Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

REST API Implementation in AEM

Avatar

Level 2

Hello Everyone,

I just wanted to throw a question on REST API implementation here. We have a third-party REST API that returns data needed for our website's couple of pages. I am not sure which REST Client to use or how to implement one in terms of AEM development. So, I am just seeking some guidance here. Additionally, we have authentication credentials for different environments to access the API. Where should I store those credentials so that it stays secured and won't get compromised.

Continuing the above, we want to build a component that displays those data. We want to have an authoring dialog where the author can select a location from the pre-populated list, and that component will bring data for that particular location only (once authored). With this, how the overall setup should look like?

Also, how would I build (if possible) a caching mechanism so that it doesn't make API calls for the same set of parameters repeatedly?

Any suggestion here will be appreciated. Thank you!

1 Accepted Solution

Avatar

Correct answer by
Level 5

Hi @webdev91 ,

 

To keep it simple enough,


1. For REST API consumption - you can use the HTTPClients class to generate an HTTP Client instance and you wouldn't need any external dependency, as these are part of uber jar.

2. To manage credentials across different environments -  Can create a custom OSGI configuration and maintain its properties (email and password) per runmode.

Ref: https://www.linkedin.com/pulse/aem-how-add-osgiconfig-archetype-26-above-veena-vikraman

If storing the password in its original value is not acceptable, then you can consider using Crypto support of AEM, which lets you store the encrypted string in the codebase.
Ref: https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/encryption-supp...

3. Component build - (I didn't quite get the use case here) Are you saying that the value authored in the component dialog will be used as input to the REST API call? If yes, then you can make the API call server side in your Sling Model.
4. Cache flush - Assuming that API call is server side and the input to the API is determined by author selection, you don't need to worry about caching explicitly. As, the API response would only change when the component is re-authored which will require a page activation. In most/default scenarios, a page activation should clear the dispatcher cache.

 
Let me know, if any further details are required on the above and/or if my understanding of your question is incorrect.

 

Thanks,

Fani

View solution in original post

2 Replies

Avatar

Correct answer by
Level 5

Hi @webdev91 ,

 

To keep it simple enough,


1. For REST API consumption - you can use the HTTPClients class to generate an HTTP Client instance and you wouldn't need any external dependency, as these are part of uber jar.

2. To manage credentials across different environments -  Can create a custom OSGI configuration and maintain its properties (email and password) per runmode.

Ref: https://www.linkedin.com/pulse/aem-how-add-osgiconfig-archetype-26-above-veena-vikraman

If storing the password in its original value is not acceptable, then you can consider using Crypto support of AEM, which lets you store the encrypted string in the codebase.
Ref: https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/encryption-supp...

3. Component build - (I didn't quite get the use case here) Are you saying that the value authored in the component dialog will be used as input to the REST API call? If yes, then you can make the API call server side in your Sling Model.
4. Cache flush - Assuming that API call is server side and the input to the API is determined by author selection, you don't need to worry about caching explicitly. As, the API response would only change when the component is re-authored which will require a page activation. In most/default scenarios, a page activation should clear the dispatcher cache.

 
Let me know, if any further details are required on the above and/or if my understanding of your question is incorrect.

 

Thanks,

Fani

Avatar

Level 2

Hi @fanindras 

Thank you for your response.

My additional question on the points below.

1. It's good to know that there is an HTTP Client already available in uber-jar so I don't need to worry about adding additional dependency (at least initially). Of course, I am going to research more on this but is there any demo app or example or article that you recommend which explains HTTP Client and how to implement it within AEM?

2. As long as storing the properties related to API credentials in OSGi config is secured and potentially won't get compromised, I believe we are ok to store the unencrypted value there.

3. Regarding components, we have a few locations and there is a page for each location. In those pages, there are contents related to that particular location and at the same time, we are making a third-party API call that returns data specific to that location. Therefore we want to build a component so that when the author is working on whatever location page, they can select that location from the author dialog. Let me know if you still need more info on this.