Checksums for DELETEs
For operations that do not permit a request payload, checksums can be specified in the request header. This applies to DELETEs and a small number of business action POSTs that do not permit request payloads.
The header key for a checksum is GW-Checksum
. A checksum specified in the
header applies only to the root resource.
Send a checksum in a request header using Postman
About this task
Procedure
- In Postman, start a new request by clicking the + to the right of the Launchpad tab.
- Specify authorization as appropriate.
-
Add the checksum to the header.
- In the first row of tabs (the one that starts with Params), click Headers.
- Scroll to the bottom of the existing key/value list.
- In the blank row at the bottom of the key/value list, enter the following:
- KEY: GW-Checksum
- VALUE: <checksum value>
- Enter the request operation and URL.
- Click Send.
Results
Tutorial: DELETE a note using checksums
This tutorial assumes you have set up your environment with Postman and the correct sample data set. For more information, see Tutorial: Set up your Postman environment.
In this tutorial, you will send calls as Amy Clinton (user name
aclinton
). In the base configuration, Amy Clinton is an underwriting
supervisor who has permission to delete notes. As Amy Clinton, you will create a note. You
will then attempt to DELETE the note twice. Both DELETEs will include a checksum value. The
first DELETE will fail, and the second will succeed.
Tutorial steps
- In Postman, create an initial request by:
- Clicking the + to the right of the Launchpad tab.
- Specifying Basic Auth authorization using user
aclinton
and passwordgw
.
- Enter the following call, but do not click Send yet:
- POST
http://localhost:8180/pc/rest/common/v1/activities/pc:13/notes
- POST
- Specify the request payload.
- In the first row of tabs (the one that starts with Params), click Body.
- In the row of radio buttons, select raw.
- At the end of the row of radio buttons, change the drop-down list value from Text to JSON.
- Paste the following into the text field underneath the radio buttons.
{ "data": { "attributes": { "body": "API tutorial note to be deleted with a checksum" } } }
- Click Send. In the response payload, identify the note's id and checksum value.
- Create a second request by:
- Clicking the + to the right of the Launchpad tab.
- Specifying Basic Auth authorization using user
aclinton
and passwordgw
.
- Enter the following call, but do not click Send yet:
- DELETE
http://localhost:8180/pc/rest/common/v1/notes/<noteID>
- DELETE
- Add the checksum to the header
- In the first row of tabs (the one that starts with Params), click Headers.
- Scroll to the bottom of the existing key/value list.
- In the blank row at the bottom of the key/value list, enter the following:
- KEY: GW-Checksum
- VALUE: 99
- Click Send. The checksum value in the header does not match the checksum value for the note calculated by PolicyCenter. So, the DELETE is unsuccessful and an error message appears.
- Change the checksum value so that it matches the one from the POST payload.
- Click Send a second time. Now, the checksum value in the header matches the checksum value for the note calculated by PolicyCenter. So, the DELETE is successful.