Skip to main content

Introduction

The Snow License Manager Web API enables clients to retrieve information from a Snow License Manager system. It is an HTTP API that is implemented in the REST architectural style. The Snow License Manager Web API serves hypermedia, and is consumable from any client, tool, or platform that can make standard HTTP requests and parse HTML, XML, or JSON.

Note that the current version of the API is read-only.

From Snow License Manager 7.0.09 Feature Release 1 the Web API is included in the Snow License Manager installation, and updates of the Web API are managed via Snow Update Service (SUS). The Web API is installed in the same site as the Snow License Manager Web. For example, if the Snow License Manager Web is reachable via https://MySLM the API is reachable via https://MySLM/api.

Prerequisites

A Snow License Manager user account with administrator and API access privileges is required for authentication when making requests to the API. User accounts are managed in Snow Management and Configuration Center.

The following knowledge is good to have in order to use the Snow License Manager Web API effectively:

  • HTTP - Basic understanding of HTTP

  • REST - Basic understanding of how REST APIs work

  • Formats - Reading and parsing of JSON and/or XML

  • Queries - Understanding of how to set up OData queries in a URI query string in order to filter, page, and sort the collections in the API.

    note

    The API is not an OData service per se. The API only supports a limited subset of the OData protocol, namely the query string options $orderby, $top, $skip, $filter, and $format.

Secure the API web application

The API uses basic authentication to authenticate requests. This mechanism provides no confidentiality protection for the transmitted credentials out of the box. Username and password are encoded with Base64 but not encrypted in any way.

Transmitting credentials in Base64 is effectively no more secure than sending them as clear text, so if the API is hosted in such a way that eavesdropping on the communication between the client and the server is possible, there will be a significant security risk.

To amend for this, the Snow License Manager web application should be secured using SSL/TLS and hosted over HTTPS.

The following article from Microsoft describes how to secure an IIS web site with SSL:

http://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis

note

The API uses a custom implementation of basic authentication. In order for this to work, basic authentication in Microsoft Internet Information Services (IIS) needs to be disabled.

Windows Authentication

As mentioned above, the Snow License Manager Web API uses basic authentication to authenticate requests. When the Web API is used in an environment where Windows Authentication is enabled, an exception must be configured that enables basic authentication for the Web API. For more information, refer to the document Setting Up Windows Authentication.

Log files

The path for the WebAPI log files is [SLM install path]\Web\Logs\WebApi\.

The log files within the folder are named WebApi_[the date in YYYY-MM-DD format].log.

The log files are configured to use the log4net configuration, which is the general configuration of log files in Snow License Manager:

ConversionPattern = "%date{yyyy-MM-dd HH:mm:ss} %level %class:%method -
%message%newline%exception"

The default log level of the API is WARN. Optionally, the default log level can be configured in the setting snowsoftware/settings.api/apiLogLevel in Snow License Manager web config.