Design Editor Web API
- 2 minutes to read
What you can do with this API?
- If you are using Design Editor in a local mode (i.e. data is stored on the same machine with the application rather than a cloud platform), you may manipulate Design Editor data files using these APIs:
- You may use Personalized rendering API whenever you want to generate images based on the state files or templates without an editor, for example, variable data printing scenarios, generating multiple designs based on the same user data, and other similar tasks.
- If you enable a secure mode, you may use the Auth tokens API to control an access to the user's private data, such as uploads or private designs.
The Design Editor Web API works based on the HTTPS requests. So, to use the Web API, you need to perform the following actions:
- Set up an HTTPS service in IIS. For example, you can follow the steps described in setting up an HTTPS service.
- Make sure that you have a valid SSL-certificate for your domain, for example, Google Chrome shows this icon for invalid certificates: . If you have an invalid one, install a new SSL web server certificate (you can refer to installing a certificate).
To use the Web API, you must set
ApiSecurityKey in AppSettings.config. It is an arbitrary string, but it must be a unique value. You have to include this key in headers of HTTP requests as the
X-CustomersCanvasAPIKey field to perform these requests. The Web API works if a value of this key passed in the request matches the value defined in AppSettings.config as the following example shows.
<appSettings> <add key="ApiSecurityKey" value="UniqueSecurityKey" /> </appSettings>
For security reasons, it is good practice when your back-end code, like a proxy, sends requests to an API controller. In this case, your code decides whether a user has enough rights to manipulate a mockup or template file or not, and if the user has enough rights, the code sends the HTTPS requests to the controller.
Now that you have an idea what you can do with the Design Editor Web API. Let's learn how you authorize to make calls to this API.