Promoting the safe and effective use of powered access
The Data Service's REST API is for administrative actions by businesses who want to build interactions with IPAF Data and for developers who want to integrate with or build on top of the IPAF platform.
For REST API documentation and specification please review the Endpoints documentation .
Data Service's REST API provide access to resources (data entities) via URI paths. As is the case with the REST architecture your application will make an HTTP request and parse the JSON response. Your methods will be the standard HTTP methods: GET, PUT,PATCH,POST and DELETE. The REST API is based on open standards, so you can use any web development language to access the API.
For some examples of what you can do with the REST API, see Data Service's REST API Examples.
Data Service's REST API makes use of pagination on HTTP calls to limit the amount of data that can be requested. A lot of the time, when you're making calls to the API, there is a potential to return a heavy payload of results. For that reason, we paginate the results to make sure responses can be handled efficiently.
As an example a call into the licence endpoint could result in hundreds of thousands of records being returned without the paginiation limits in place to reduce unnecessary load on the servers.
Rather than that, the API has a maximum limit on what can be called, but it is best practice to set your own PageSize on each request so that you know what to expect and control the further calls to get the required records.
For further information on paginations and other features, view our Features page.
The Data Service's APIs utilises the OAuth 2.0 authorisation with OpenIDConnect to provide an identity layer for authentication and Single Sign-On (SSO) capability to IPAF application users through their IPAFID. Using a separate identity server users are able to carry their credentials to all Client Apps that are granted relevant permissions. The Data Service API uses the PKCE (Proof Key for Code Exchange) flow for additional security in protecting user identity.
For further information on Authentication and Authorisation, view our Security page.