Vidispine REST API¶
Cantemo Portal uses the Vidispine Media Backbone to provide many of the media management services. Vidispine has a rich REST API which can be used for some of the functionalities which aren’t directly exposed in the Cantemo Portal REST APIs. The Vidispine REST API is documented at http://apidoc.vidispine.com/latest/ but please note that this link points to the latest version of the Vidispine API documentation which may or may not not be version installed with your version of Cantemo Portal. Please verify which version of Vidispine is installed via the System Overview menu option under the Admin menu.
Proxying the Vidispine API calls¶
Vidispine’s REST API is by default available on port 8080 of the Portal server, unless blocked by firewall rules or other non-standard setup. In such cases, it can be convenient to proxy calls to the Vidispine API through Portal’s nginx webserver. By default, only the bare minimum of endpoints are exposed via /VSAPI, as most customers don’t need this functionality. However, should you need to make calls to Vidispine directly, but with Portal Authentication then you can open up more URLs.
This can be configured in the [vidispine_allowed_urls] section of the portal configuration file (see the Adminstrator’s Guide for more information on where to find this file and which options it contains).
This section contains a list of regular expressions matching URL patterns and http methods which should be allowed throug the /VSAPI namespace. These calls will be authenticated against the authentication mehtods configured in Portal, including token authentication, basic auth or session cookie authentication.
For example, the following settings will allow the user to do a GET on /API/version in vidispine via the portal URL /VSAPI/version:
[vidispine_allowed_urls] /version = GET
This will allow an authenticated user to do a GET on http://portalserver/VSAPI/version and get the response of the coresponding Vidispine Call.
The following will allow any method starting with P (that is, POST, PUT or PATCH) on any resource under /API/item:
[vidispine_allowed_urls] /item/.* = P.*
This means that a PUT to /VSAPI/item/VX-17/metadata will succeed, while a GET to the same url will return a 403 error code. Please note that Vidispine’s role and access control checks will still be performed so the user who is performing the call has to have both the required access to the resource as well as the roles required to perform the call.
Also note that Portal’s role system will be bypassed and only the underlying Vidispine roles will be used in this scenario.