Checksums for DELETEs
For operations that do not permit a request payload, checksums can be specified in the request header. This applies to DELETEs and a small number of business action POSTs that do not permit request payloads.
The header key for a checksum is GW-Checksum
. A checksum specified in the
header applies only to the root resource.
Send a checksum in a request header using Postman
About this task
Procedure
- In Postman, start a new request by clicking the + to the right of the Launchpad tab.
- Specify authorization as appropriate.
-
Add the checksum to the header.
- In the first row of tabs (the one that starts with Params), click Headers.
- Scroll to the bottom of the existing key/value list.
- In the blank row at the bottom of the key/value list, enter the following:
- KEY: GW-Checksum
- VALUE: <checksum value>
- Enter the request operation and URL.
- Click Send.
Results
Tutorial: DELETE a note using checksums
This tutorial assumes you have set up your environment with Postman and the correct sample data set. For more information, see Tutorial: Set up your Postman environment.
In this tutorial, you will send calls as Elizabeth Lee (user name
elee
). In the base configuration, Elizabeth Lee is a manager who has
permission to delete notes. As Elizabeth Lee, you will create a note. You will then attempt to
DELETE the note twice. Both DELETEs will include a checksum value. The first DELETE will fail,
and the second will succeed.
Tutorial steps
- In Postman, create an initial request by:
- Clicking the + to the right of the Launchpad tab.
- Specifying Basic Auth authorization using user
elee
and passwordgw
.
- Enter the following call, but do not click Send yet:
- POST
http://localhost:8080/cc/rest/common/v1/activities/cc:20/notes
- POST
- Specify the request payload.
- In the first row of tabs (the one that starts with Params), click Body.
- In the row of radio buttons, select raw.
- At the end of the row of radio buttons, change the drop-down list value from Text to JSON.
- Paste the following into the text field underneath the radio buttons.
{ "data": { "attributes": { "body": "API tutorial note to be deleted with a checksum" } } }
- Click Send. In the response payload, identify the note's id and checksum value.
- Create a second request by:
- Clicking the + to the right of the Launchpad tab.
- Specifying Basic Auth authorization using user
elee
and passwordgw
.
- Enter the following call, but do not click Send yet:
- DELETE
http://localhost:8080/cc/rest/common/v1/notes/<noteID>
- DELETE
- Add the checksum to the header
- In the first row of tabs (the one that starts with Params), click Headers.
- Scroll to the bottom of the existing key/value list.
- In the blank row at the bottom of the key/value list, enter the following:
- KEY: GW-Checksum
- VALUE: 99
- Click Send. The checksum value in the header does not match the checksum value for the note calculated by ClaimCenter. So, the DELETE is unsuccessful and an error message appears.
- Change the checksum value so that it matches the one from the POST payload.
- Click Send a second time. Now, the checksum value in the header matches the checksum value for the note calculated by ClaimCenter. So, the DELETE is successful.