becu-interop-platform-api
Governance
Description
This page consists of the information regarding the operations performed to get the conformance status of an asset and/or send notifications when an asset is not conformant.
Endpoints
- GET
/conformanceStatus/{assetId} - POST
/notification
API Design Endpoint Sequence Diagram
BECU Interop Platform API orchestrates API calls to the internal-Anypoint Exchange APIs and Mulesoft Platform APIs to get the conformance status and send non conformant notifications.
Fetching Conformance Status
Sending Conformance Notification
Getting the Conformance Status
Calling the GET /conformanceStatus/{assetId} endpoint, passing the assetId of an asset, returns the Conformant or Non-Conformant status of the asset.
The user needs to pass the businessGroupId as a header with the ID of the Business Group where the asset is located.
When this endpoint is triggered it will first verify the requested Exchange asset exists, then all the governance profiles for that particular business group will be fetched, and, from that point, the ID of those profiles will be fetched.
Next, the conformance status is fetched, for which internally profileId is passed in the URI parameters, along with the assetId apiVersion groupId and organizationId will be passed as query parameter.
Once we get the conformance status is fetched, the response payload is created.
Below is an example of a conformance status response:
{
"conformanceReport": [
{
"error": 66,
"warning": 67,
"ruleset": "BECU Anypoint Best Practices",
"summaryStatus": "NonConformant",
"target": "gav://7ff7c3b2-9f53-4509-9309-77e75e3df0a8/becu-interop-platform-api/1.0.21"
},
{
"error": 0,
"warning": 0,
"ruleset": "BECU OWASP API Top 10",
"summaryStatus": "Pending",
"target": "gav://7ff7c3b2-9f53-4509-9309-77e75e3df0a8/becu-interop-platform-api/1.0.21"
},
{
"error": 18,
"warning": 0,
"ruleset": "BECU Authentication Security Best Practices",
"summaryStatus": "NonConformant",
"target": "gav://7ff7c3b2-9f53-4509-9309-77e75e3df0a8/becu-interop-platform-api/1.0.21"
}
]
}
The report includes a conformace status for the specified asset and the number of errors and warnings according to the ruleset.
Sending Conformance Notifications
Calling the POST /notification endpoint will send a conformance notification to defined recipients.
A body must be passed where recipients are specified:
{
"target": "gav://1717fa68-d214-4f68-8e69-b29898d54a2c/becu-alloy-experience-api/1.0.9",
"recipients": [
{
"contactType": "Publisher",
"label": "vijay_deloitte",
"notificationType": "Email",
"value": "vijaykumar88@deloitte.com"
},
{
"contactType": "Others",
"notificationType": "Email",
"value": "smshekhar@deloitte.com",
"label": ""
},
{
"contactType": "Others",
"notificationType": "Email",
"value": "sarthasingh@deloitte.com",
"label": ""
}
]
}
- The
targetstring is composed of:gav://{businessGroupId}/{assetId}/{apiVersion} recipientsis an object where recipients are specified:contactType: the type of the contact. Supported values are:Contact,Publisher,GovernorandOthersnotificationType: defines type of notification.Emailis the only supported value.value: the email to send a notification to. Example:sample@mail.comlabel: additional metadata for a recipient, a name for example
Restrictions
- Connectors & Common API Dependency
The BECU Interop Platform API, is consuming multiple connectors and Anypoint Platform REST APIs.
Below are the list of connectors which this API is consuming:
- HTTP Connector
- Transform Message
- JSON Logger
Downstream Dependencies
Anypoint Platform Login API
Anypoint Governance Experience API for
- Getting conformance status
- Sending conformance notifications