APS controller stores APS resources as JSON objects in the APS database. The resources are available to users through REST requests sent to the APS controller. However, since the APS resources are protected, a user needs to logged in to a platform control panel. When an APS application instance needs to interact with the APS controller in background, it must authenticate itself as mentioned in Session Management.
There is a set of four fundamental REST operations briefly called CRUD: create, read, update, and delete. They are defined through corresponding HTTP methods as presented in the table.
|Create||POST||Create a resource as a JSON object in the APS database|
|Read||GET||Read a list of resources, a resource, or its property in JSON format|
|Update||PUT||Modify a resource or its property by sending updated JSON structure|
|Delete||DELETE||Remove a resource from the APS database|
For example, a user or an application can get the list of APS resources stored in the hosting system by issuing the following GET request addressing it to the node with the APS controller installed:
Furthermore, you can get details about any resource from the list printed by the previous command if you specify its ID at the end of a URI as follows.
Since the APS controller works as the service bus for all communicating APS participants, the REST operations similar to the above can be initiated by an APS application instance or by a UI code on a user activity. In either case, the REST operation is secured, as the APS controller requires the authentication credentials from any requester.
A 3rd party system can also get access to the APS as demonstrated in Using Platform Services. You can verify the above REST operations using a REST client, standalone or as a web browser plugin.
For details on generation of REST requests refer to the Using APS REST API document.