Provided REST API Appsettings

"AmtCookieEncryptionKey": It is necessary for the "AmtCookieEncryptionKey" key to be the same as the other cookie encryption keys in your environment found in the Control Center and Application Center.

This page lists all the appsettings.json settings available for Provided REST APIs
The appsettings.json file is located in the folder <AMT Environment>\Apps\<Application>\Binaries\Common\RestApiProvider\<Name of the Rest API>\


After changing settings in the appsettings.json file, the IIS Application Pool containing the Provided REST API must be recycled/restarted to read the changed settings.

The appsettings file is (sub-)divided into the following sections.

Section	Description
Amt	The main section where most settings are located.
Logging	Section for the logging settings for the Web Application.
AllowedHosts	Solo settings which restricts the hosts which may access the Web Application.

{

"Amt": {

"AmtCookieEncryptionKey": "eN5lwyldYKKCLzjwYGfY2rpRa791JMFSke5PDTRL0lA=",

"EnableSwaggerDoc": true,

"EnableSwaggerUi": true,

"EnableParams": false,

"BusinessLogic": {

"ApplicationName": "CUSTOMER_MANAGEMENT"

"AuthenticationType": "Windows",

"WindowsAuthentication": {

"Cookie": {

"Domain": "",

"Path": "/",

"Name": ".Amt.AC.Auth"

}

"CookieAuthentication": {

"Cookie": {

"Domain": "",

"Path": "/",

"Name": ".Amt.AC.Auth"

}

"WebSessionState": {

"IdleTimeout": 10,

"Cookie": {

"Domain": "",

"Path": "/",

"Name": ".Amt.AC.WebSession"

}

"Logging": {

"LogLevel": {

"Default": "Information",

"Microsoft": "Warning",

"Microsoft.Hosting.Lifetime": "Information",

"System.Net.Http": "Warning"

}

"AllowedHosts": "*"

}

AmtCookieEncryptionKey

This setting is explained in Generating Keys.

EnableSwaggerDoc

If set to true, Swagger Documentation in the form of a json file is created.
The address of the json file depends on the name set in the Options window of the Provided REST API.

"EnableSwaggerDoc": true,

EnableSwaggerUI

This setting enables the Swagger UI webpage, which can be accessed by adding index.html to the IIS Application of the Provided REST API.
E.g. https://amt.example.com/AMT/CustomerAPI/index.html

Note: Swagger UI requires the Swagger Documentation to be enabled (see setting above).

"EnableSwaggerUI": true,

EnableParams

To debug a Provided REST API the EnableParams setting should be set to true.

See Debugging Provided REST API for detailed information.

"EnableParams": false,

BusinessLogic

Settings needed to communicate with the AMT environment.
The name of the application to which the Provided REST API belongs should be set as the value of the 'ApplicationName' key.

"BusinessLogic": {
"ApplicationName": "<ApplicationName>"
},

AuthenticationType

The authentication type used to interact with the Provided REST API, valid options are "Windows" and "Cookies". (Cookies is a Username/Password authentication.)

"AuthenticationType": "Windows",

WindowsAuthentication

The 'WindowsAuthentication' section contains settings needed for the correct working of Windows Authentication.
This section is necessary when the Authentication Type is set to "Windows".

The 'Cookie' section holds settings for the cookie used for the user authentication when using the Windows authentication type.
- Domain - The domain of the authentication cookie. Optional, default is the website domain.
- Path - The path of the authentication cookie. Optional, default is the root path ("/").
- Name - The name of the authentication cookie.

"WindowsAuthentication": {
"Cookie": {
"Domain": "",
"Path": "/",
"Name": ".Amt.AC.Auth"
}
},

CookieAuthentication

The 'CookieAuthentication' section contains settings needed for the correct working of Cookie Authentication.
This section is necessary when the Authentication Type is set to "Cookies".

The 'Cookie' section holds settings for the cookie used for the user authentication when using the Cookie authentication type.
- Domain - The domain of the authentication cookie. Optional, default is the website domain.
- Path - The path of the authentication cookie. Optional, default is the root path ("/").
- Name - The name of the authentication cookie.

"CookieAuthentication": {
"Cookie": {
"Domain": "",
"Path": "/",
"Name": ".Amt.AC.Auth"
}
},

WebSessionState

The 'WebSessionState' section contains optional settings for the ASP.NET Core web sessions used by the Provided REST API.

'IdleTimeout' - The time in minutes that a session remains active on the server before it is discarded, default is 10 minutes.
The 'Cookie' section holds settings for the cookie used for the web session.
- Domain - The domain of the web session cookie.
- Path - The path of the web session cookie.
- Name - The name of the web session cookie.

"WebSessionState": {
"IdleTimeout": 10,
"Cookie": {
"Domain": "",
"Path": "/",
"Name": ".Amt.AC.WebSession"
}
}

Logging

Sets the logging levels for the various ASP.NET Core components of the web application. These settings do not need be adjusted in a normal situation.
The allowed log levels are, from most to least detailed: Trace, Debug, Information, Warning, Error, Critical and None.

"Logging": {
  "LogLevel": {
  "Default": "Information",
  "Microsoft": "Warning",
  "Microsoft.Hosting.Lifetime": "Information",
  "System.Net.Http": "Warning"
}
},

AllowedHosts

In the AllowedHosts section, access to the web application can be restricted to specific hostnames.
The value is a semicolon-delimited list of host names without port numbers.
By default all hostnames are allowed by the asterisk (*) wildcard.
Disallowed users will get a HTTP 400 error code (Bad Request).

"AllowedHosts": "*"