RESTful Services for your Oracle Autonomous Database

Copyright © 2019 Oracle and/or its affiliates. All rights reserved. |
RESTful Services
Oracle Autonomous Database
Jeff Smith
Master Product Manager
Jeff.d.smith@oracle.com || @thatjeffsmith
Database Tools, Oracle Corp
1
{
"items":
[
{
"employee_id": 100,
"first_name": "Suppo0rt",
"last_name": "King",
"email": "Suppo0rt",
"phone_number": "515.123.4567",
"hire_date": "2018-08-21T11:09:58Z",
"job_id": "AD_PRES",
"salary": 49243.75,
"commission_pct": null,
"manager_id": null,
"department_id": 90,
"column1": null,
"links": [
{
"rel": "self",
"href": "http://localhost:8080/ords/hr/peeps/100“
}
]
},

ATP-Dedicated, Too!

Copyright © 2019, Oracle and/or its affiliates. All rights reserved. | 4
Introduction and
getting started

REST Data Services (ORDS)
• Publish REST APIs for your schemas
• Write your own services SQL & PL/SQL
• REST Enable tables, views, PL/SQL objects
• Secure with privs/roles
• Authenticate with DB users or ORDS OAUTH2 workflow
5

Stuff in your DB…available via HTTPS!

GET https://host/ords/human/peeps/ SELECT *
FROM
EMPLOYEES
HTTP/1.1 200 OK
{ "employee_id": 100,
"first_name": "Kris"
,"last_name": "Rice",
, “email": “krisrice@oracle.com",
{json}
URI SQL & PLSQLMap & BindHTTP Request
HTTP Response Transform to JSON SQL Result Set / Standard OUT
Oracle REST Data Services
Anatomy of an ORDS Request and Response

Available Development & Management Interfaces
SQLDev
APEX
PL/SQL API

Day 0: Database User with Web Access out-of-the-box
HTTPS Access – to your data,
objects, and APEX apps

Getting Started
• ADMIN account is available by default for HTTPS Access
• SQL Developer Web, APEX, and RESTful Services
10
admin

Use ADMIN for admin, not for development
• Treat it as SYSTEM/SYS
• Do NOT use for application schema
What TO DO
1. CREATE USER JEFF…;
2. REST ENABLE

Determining your REST Service URLs
https://some-id.adb.co-citry-1.oraclecloudapps.com/ords/tjs/_sdw/?nav=worksheet
https://some-id.adb.co-citry-1.oraclecloudapps.com/ords
• /schema/module/service-pattern/
• /schema/rest-enabled-object/

REST Service Options –
Automatic or Manual

Automatic: REST Enabling a TABLE
AUTO REST Advantages
•CRUD APIs, no SQL to
write
•Single ORDS package
call to create
•Maintained by US
•Feature Packed
•Optimized
• GET
• PUT
• POST
• DELETE
• DESC
• DOCS
/ords/hr/employees
/ords/hr/employees/
/ords/hr/employees/:id

• Schema level Metadata
• Table Metadata
• Get ( Select )
• Query ( Filtering/Order/ASOF )
• Insert
• Update
• Delete
• Load CSV

•All rows /
•One row /:id – PK Value
–No PK, default to ROWID
–Multi-column PK /x,y,z
•Some rows /?q={json}
Querying the TABLE

METHOD : PUT /:PK
REQUEST BODY : JSON
RESPONSE: 200 OK
•Location (Header)
•JSON (Body)
Table Columns in the POST body
{“column_name” : column_value }
UPDATE a row

RESTful Services: Your SQL & PL/SQL
RESTful Service Advantages
•You’re in charge
•Inputs, outputs, error
handling, response codes,
formatting
•Full access to SQL/PLSQL
•Easily exported, source
controlled
•Transparent

Not just for SELECTs & Reading Data

Security and Authentication
• Services are secured with PRIVILEGES
• ROLES are assigned PRIVILEGES and granted to users
• USERS are authenticated DB USER sessions or come in via
our OAUTH2 mechanism

Defining Privileges
22
Protect a module or URI pattern
The ‘SQL Developer’ role is inherited by
every database authenticated REST request
in ORDS….so if I give the privilege to this
ROLE, my JEFF/P@$$w0rd BASIC Auth
request to /ords/jeff/ will be authorized.

Trying to access a REST API w/no credentials…

Same request w/credentials…

OAUTH2 – what we recommend vs DB User/BASIC Auth
25

Live Demo

ORDS in Autonomous, what it’s mean?
• Installed and ready to use at startup
• ADMIN user is REST enabled, but don’t use it for apps
• All the ORDS features you know on-prem, avail in OCI
• We handle upgrades and maintenance

Questions?

RESTful Services for your Oracle Autonomous Database

More Related Content

RESTful Services for your Oracle Autonomous Database