Allowed Domains

The user can use REST service APIs to add/retrieve/modify/remove the allowed domains in the ASALLOWEDDOMIN table. The ASALLOWEDDOMIN table contains the list of valid domains (secured external links) which can be configured in the DeepLinks or ExternalLinks business rule that are used to access the third party applications from OIPA.

Implementing Restrictions On Links For DeepLink/ExternalLink

  1. For the system to validate the configured URLs through DeepLinks/ExternalLinks, the users should mark the set of domains as AllowedDomain in the database, it should contain at least one active record for the system to validate the URLs, otherwise, the system will not validate the URLs.
  2. The system will not allow any URL which is not marked as AllowedDomain or with <IFRAME> tag, using javascript eval function, with ftp:// or file://etc.
  3. Users may add/delete/modify a specific domain into the list of AllowedDomain through REST APIs.

Implementing Restrictions On Links For DeepLink/ExternalLink

  1. In order for the system to to validate the configured URLs through ExternalLinks/Deep Links, the user will be required to mark a certain set of domains as AllowedDomains in the database.
  2. Atleast one active record should be marked as AllowedDomain for the system to validate
    the URLs.
  3. If there are no active records, the system will not validate the configured ExternalLinks/Deep links against the AllowedDomain names.

  4. The system will not allow any URL which is not marked as AllowedDomain or with <IFRAME> tag, using javascript eval function, with ftp:// or file://etc., to be configured in ExternalLinks/Deep links.

  5. A user may add/delete/modify specific domain into the list of AllowedDomains through REST APIs.

Allowed Domains Service APIs

The following CRUD REST services can be used to Add/Retrieve/Modify/Remove a allowed domain in the 'ASALLOWEDDOMAIN' table.

This service adds a new domain in the ASALLOWEDDOMAIN table.

Method:POST

URI: /PASService/rest/services/url/domains/

Payload Parameters

Parameter Description (Mandatory/Optional)
domainName Mandatory

Sample Payload

{
"domains":
[
    {
      "domainName": " "
    },
    {
      "domainName": " "
    }
]
}
 
 

Expected Status Code

201- Created

 

This service modifies/updates the details of a specified domain in the ASALLOWEDDOMAIN table.

Method:PUT

URI: /PASService/rest/services/url/domains/id

Payload Parameters

Parameter Description (Mandatory/Optional)
domain Mandatory
domainName Mandatory

Sample Payload

{
"domains":
[
    {
      "domain": " "
    },
    {
      "domainName": " "
    }
]
}
 
 

Expected Status Code

204- Success

 

This service returns the list of all domains.

Method:GET

URI: /PASService/rest/services/url/domains

Sample Response

"{
        "count": 40,
        "offset": 0,
        "limit”:100
        {
           "links": [
                {
                    "href": "http://server:port/PASService/rest/services/url/domains/2C3D7F85-8B29-46D3-A978-F1262798729D",
                    "rel": "self",
                    "mediaType": "application/json",
                    "method": "GET"
                }
          ],
           "domainId": 
           "domainName": 
           "creationDate":
           "createdBy":
           "lastmodifiedby":
           "lastmodifiedGM"T:
           "status":
        },
        {
           "links": [
                {
                    "href": "http://server:port/PASService/rest/services/url/domains/2C3D7F85-8B29-46D3-A978-F1262798729D",
                    "rel": "self",
                    "mediaType": "application/json",
                    "method": "GET"
                }
          ],
          "domainId": 
          "domainName":    
          "creationDate":
          "createdBy":
          "lastmodifiedby":
          "lastmodifiedGMT":
          "status":
                  }   
      }”
 
 

Expected Status Code

200- Success

 

This service returns the details of a specified domain id.

Method:GET

URI: /PASService/rest/services/url/domains/id

Sample Response

"{
        "count": 1,
        "offset": 0,
        "limit”:100
        {
           "links": [
                {
                    "href": "http://server:port/PASService/rest/services/url/domains/2C3D7F85-8B29-46D3-A978-F1262798729D",
                    "rel": "self",
                    "mediaType": "application/json",
                    "method": "GET"
                }
          ],
           "domainId": 
           "domainName": 
           "creationDate":
           "createdBy":
           "lastmodifiedby":
           "lastmodifiedGM"T:
           "status":
        } 
}”
 
 

Expected Status Code

200- Success

 

This service returns the details of a specified domain name.

Method:GET

URI: PASService/rest/services/url/domains?q=domainName eq "oracle.com"

Sample Response

"{
        "count": 1,
        "offset": 0,
        "limit”:100
        {
           "links": [
                {
                    "href": "http://server:port/PASService/rest/services/url/domains/2C3D7F85-8B29-46D3-A978-F1262798729D",
                    "rel": "self",
                    "mediaType": "application/json",
                    "method": "GET"
                }
          ],
           "domainId": 
           "domainName": 
           "creationDate":
           "createdBy":
           "lastmodifiedby":
           "lastmodifiedGMT":
           "status":
        }
}"
 
 

Expected Status Code

200- Success

 

This service deletes a specified domain id.

Method: DELETE

URI: /PASService/rest/services/url/domains/{id}

 

Expected Status Code

200- Success