Cúram REST configuration properties

The following properties are used by the REST infrastructure. You set the properties in the Application.prx file for your custom component or by using the Cúram administration console.

Value	Description
curam.rest.refererDomains	This mandatory property configures a list of supported domains that can be set in the Referer header of a request. The purpose of the property is to protect against Cross Site Request Forgery (CSRF) attacks. The property is not set by default and must be set in a deployed environment. It should be set as a comma-separated list of domains that are accepted in the Referer header. For example, the value abc.com,def.com allows all request with subdomains of abc.com and def.com set in the Referer header to successfully connect to Cúram REST APIs. This property is not required for the Cúram mobile app or at development time. REST APIs accept a referrer header value beginning with curam:// for mobile applications and accept the localhost domain at development time.
curam.rest.baseURI	This optional property configures an alternative base URI for the Location response header that is returned for POST request methods. If not set, the base URI from the request header is used. The purpose of this property is to allow for the use of web servers and gateways that change the context path of the REST API resources that are exposed to a client. The property should be set to the full context path for the REST API, for example, http://someserver.abc.com:9123/Rest

Value

Description

curam.rest.refererDomains

This mandatory property configures a list of supported domains that can be set in the Referer header of a request. The purpose of the property is to protect against Cross Site Request Forgery (CSRF) attacks. The property is not set by default and must be set in a deployed environment. It should be set as a comma-separated list of domains that are accepted in the Referer header. For example, the value abc.com,def.com allows all request with subdomains of abc.com and def.com set in the Referer header to successfully connect to Cúram REST APIs. This property is not required for the Cúram mobile app or at development time. REST APIs accept a referrer header value beginning with curam:// for mobile applications and accept the localhost domain at development time.

curam.rest.baseURI

This optional property configures an alternative base URI for the Location response header that is returned for POST request methods. If not set, the base URI from the request header is used. The purpose of this property is to allow for the use of web servers and gateways that change the context path of the REST API resources that are exposed to a client. The property should be set to the full context path for the REST API, for example, http://someserver.abc.com:9123/Rest