Version 25.3.9411

• Server Tab
  • Trusted IP Addresses
  • OData
  • Default User Settings
  • Cross-Origin Resource Sharing (CORS)
• Notifications Tab
• License Tab

The Settings page in the API Server application contains global user settings. The following sections explain the purpose of each tab on this page.

Server Tab

The Server tab of the Settings page enables you to control settings that are related to the API Server API. This tab contains four sections:

• Trusted IP Addresses

• OData

• Default User Settings

• Cross-Origin Resource Sharing (CORS)

Trusted IP Addresses

This section defines the IP addresses that are allowed to make connections to the API Server API. The following functions are available. Click the dots to the right of the IP address to edit or remove it.

• Add IP Address: Opens a dialog box where you can enter a new IP address range.

• Edit: Opens a dialog box where you can modify the selected IP address range.

• Remove: Removes the selected IP address range from the list.

The following restrictions apply to this setting:

• localhost is always allowed to access the API Server API. This behavior cannot be changed.

• Ranges are supported. For example, the entry 100.10.100.1-15 indicates that IP addresses between 100.10.100.1 and 100.10.100.15 are allowed. Any IP addresses outside of that range are rejected.

• Wildcard patterns are supported. For example, the entry 100.10.100.* indicates that IP addresses beginning with 100.10.100 are allowed. Any IP addresses outside of that range are rejected.

OData

This section configures OData settings. The following settings are available. Click the Edit icon () to adjust the settings.

• Server-Side Paging Size: Set the server’s page size when returning results. The default value, 0, returns all records in a single response.

• Default Format: Set the default format when OData returns results. Choose between JSON and XML. The default setting is JSON.

• Default Version: Set the default version to use for OData. The default setting is OData 4.0.

• Base URL: When the application is hosted behind a gateway, set the base URL to the publicly accessible URL. For example, https://my_website.com.

Click Save to save the new settings.

Default User Settings

The following default user settings apply to all API Server users. Click the Edit icon () to adjust the settings.

Note: To configure user-specific settings, refer to the Users page. The user-specific settings override the server-wide settings. An empty value for one of the user settings means the server default is used instead.

You can configure the following options for all users:

• Requests Per Hour: Enter the maximum requests per hour per user. Set it to -1 to allow users unlimited access.
• Max. Concurrent Requests: Enter the maximum number of simultaneous requests allowed per user. Set it to -1 to allow unlimited simultaneous requests.
• Token Expiration: Enter the number of days until the user’s token expires.

Click Save to save the default user settings.

Cross-Origin Resource Sharing (CORS)

CORS enables browser-based clients to connect to the API Server application. Without CORS, browser-based scripts cannot connect to the API Server API because of the same-origin policy that is enforced by the browser. This policy restricts client-side scripts and documents from replicating resources outside of their origin. The origin of a script consists of the protocol, the host, and the port.

Click the Edit icon () to adjust the CORS settings. Select Enable cross-origin resource sharing (CORS), and then use the following options to configure CORS:

• Allow all domains without ‘*‘: Turn on this toggle to allow any origin that is passed by the client by returning that origin in the Access-Control-Allow-Origin header.

• Access-Control-Allow-Origin: Enter the origins for which API Server will participate in CORS. API Server returns these origins in the Access-Control-Allow-Origin header. When this is set to ‘*’, API Server allows any origin and passes ‘*’ in the Access-Control-Allow-Origin header. This is suitable for public APIs.

• Access-Control-Allow-Credentials: Turn on this toggle to require that clients provide credentials.

• Access-Control-Allow-Methods: Enter a comma-separated list of allowed methods.

• Access-Control-Allow-Headers: Enter a comma-separated list of headers that can be used in requests made by the script.

• Access-Control-Max-Age: Enter how long (in seconds) the user agent can cache preflight requests. The default is 3600.

Click Save to save your CORS settings.

Notifications Tab

The Notifications tab enables you to configure email notifications that can be sent to you if OData encounters an error.

To enable alert notifications for a error notifications, you need to configure your global email server and authentication properties, as follows:

1. Navigate to the Settings page and click the Notifications tab.

2. Click the Edit icon () to open the OData dialog.

3. Turn on the toggle Notify emails upon encountering an error.

4. Configure the following properties for the SMTP mail server that is used to send notifications:

   • From - Enter the email address to display in the From text box. The default address is [email protected].

   • To - Enter the default email address to which notifications should be sent.

   • Subject - Enter the subject line of the email.

   • SMTP Server - Enter the name of the SMTP mail server.

   • Username - The username that you use to authenticate to the SMTP server.

   • Password - The password that you use to authenticate to the SMTP server.

   • SMTP Port - Enter the port on which to connect to the SMTP server. The default port is 25.

   • TLS Start Mode - Select the Transport Layer Security (TLS) mode that you want to use. The default value is STARTTLS.

5. Click Save to save your settings and to return to the Notifications tab on the Settings page.

6. Click Send Test Email to test your email settings.

License Tab

The License tab contains details about your API Server license. It contains the following information:

• Product Key - The current product key for API Server.

• Node ID - Your machine’s node Id.

• Version - the version of API Server that you have.

If you purchase a new license, you can install the license by clicking the Edit icon () on the License tab. Then enter your name, email, and product key (or license file), and agree to the terms and conditions. Then, click Save.