In the Settings tab, you can find additional configuration for the OData endpoint of Connect.

Default Service Settings

In this section you can specify some of the default settings applying to the format of the OData service.

Server-Side paging Size

This setting determines a maximum of how many records can be included in a response from the Connect OData API. See Pagination for more details on the paging feature of the OData API.

OData Format

This settings allows you to specify the default format of responses in the Connect OData API:

• JSON (Default)
• ATOM(XML)

OData Service Version

This settings allows you to specify which OData service version can be used for the Connect OData API:

• 4.0 (Default)
• 3.0
• 2.0

Default User Settings

Under the Default User Settings, you can specify a default value for new users’ authentication token lifetime. This is a global settings which can be overridden when creating a new user. This value determines the number of days that the authentication token stays valid for; using an authentication token outside of this time range will result in an authentication error. See Users for more information on creating new users or refreshing users’ expired tokens.

CORS

Cross-Origin Resource Sharing settings may apply if a website application is accessing the Connect OData endpoint. CORS allows browser-based clients to connect to Connect; without CORS, browser-based scripts would not be authorized to connect to the Connect API because of the same-origin policy enforced by modern browsers. This policy restricts client-side scripts and documents from loading resources outside their origin. The origin of a script consists of the protocol, host, and port.

Available CORS Options.

When the option to enable CORS is selected, you can use the following options to configure CORS:

Setting	Description
Allow all domains without ‘*‘	When this option is set, the API Server will allow any origin passed by the client by returning that origin in the Access-Control-Allow-Origin header.
Access-Control-Allow-Origin	When this option is set, the API Server will allow any origin passed by the client by returning that origin in the Access-Control-Allow-Origin header. When this is set to ‘*’, the API Server will allow any origin and pass ‘*’ in the Access-Control-Allow-Origin header. This is suitable for public APIs.
Access-Control-Allow-Methods	Enter a comma-separated list of allowed methods.
Access-Control-Allow-Headers	Enter a comma-separated list of headers that can be used in requests made by the script.
Access-Control-Allow-Credentials	Set this to true if you want to require that clients provide credentials.
Access-Control-Max-Age	Enter the number of seconds the user agent can cache preflight requests.