Skip to main content
Version: 1.9

Endpoint address

This is the interface by which the client contacts ADS for authorization services.

ADS provides a REST API for HTTPS or HTTP. The following REST endpoints can be used:

MethodURI pathDescription
GET/entrypoint
POST/authorizeauthorization endpoint

Endpoint addresses

Note: For migration purposes, ADS provides an endpoint compatible with legacy PDP clients at /asm-pdp/authorize (for REST) or /asm-pdp/pdp (for SOAP). However, it is deprecated and should only be used to provide compatibility with legacy PDP installations during migration. It will be removed in a later version of ADS.

Application endpoints

The functional part of Access Decision Service is located at the applicationConnectors property in the configuration yaml file (refer to samples/getting_started/deployment.yaml). The endpoints are as noted above.

Administration endpoints

The non-functional parts are located at the adminConnectors property in the configuration yaml file (cf. samples/getting_started/deployment.yaml). See Service connectors for configuration information.

Healthcheck

GET /healthcheck (an endpoint to determine the state of the application)

  • The healthcheck can be used as a readiness check, in which case it returns HTTP Status 200 OK.
  • The healthcheck will display the domain identifier (for both versions of the domain document format) of the domain that is currently in use to answer new requests. If the domain is retrieved via http, the healthcheck can serve as a verification that the correct domain has been retrieved.
  • The healthcheck will provide information about the last occurrence of a reconfiguration trigger (that is, a timestamp) as well as the reconfiguration attempt itself and its status (a timestamp and whether the reconfiguration was successful). If there was an unsuccessful domain reconfiguration attempt, an error message about the cause of the failure is included.

For an example of the healthcheck in use, see Checking that ADS is running.

Metrics

When the Prometheus monitoring application is used as a metrics backend for ADS, it pulls (or scrapes) data via an administration endpoint.

GET /admin/metrics/prometheus

The configuration of ADS for metrics data collection is described in the section Metrics.

System information

GET /admin/system/info (an endpoint to access system information)

The endpoint returns a response with HTTP Status 200 OK and a JSON payload. The payload includes data on:

  • Application Name
  • Application Vendor
  • Application Version
  • Application Build Version
  • CLI Arguments
  • Java Home Directory
  • Java Vendor
  • Java Version
  • Operating System Architecture
  • Operating System Name
  • Operating System Version

System information

The information may be useful to have when communicating with customer support. This system information is also included as one line in the log during ADS start-up. See Application version information for more information.