ContactsLaw provides a REST API that allows third-party developers to perform a limited subset of operations within the system.

It is a component of the ContactsLaw Daemon.

Configuration

Permission must be granted to the Windows user account under which the daemon runs before the REST API can be accessed:

1. Stop the ContactsLaw Daemon if it is currently running.

2. From an elevated command prompt, run the following command:
   netsh http add urlacl url=http://*:4446/ user="DOMAIN\User"
   (substituting with the correct user account)

3. Start the ContactsLaw Daemon.

By default, the REST API uses HTTP port 4446. This can be overridden in System Settings.

SSL/HTTPS

If you require the REST API to be remotely accessible over the Internet, you should configure HTTPS. For this, you will require an SSL certificate.

1. Change the HTTPS port number (under System Settings) from zero to an unused TCP port number, e.g. 8886.

2. Stop the ContactsLaw Daemon if it is currently running.

3. From an elevated command prompt, run the following command:
   netsh http add urlacl url=https://*:8886/ user="DOMAIN\User"
   (substituting with the correct user account)

4. Install the certificate using the following command:
   netsh http add sslcert ipport=0.0.0.0:8886 certhash=XXX appid={82c223b4-97f5-4120-adc6-0c35fe6fd420}
   (substituting XXX with the certificate thumbprint)

5. Start the ContactsLaw Daemon.

OAuth 2.0

The REST API supports OAuth 2.0 for third-party applications that need to perform operations on behalf of members. A client ID and secret need to be allocated to each application that will use OAuth (managed via System Settings). For applications that run as a service account, username/password authentication is generally sufficient.

Logging

API documentation 

The documentation for the REST API can be found here: http://download.overtech.com.au/public/contactslaw/rest-api

Best practices

See also