Web Console

After installing NotifyBC, you can start exploring NotifyBC resources by opening web console, a curated GUI, at http://localhost:3000open in new window. You can further explore full-blown APIs by clicking the API explorer Swagger UI embedded in web console.

Consult the API docs for valid inputs and expected outcome while you are exploring the APIs. Once you are familiar with the APIs, you can start writing code to call the APIs from either user browser or from a server application.

What you see in web console and what you get from API calls depend on how your requests are authenticated.

Ip whitelisting authentication

The API calls you made with API explorer as well as API calls made by web console from localhost are by default authenticated as super-admin requests because localhost is in admin ip list by default. Ip whitelisting authentication status is indicated by the verified_user icon on top right corner of web console.

To see the result of non super-admin requests, you can choose one of the following methods

  • customize admin ip list to omit localhost (127.0.0.1)
  • access web console from another ip not in the admin ip list

Client certificate authentication

If your ip is not in the admin ip list but you have setup a client certificate issued by NotifyBC server in browser, the API calls you made with API explorer as well as API calls made by web console are also authenticated as super-admin requests. Client certificate authentication status is indicated by the verified icon on top right corner of web console.

Anonymous

If you access web console from a client that is not in the admin ip list, you are by default anonymous user. Anonymous authentication status is indicated by the LOGINlogin button on top right corner of web console. Click the button to login.

Access token authentication

If you have not configured OIDC, the login button opens a login form. After successful login, the login button is replaced with the Access Token text field on top right corner of web console. You can edit the text field. If the new access token you entered is invalid, you are essentially logging yourself out. In such case Access Token text field is replaced by the LOGINlogin button.

The procedure to create an admin login account is documented in Administrator API

Tokens are not shared between API Explorer and web console

Despite API Explorer appears to be part of web console, it is a separate application. At this point neither the access token nor the OIDC access token are shared between the two applications. You have to use API Explorer's Authorize button to authenticate even if you have logged into web console.

OIDC authentication

If you have configured OIDC, then the login button will direct you to OIDC provider's login page. Once login successfully, you will be redirected back to NoitfyBC web console. OIDC authentication status is indicated by the LOGOUTlogout button.

If you passed isAdmin validation, you are admin; otherwise you are authenticated user.

SiteMinder authentication

To get results of a SiteMinder authenticated user, do one of the following

  • access the API via a SiteMinder proxy if you have configured SiteMinder properly
  • use a tool such as curl that allows to specify custom headers, and supply SiteMinder header SM_USER:
curl -X GET --header "Accept: application/json" \
    --header "SM_USER: foo" \
    "http://localhost:3000/api/notifications"