Forum Discussion
Hi TariqHussain,
Thanks for your reply. What id Restadmin() ? do I need to use any sdk to use this? Can we use the general Rest Client or Curl to call the REST API? Something like this:
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer vuVDPEkI+XLytr7hMGo0RkwucYF8belsX2XjI1qu+zM=“ -H "client-id: xxxxxxxxxxxxx" https://api.lithium.com/community/v1/[tanent name]/messages/id/[messageid]/kudos/give
Actually, I am using javascript fetch api for the REST : https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch
How can I make the restadmin() in this scenario?
fengka
are you familiar with endpoints ? you need to create an endpoint and you will get endpoint url. with javascript you can directly hit your request to endpoint url.
<#assign msgID = http.request.parameters.name.get("messageid","") /> <#if msgID !=''> <#assign messages = restadmin("messages/id/${msgID}/kudos/give").messages > </#if >
- fengka9 years agoContributor
TariqHussain I am not familiar with the endpoints you mentioned here. The code you show here looks like is a javascript template by using FreeMarker? (Sorry I am not exactly sure about it).
In my case I am using react native to develop a mobile app and it is using purely javascript to make the REST call. the calling is looking like this. I haven't found how to use restadmin() to call the api here.
fetch(httpUrl)
.then(function(response) {
return response.json();
})
.then(function(myBlob) {});
- SuzieH9 years agoKhoros Alumni (Retired)
Hi fengka
For your calls to be successful, you'll need two permission settings (Make REST API calls with read access and Make REST API calls with modify access) to be set to Grant. This is done in Community Admin > Users. I think this will solve your issues. We describe this in our API doc in the Authentication section. Hope this helps.
- fengka9 years agoContributor
Hi SuzieH
Thanks for your reply. This is one workable solution. After our lithium forum administrator enbled the allow_restapi_call_modify to (only) my account, I can modify the data like giving a kudo via REST API call.
This looks like need to grant the permission per user via the setting. However I have further questions:
1. Can we enable the allow_restapi_call_modify to ALL the user by default with one time? We would like to let all the forum registered user modify the data via rest call. If we have to enable it one by one per user, that will be a huge work.
2. If the answer to question 1 is yes, the next question is should we do it like that? Do we have potential security concern if all the user can modify forum data via REST API call?
3. When doing the authentication, we are required to provide "client_id" and "client_secret", can we grant writable permission per "client_id"?
Thanks.
Related Content
- 6 years ago
- 9 years ago