In Peliqan you can define and publish API endpoints, in order to share data with partners, customers etc. These API endpoints can also be used to capture incoming webhook events.
Publishing an API endpoint
In Peliqan, go to the Build section, and click the “+” icon when hovering over “API endpoints”:
Add a new endpoint and link it to a Python script of type “API handler”. See below on how to write a low-code Python script to handle the API requests.
Create a JWT web token under Settings > Security, and use this in the Authorization header to authenticate when consuming this API endpoint.
The full URL of your API endpoint is shown on the API endpoint detail screen, as you can see in the above screenshot.
Adding a Python script to handle API requests
In Peliqan, go to the Build section, and click the “+” icon when hovering over “Apps”. Add a script (app) of type “API endpoint handler”:
The new script will have some boilerplate example code, that shows how you can get the details of the incoming request (such as the body, headers, querystring etc.) and how you can send a response:
def handler(request):
# Get request details:
method = request['method']
url = request['url']
path = request['path']
query_string = request['query_string']
headers = request['headers']
data = request['data']
form = request['form']
# Example reading a parameter from the querystring
from urllib.parse import parse_qs
query_string_dict = parse_qs(query_string)
if "param1" in query_string_dict:
param1 = query_string_dict['param1'][0]
# Example reading data from an incoming POST body with JSON
import json
postbody_obj = json.loads(data)
# Example response: read rows from a table (pq = Peliqan module)
dbconn = pq.dbconnect('dw_2')
table_rows = dbconn.fetch('dw_2', 'salesforce', 'accounts')
# Send the API response (e.g. return the table contents)
return table_rows
Implementing custom authentication in an API endpoint
Below is an example API handler script, to implement your own authentication mechanism. This allows you to distribute individual tokens to multiple consumers of your API.
You can add a new token by enabling the function add_new_token()
, in following 4 steps:
- Set the new token in the function
add_new_token()
- Call the API endpoint once
- The token will be encrypted and stored in the table tokens together with a token id.
- Disable the function
add_new_token()
and remove the token from the code
Make sure to create this table first (in schema tokens), with an "id" column and a "token" (string) column.
Note that inserting the new tokens in the DB must be done from the same script, because the secret to encrypt is stored in the script state (similar to an environment variable) on the first run.
Make sure to set your own secret first, and remove it from the script after the first run.
The token can be set in the Authorization
header when calling this API endpoint. If a valid token is used, the token id will be retrieved. You can apply permissions based on thi before sending a response, for example filter data based on the token id (row level permissions).