WOCAT » QCAT

h1. API / Web Services Requirements

h2. Request services

The existing API is documented here: https://qcat.readthedocs.io/en/latest/api/docs.html

h3. Required missing request services:

* There is an endpoint to get the configuration for a specific questionnaire and edition:  https://https://qcat.wocat.net/en/api/v2/configuration/technologies/2018/

1.  Whithout the 'edition' endpoint, it should response with an array of available editions. Now it answers with a 'Not found' html page.

2. Without the specific configuration endpoint (like 'technologies'), the response should be an array of available configurations.  Now it answers with a 'Not found' html page.

h2. Requirements for services to add / update cases

The following new webservice endpoints must be developed.

h3. Authentification endpoint

To upload a case, a user has to authenticate himself. Therefore an authentification endpoint is needed. 

%{background:#F2D5A0} The existing authorization token serves only as authorization to access the API. 

The token is application based and always the same for a certain application, independently of the user working with the application.%

*Endpoint:*  _/api/v2/auth-token/_

*Allowed method:*  _POST_  

*Post data:*

@username@:  The username of a WOCAT account

@password@: The password of the corresponding WOCAT account

* The user has to authenticate before any data is uploaded or non-public downloaded.

* After a successfull authentification, the server sends a (session-) token. This token has to be sent for any subsequent POST request.

* This token should have limited time of validity on the server side.

* LImitations on client side? (to discuss)

h3.