Application programming interfaces
Application programming interfaces (APIs) are part of a plug-in model that you can use to add applications without disrupting existing applications.
Remote application programs run outside of the Verify Governance Java™ virtual machine (JVM). Classes outside of the application packages are not intended to be started by a remote application. Classes in remote applications are documented under the Verify Governance application packages. Server extensions, which run in the Verify Governance JVM, can use any of the classes that are listed in the published API documentation (Javadoc). They are Java classes that run in the same JVM of the caller. These APIs are used to develop Verify Governance customization and extensions that can plug into Verify Governance.
Several application APIs can be started by a remote application. A few server extension APIs in the data services package are also included. The following application APIs are intended to be started by a remote application:
Verify Governance Software Development Kit (SDK)
| Folders | Contains the following files |
|---|---|
| customization | Files used to customize Verify Governance. For example, adding a custom application in the desk, changing the labels and descriptions of the applications, and setting the date and time format for the entire product". See Customization features. |
| javaDocAGCore | The Javadoc, which provides the documentation for the Verify Governance EJB. |
| lib | The binary versions of the IBM® Security Identity Governance and Intelligence libraries and WebSphere® Application Server client to compile the SDK source. |
| Readme | A README.txt file. |
| RESTDoc | Documentation to create REST API calls to the Verify Governance services. See REST APIs. |
| RESTExamples | Examples of the REST API calls. |
| src | The source code of the SDK. |
| sas.client.props | The WebSphere Application Server access configuration information. |
| ssl.client.props | The SSL information. |
EJB APIs
- The interfaces and methods for managing a certain set of functions, and
- The EJB that these interfaces and methods use
These packages allow a third-party application to establish interoperability with Verify Governance and calls a large set of functions, through EJB technology.
- The main set of interfaces for the interoperability with the Access Governance Core module
- The Interface ISec API, for managing the authorization function
For more information, see the Verify Governance Javadoc
REST APIs
The REST APIs provide third-party applications some functionality and the interface for operating with Verify Governance. Verify Governance client components send the queries to these REST APIs.
- Verify Governance External Authorization Services API
- Accepts or refuses the received request. Use these REST APIs when
the RESTful web server returns
3 = WAITING_ASYNCHRONOUS. The RESTful web service must meet the requirements that are specified in the SVG External Authorization Services.html file. Otherwise, external authorization cannot work. - External Authorization Services API
- Manages the request related to a list of permissions or roles that can be added, removed, or renewed according to the request type. See External Authorization Services.html for complete information about creating the correct RESTful web service for external authorization.
- External SoD APIs
- Checks if the entitlement, group, or user presents Segregation of Duties risks. See ExtSODServices.html.