DEV Registry Service

API Validator

API Validator can be used to validate implementation of the EWP APIs against the specification. You should be aware that the Validator is publicly available, any API can be tested any time. Both requests and responses are also publicly available.

To be compliant with the EU General Data Protection Regulation (GDPR) you should not, under any circumstances, expose private personal data to unauthorised users.

Make sure that the system you connect to the DEMO EWP Network contains only scrambled data or artificial data. This network is used for testing, so - according to Murphy's law - whatever can go wrong, will go wrong.

Security options

A--- - No Client Authentication (Anonymous Client)
H--- - Client Authentication with HTTP Signature
-T-- - Server Authentication with TLS Certificate (CA-signed)
-H-- - Server Authentication with HTTP Signature
--T- - Request Encryption only with regular TLS
--E- - Request Encryption with ewp-rsa-aes128gcm
---T - Response Encryption only with regular TLS
---E - Response Encryption with ewp-rsa-aes128gcm

APIs defined in manifest https://portal-demo.upce.cz/ws/services/ewp/manifest:

echo 2.0.1 https://portal-demo.upce.cz/ws/services/ewp/echo
Security method
Parameters
No parameters available.
institutions 2.2.0 https://portal-demo.upce.cz/ws/services/ewp/institutions
Security method
Parameters
hei_id
organizational-units 2.1.1 https://portal-demo.upce.cz/ws/services/ewp/ounits
Security method
Parameters
hei_id
ounit_id
iias - get 7.0.0 https://portal-demo.upce.cz/ws/services/ewp/iias/get
Security method
Parameters
iia_id
iias - index 7.0.0 https://portal-demo.upce.cz/ws/services/ewp/iias/index
Security method
Parameters
iia_id 

iia_id

×
This parameter is used to fetch partner_hei_id and receiving_academic_year_id using GET endpoint.
partner_hei_id
receiving_academic_year_id
iia-cnr 3.0.0 https://portal-demo.upce.cz/ws/services/ewp/iias/cnr
Security method
Parameters
iia_id
factsheet 1.1.0 https://portal-demo.upce.cz/ws/services/ewp/factsheet
Security method
Parameters
hei_id
omobility-las - get 1.2.0 https://portal-demo.upce.cz/ws/services/ewp/las/get
Security method
Parameters
sending_hei_id
omobility_id
omobility-las - index 1.2.0 https://portal-demo.upce.cz/ws/services/ewp/las/index
Security method
Parameters
receiving_hei_id
sending_hei_id
not_permitted_hei_id 

not_permitted_hei_id

×
Will be used as sending_hei_id parameter to test if it is not possible for real hei id to access restricted data. Defaults to uw.edu.pl (but if sending_hei_id is uw.edu.pl then uma.es is used).
omobility_id 

omobility_id

×
This parameter is used to fetch receiving_academic_year_id using GET endpoint.
omobility-las - update 1.2.0 https://portal-demo.upce.cz/ws/services/ewp/las/update
Security method
Parameters
sending_hei_id
omobility_id
latest_proposal_id
omobility-la-cnr 1.1.0 https://portal-demo.upce.cz/ws/services/ewp/las/cnr
Security method
Parameters
omobility_id

Security method

×
Here you have to select security method that will be used to perform calls to validated API. Security method consists of four letters, their meaning is described on the top of this page.

Parameters

×

Parameters are values used by validators when they perform calls to APIs. You should leave those fields empty, validators are able to find proper values themselves. However there are certain cases when you would like to fill those fields.

When should I fill those fields?

  1. You would like to see if your API works with parameters different than ones found by the validator.
  2. Validator obtains its parameters using API you do not support.
    E.g. if you want to validate Courses API, validator will use Course Replication API to find los_id parameters that can be used to query Courses API. If your host doesn't implement Replication API the validator will report that it cannot find required API and won't perform tests. In that case you can manually provide hei_id and los_id values from you database. Validator will run tests using that values.

How to find out what parameters are used by the validator?

You should look at details of requests made by the validator, they are used as parameters for HTTP requests with same names.

What is the meaning of parameter X?

Look at the specification of the API you are validating, parameters used here are subset of those described there.

If you manually enter parameter please take care to provide correct values, they cannot be verified and are assumed to be correct. Providing invalid parameters will result in failed tests.