.

  • Name
    environment
    Type
    string
    Description

    The key of the environment where the API is created.

  • Name
    created_at
    Type
    datetime πŸ”’
    Description

    Timestamp of when the API was created.

POST/v1/:env/api/

Create Delivery API

This endpoint allows you to create a new Delivery API within the current environment.

  • Authentication method: JWT

Required attributes

  • Name
    name
    Type
    string
    Description

    The name of the API.

    • Minimum length: 1
    • Maximum length: 255
  • Name
    description
    Type
    string
    Description

    The description of the API.

    • Minimum length: 0
    • Maximum length: 500
    • Default: ""
  • Name
    prefix
    Type
    string
    Description

    Prefix for API endpoints.

    • Minimum length: 1
    • Maximum length: 100
    • Alphanumeric, unique within the environment.

Errors

  • Name
    api_prefix_exists
    Description

    This error occurs when the specified prefix for the API already exists within the environment.

Request

POST
/v1/:env/api/
curl https://api.foxnose.net/v1/7c9h4pwu/api/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json" \
-d '{
"name": "My API",
"description": "An example API",
"prefix": "my_api"
}'

Response

{
    "key": "6n39zhwb",
    "name": "My API",
    "environment": "7c9h4pwu",
    "description": "An example API",
    "created_at": "2024-09-21T16:45:20.516605-05:00",
    "prefix": "my_api"
}
GET/v1/:env/api/

List Delivery APIs

Retrieves a list of all Delivery APIs in the current environment.

  • Authentication method: JWT
  • Returns all results in a single response without pagination.

Request

GET
/v1/:env/api/
curl https://api.foxnose.net/v1/7c9h4pwu/api/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json"

Response

[
{
    "key": "6n39zhwb",
    "name": "My API",
    "environment": "7c9h4pwu",
    "description": "My first API",
    "created_at": "2024-09-21T16:45:20.516605-05:00",
    "prefix": "my_api"
},
{
    "key": "7b8gzkla",
    "name": "Analytics API",
    "environment": "7c9h4pwu",
    "description": "API for analytics data",
    "created_at": "2024-09-22T11:45:20.516605-05:00",
    "prefix": "analytics"
}
]
GET/v1/:env/api/:api_key/

Retrieve Delivery API

Retrieves details of a specific Delivery API by its key.

  • Authentication method: JWT

Request

GET
/v1/:env/api/:api_key/
curl https://api.foxnose.net/v1/7c9h4pwu/api/6n39zhwb/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json"

Response

{
    "key": "6n39zhwb",
    "name": "My API",
    "environment": "7c9h4pwu",
    "description": "My first API",
    "created_at": "2024-09-21T16:45:20.516605-05:00",
    "prefix": "my_api"
}
PUT/v1/:env/api/:api_key/

Update Delivery API

This endpoint allows you to update details of an existing Delivery API.

  • Authentication method: JWT

Required attributes

  • Name
    name
    Type
    string
    Description

    The name of the API.

    • Minimum length: 1
    • Maximum length: 255
  • Name
    description
    Type
    string
    Description

    The description of the API.

    • Minimum length: 0
    • Maximum length: 500
    • Default: ""
  • Name
    prefix
    Type
    string
    Description

    Prefix for API endpoints.

    • Minimum length: 1
    • Maximum length: 100
    • Alphanumeric, unique within the environment.

Errors

  • Name
    api_prefix_exists
    Description

    This error occurs when the specified prefix for the API already exists within the environment.

Request

PUT
/v1/:env/api/:api_key/
curl https://api.foxnose.net/v1/7c9h4pwu/api/6n39zhwb/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json" \
-d '{
"name": "Updated API",
"description": "Updated description",
"prefix": "updated_prefix"
}'

Response

{
    "key": "6n39zhwb",
    "name": "Updated API",
    "environment": "7c9h4pwu",
    "description": "Updated description",
    "created_at": "2024-09-21T16:45:20.516605-05:00",
    "prefix": "updated_prefix"
}
DELETE/v1/:env/api/:api_key/

Delete Delivery API

This endpoint allows you to delete a specific Delivery API by its key.

  • Authentication method: JWT
  • Returns a 204 status code if the operation is successful.

Request

DELETE
/v1/:env/api/:api_key/
curl -X DELETE https://api.foxnose.net/v1/7c9h4pwu/api/6n39zhwb/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json"

Folder Connection Model

When connecting folders to a Delivery API in FoxNose CMS, you define specific settings that control how data from those folders is accessed and presented through the API. This model outlines the properties used to configure folder connections to an API.

Properties

  • Name
    folder
    Type
    string
    Description

    The unique identifier (key) of the folder to be connected to the API.

  • Name
    api
    Type
    string
    Description

    The unique identifier (key) of the API to which the folder is connected.

  • Name
    allowed_methods
    Type
    array[string]
    Description

    An array of methods (actions) that are permitted on this folder through the API. ENUM:

    • "get_many": Allows retrieving a list of documents, with support for search and filters. If only "get_many" is enabled, the API would return only the identifiers of the resources, without the actual data.
    • "get_one": Allows retrieving a single document by its key.
      Currently, creation and updating of documents through the Delivery API are not available, but could be added in future versions.
  • Name
    return_fields
    Type
    array[string] | string('*')
    Description

    Specifies which top-level fields of the documents should be returned in API responses. Accepts either an array of strings, where each string represents a top-level field name, or the wildcard string "*".

    • Wildcard ("*"): If "*" is provided, all top-level fields of each document will be included in the response.
    • Array of Field Names: When an array of strings is provided, only the specified top-level fields will be included. Nested fields within these fields will still be included.
    • Example: If ["title", "description"] is specified, only the title and description fields of each document will be returned. If "*" is used, all fields are returned.
  • Name
    filters
    Type
    object
    Description

    Defines the filters that are always applied to queries on this folder through the API. Follows the same filtering syntax used in the Delivery API search.

    These filters are mandatory and will override any corresponding filters provided in the API request by the client.

    Only required filters can be specified here; optional filters are not supported in this context.
POST/v1/:env/api/:api_key/folders/

Connect Folder to API

This endpoint allows you to connect a folder to an existing Delivery API, configuring access and filtering rules for the folder.

  • Authentication method: JWT

Required attributes

  • Name
    folder
    Type
    string
    Description

    The unique identifier (key) of the folder to be connected to the Delivery API.

  • Name
    allowed_methods
    Type
    array[string]
    Description

    An array specifying the actions allowed on this folder through the API. ENUM:

    • "get_many": Allows retrieving a list of documents, supporting search and filters.
    • "get_one": Allows retrieving a single document by its key.
  • Name
    return_fields
    Type
    array[string] | string('*')
    Description

    Specifies which top-level fields should be included in the API response for this folder.

    • Array: Lists fields explicitly.
    • Wildcard "*": Includes all fields.
  • Name
    filters
    Type
    object
    Description

    A set of filters that are always applied when accessing this folder through the API.

Errors

  • Name
    folder_already_connected_to_api
    Description

    This error occurs when the specified folder is already connected to the API.

Request

POST
/v1/:env/api/:api_key/folders/
curl -X POST https://api.foxnose.net/v1/7c9h4pwu/api/6n39zhwb/folders/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json" \
-d '{
"folder": "5fnvjnk6",
"allowed_methods": ["get_many", "get_one"],
"return_fields": ["title", "content"],
"filters": {
"foo": true,
"bar__eq": 42
}
}'

Response

{
    "folder": "5fnvjnk6",
    "api": "6n39zhwb",
    "allowed_methods": ["get_many", "get_one"],
    "return_fields": ["title", "content"],
    "filters": {
    "foo": true,
    "bar__eq": 42
}
}
GET/v1/:env/api/:api_key/folders/

List Connected Folders

Retrieves a list of all folders connected to a specific Delivery API.

  • Authentication method: JWT

Query parameters

The request does not support any query parameters.

Request

GET
/v1/:env/api/:api_key/folders/
curl https://api.foxnose.net/v1/7c9h4pwu/api/6n39zhwb/folders/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json"

Response

{
    "count": 2,
    "next": null,
    "previous": null,
    "results":
    [
{
    "folder": "5fnvjnk6",
    "api": "6n39zhwb",
    "allowed_methods": ["get_many", "get_one"],
    "return_fields": ["title", "content"],
    "filters": {
    "published_at__gte": "2024-09-21T16:45:20.516605-05:00"
}
},
{
    "folder": "8v4k2h9m",
    "api": "6n39zhwb",
    "allowed_methods": ["get_many"],
    "return_fields": ["name", "description"],
    "filters": {
    "status__eq": "active"
}
}
    ]
}
GET/v1/:env/api/:api_key/folders/:folder_key/

Retrieve Connected Folder

Retrieves details for a specific folder connected to a Delivery API.

  • Authentication method: JWT

Request

GET
/v1/:env/api/:api_key/folders/:folder_key/
curl https://api.foxnose.net/v1/7c9h4pwu/api/6n39zhwb/folders/5fnvjnk6/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json"

Response

{
    "folder": "5fnvjnk6",
    "api": "6n39zhwb",
    "allowed_methods": ["get_many", "get_one"],
    "return_fields": ["title", "content"],
    "filters": {
    "published_at__gte": "2024-09-21T16:45:20.516605-05:00"
}
}
PUT/v1/:env/api/:api_key/folders/:folder_key/

Update Connected Folder

This endpoint allows you to update the settings of a folder connected to a Delivery API.

  • Authentication method: JWT

Required attributes

  • Name
    allowed_methods
    Type
    array[string]
    Description

    An array specifying the actions allowed on this folder through the API. ENUM:

    • "get_many": Allows retrieving a list of documents, supporting search and filters.
    • "get_one": Allows retrieving a single document by its key.
  • Name
    return_fields
    Type
    array[string] | string('*')
    Description

    Specifies which top-level fields should be included in the API response for this folder.

    • Array: Lists fields explicitly.
    • Wildcard "*": Includes all fields.
  • Name
    filters
    Type
    object
    Description

    A set of filters that are always applied when accessing this folder through the API.

Request

PUT
/v1/:env/api/:api_key/folders/:folder_key/
curl -X PUT https://api.foxnose.net/v1/7c9h4pwu/api/6n39zhwb/folders/5fnvjnk6/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json" \
-d '{
"allowed_methods": ["get_many"],
"return_fields": ["title", "content", "date"],
"filters": {
"published": true
}
}'

Response

{
    "folder": "5fnvjnk6",
    "api": "6n39zhwb",
    "allowed_methods": ["get_many"],
    "return_fields": ["title", "content", "date"],
    "filters": {
    "published": true
}
}
DELETE/v1/:env/api/:api_key/folders/:folder_key/

Disconnect Folder

Disconnects a folder from a Delivery API connection, making its data inaccessible through the Delivery API.

  • Authentication method: JWT
  • Returns a 204 status code if the operation is successful.

Request

DELETE
/v1/:env/api/:api_key/folders/:folder_key/
curl -X DELETE https://api.foxnose.net/v1/7c9h4pwu/api/6n39zhwb/folders/5fnvjnk6/ \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiI..." \
-H "Content-Type: application/json"

Was this page helpful?