Firely Server Administration API
The Administration database utilizes the Administration API. The endpoint for this API is:
http(s)://<firely-server-endpoint>/administration
The following functions are available in the Administration API:
Configuration
You can configure the Administration API, including restricting access to functions of the Administration API to specific ip addresses.This configuration is part of Firely Server settings.
"Administration": {
"Repository": "SQLite", //Memory / SQL / MongoDb
"MongoDbOptions": {
"ConnectionString": "mongodb://localhost/vonkadmin",
"EntryCollection": "vonkentries"
},
"SqlDbOptions": {
"ConnectionString": "connectionstring to your Firely Server Admin SQL Server database (SQL2012 or newer); Set MultipleActiveResultSets=True",
"SchemaName": "vonkadmin",
"AutoUpdateDatabase": true,
"MigrationTimeout": 1800 // in seconds
//"AutoUpdateConnectionString" : "set this to the same database as 'ConnectionString' but with credentials that can alter the database. If not set, defaults to the value of 'ConnectionString'"
},
"SQLiteDbOptions": {
"ConnectionString": "Data Source=./data/vonkadmin.db",
"AutoUpdateDatabase": true,
"MigrationTimeout": 1800 // in seconds
},
"Security": {
"AllowedNetworks": [ "::1" ], // i.e.: ["127.0.0.1", "::1" (ipv6 localhost), "10.1.50.0/24", "10.5.3.0/24", "31.161.91.98"]
"OperationsToBeSecured": [ "reindex", "reset", "preload" ]
}
},
Choosing your storage
The Administration API uses a database separately from the main ‘Firely Server Data’ database. Historically, SQL Server, MongoDB and Memory are supported as databases for the Administration API.
As of Firely Server (Vonk) version 0.7.1, SQLite is advised for this, and we have made that the default configuration. See Using SQLite on how to configure for this.
Repository
: Choose which type of repository you want. Valid values are:
Memory
SQL
SQLite
MongoDb
MongoDbOptions
: Use these with"Repository": "MongoDb"
, see Using MongoDB for details.SqlDbOptions
: Use these with"Repository": "SQL"
, see Using SQL server for details.SQLiteDbOptions
: Use these with"Repository": "SQLite"
, see Using SQLite for details.
Limited access
Security
: You can restrict access to the operations listed inOperationsToBeSecured
to only be invoked from the IP addresses listed inAllowedNetworks
.
Operations that can be secured are:
reindex
(see Re-indexing for new or changed SearchParameters)
reset
(see Reset the database)
preload
(see Preloading resources)
StructureDefinition
(restrict both read and write)
SearchParameter
(restrict both read and write)
ValueSet
(restrict both read and write)
CodeSystem
(restrict both read and write)
CompartmentDefinition
(restrict both read and write)
Subscription
: (restrict both read and write, see Subscriptions)The
AllowedNetworks
have to be valid IP addresses, either IPv4 or IPv6, and masks are allowed.