Specifying a REST server

During discovery, the external service is automatically set to point to the REST server. You can modify the server binding properties that your external service uses to invoke a REST API.

About this task

External services must provide connection information and authentication information to invoke a service on the host. The connection information, as well as defaults for basic authentication information, are defined in a server. Server configurations can be shared by multiple external services in a business automationor toolkit. A server lets you maintain the connection information in one place so that you need to update it only once if something changes. If the API changes but the server is the same, you can rediscover the service without changing the server.

When you discover a REST service, you can choose to use an existing REST server or create a new one. The host, port and secure server properties are added for you if the Swagger definition specifies them.

Remember: When you edit the custom resource file, the section baw_configuration described in this topic only applies to a production runtime system. If your configuration is a production authoring system or a demo pattern, you must make the custom resource edits to the section workflow_authoring_configuration instead.

Procedure

To modify an existing REST server, perform the following steps.

Select the Servers tab from the Process App Settings editor. You see the Process App Settings editor when you first open a newly created process application in the Business Automation Studio.
Select the server that you want to modify. You can change the following binding properties.
- The Name of the server.
- The Description of the server.
- The Default settings are used if nothing is specified for the other environments. You can have several environment types, which are added by clicking +. The other environment types that you can add are as follows:
  - Development: The environment where you develop your services. This is any Business Automation Studio or a workflow server that has its environment type set to Development.
  - Test: The environment where you test your services.
  - Staging: The environment where you deploy your services for pre-production testing.
  - Production: The environment where your services are deployed for use by your organization.
- Host name: The host name of the server that hosts the REST service. Specify an IP address or a host name and domain. For example: myHost.labwide.ibm.com.
- Port: The port number of the server.
- Secure Server: Specify whether you want your service to be secure, that is, to use the Hypertext Transfer Protocol Secure (HTTPS) protocol by selecting this check box. If you select the HTTPS protocol, make sure that you have the security certificate that the REST service requires and that you specify the correct port number for the secure server.
- SSL Configuration: Check the server certificate for the REST service that you want to invoke.
  - If the server certificate is signed by a public certification authority, you can use the preconfigured SSL configuration that is named PublicInternetSSLSettings.
  - If the server certificate is not signed by one of the public certification authorities that are included in the preconfigured SSL configuration:
    
    Leave the SSL Configuration field empty.
    
    Download the certificate that you want to trust.
    
    Create a secret for the certificate that you want to trust by running the following command in the project where you plan to invoke the external service.
    
    On OpenShift:
    oc create secret generic secretName --from-file=tls.crt=your_cert_path/external-service-cert.crt
    
    On Kubernetes:
    kubectl create secret generic secretName --from-file=tls.crt=your_cert_path/external-service-cert.crt
    
    Add the secret to the custom resource in the variable baw_configuration.tls.tls_trust_list. For example:
    baw_configuration: … tls: tls_trust_list: [secretName1, secretName2]
    This variable is an array and multiple values can be specified by separating them with a comma as shown in the example.
    
    If you already completed installation and applied your custom resource, you must apply the custom resource again to validate the exchange of TLS certificates. For example:
    
    On OpenShift:
    oc apply -f descriptors/my_custom_resource.yaml
    
    On Kubernetes:
    kubectl apply -f descriptors/my_custom_resource.yaml
- Authentication: The defaults for the basic authentication method that is used to invoke the REST service. These settings take effect when no basic authentication settings are configured in the Binding tab of the external service. You can use one of the following options:
  
  None
  
  No credentials are required.
  
  Basic - user name and password
  
  Authenticate by using the user name and password that are specified.
  Basic - invocation credential
  
  Authenticate by using the J2C authentication alias that holds the username and password.
  
  Create a secret for the Liberty server configuration trust, see Creating secrets to protect sensitive configuration data, and add an authentication alias to the configuration.
  
  Add the secret under baw_configuration[x].custom_xml_secret_name.
- Request and Response Timeout: The amount of time before a connection to the server times out.
  
  Request timeout
  
  The amount of time, in milliseconds, that the client attempts to establish a connection before it times out. The default is 30000. If you choose None, the client attempts to open a connection indefinitely.
  
  Response timeout
  
  The amount of time, in milliseconds, that the client waits for a response before it times out. The default is 60000. If you choose None, the client waits indefinitely.