The App Orchestration API is implemented as a REST-style API. To access the API, you issue HTTP requests to an API endpoint. The type of request is determined by the HTTP method used:

By default, the root endpoint is located at:

    https://[server]/cam/api

where [server] is the FQDN of any of the App Orchestration configuration servers. For example, if your server name is “srv01.my.com” and you wish to read information about the tenants configured in the system, you would issue a GET request to:

    https://srv01.my.com/cam/api/Tenants

See the API section for full details about the query paths and options for each API call.

All APIs require Authentication and Authorization.

Once authorized, the caller is issued a Session Token which may be used to bypass further authorization challenges during a time period, as long as the client remains active.

To prevent Cross-Site Request Forgery attacks, calling an API without using explicit authorization requires the use of an Anti-Forgery Token.