How to use Kentico 12 Rest API's using Postman.

Hi Jahan,

The REST API documentation is quite clear, to be honest. Please make sure you read the following articles:

• First of all, you need to configure the REST service
• Then, use Basic authentication for your requests, you will also need valid Kentico user with username and password for it (described in the article)
• And finally, all the URLs and formats are explained in this article; bear in mind pages and objects have different URL formats.

After reading these articles do you have any more specific question of what is not working or not clear?

Dear Dmitry,

Thank you, I was missing admin's root directory while was trying to request the rest url.

Please guide in following scenario: - Shared one rest API with third party partner to share some data - created one new user for basic authentication - if I am not assigning global admin role, its returning forbidden 403. - I tried with Editor and Administrator roles but no luck. - I don't want that user to be logged into my system, only that user should fetch and share data with third party customer. - I am have a very big risk. I am still unable to find the solution using Kentico.

Looking for your kind and quick help.

Regards,

Jahan

This is strange. I've just created a user with "None" privilege level and was able to make a GET call with no problems, for example this request returned me a correct user XML:

http://localhost/Kentico12_1_Admin/rest/cms.user/administrator

Could you post you configuration of REST service (Settings > Integration > REST)? And please give me an example of your REST call. Then I will try to replicate your case more precisely.

Another option is to use hash authentication if you don't want to share CMD user with third-party. But it will work with GET requests only.

Hi Dmitry,

Example URL:

- /cms/rest/cms.eventlog/all

REST Configuration:

- Service enabled: True
- Service enabled for: Objects
- Always check page security: False
- Page access is read only: False
- Object access is read only: False
- Allowed page types: Empty
- Allowed object types: cms.eventlog
- Default encoding: utf-8
- Allow sensitive fields for administrators: False

Regards,

With No Authentication:

• 401 - Unauthorized: Access is denied due to invalid credentials.

Thank you for the information provided, it makes much more sense now. Your configuration is correct, however, you would also need to do the following:

• Create a new Role ("Rest client" for example) and add your user with "None" privilege level to this role
• In the Permissions application, Permissions for: Module, Event Log grant Read to your role
• And the last, please check the documentation on how you can query the objects

Documentation says:

Note: /all object retrieval requests only work if the user account used for authentication has the Global administrator privilege level.

Therefore, instead of /all you need to use some other data query parameter like TopN or Where to filter out the requested data. The following request, for example, will work:

http://localhost/Kentico12_1_Admin/rest/cms.eventlog?topn=100