Developer Documentation Library > Web API
 
Web API
The UNICOM Intelligence Web API is a RESTful API that:
provides unified programmatic access to case (respondent) data, survey metadata, participants, quota, project properties, and files running on a UNICOM Intelligence cluster
generates interviewing reports
exports data.
Installation location
The default installation location of the Web API is https://<hostname>/SPSSMR/WebAPI, where <hostname> is the name of the server on which UNICOM Intelligence is installed.
The configuration of the Web API is stored in DPM under \Site\Properties\WebApi: see Configuring the Web API.
Authorization to access to the Web API
Users can access the Web API only if they are authenticated:
For interactive client applications, the user must authenticate by using OpenID Connect (an extension to OAuth2.0) at https://<hostname>/SPSSMR/Oidc and getting an access token. The access token must be specified in an “Authorization” header of all requests to the Web API using a scheme type of “Bearer”.
For non-interactive client applications where a “service user” is being used, an API key can be used for authentication if the client application can store the API key securely.
The user must be authorized to use the Web API by using the User Administration activity in ISA. To make any request to the Web API, the user must be authorized for the “Web API” activity. This gives them basic access to the Web API; for example, they can view a list of project names. They must then be authorized for other “Web API” activities. For more information, see Authorizing users for the Web API.
Web API documentation
For information about the Web API endpoints, see Endpoint reference.
Accessing the Web API
Access to the Web API requires the user to be authenticated by using OpenID Connect (an extension to OAuth2.0) at http://<hostname>/SPSSMR/Oidc.
A client application must be defined in DPM under \Site\Properties\Oidc\Clients. The client application must use the http://<hostname>/SPSSMR/Oidc application to get an access token, and then include that access token in an “Authorization” header using a scheme type of “Bearer”. The user must also be authorized to use the Web API, and any other specific activities that they want to use.
For examples of OpenID Connect authentication code and password‑based clients, see the SwaggerUI and DMQuery clients that are configured in DPM.
See
Getting started with the Web API
OpenID Connect provider
Web API application
Endpoint reference