The Service Craze API Revealed
One goal of Service Craze (SC) is to enable anyone to quickly develop apps without having to design, develop and deploy a back-end. To accomplish this, SC provides an API to common back-end services.
One ideal use case is the development of a Single Page App (SPA) that can be hosted on any HTTP server, such as Nginx or Apache. However, any client can use the SC-API, including mobile, desktop, IoTs or other back-ends.
Core services SC provides include authentication, role-based authorization, user administration, and document persistence, workflow and access-control. In this case, a document is anything you can represent with JavaScript Object Notation (JSON), the natural data structure of browser apps, and standard today in nearly all programming languages, having largely displaced XML.
The flow is designed so you can get up and running with a new application very quickly. In theory, if you could clone a UX client that currently integrates with SC-API, you could customize and be up and running in under an hour.
Service Craze Admin
The process begins via the Admin console in your browser where you configure your domain / application and obtain keys. Once your app is using the keys, you your new app, you can register the first user in your app. Back in the SC Admin, you can then make that user an admin. As others register for your application, they’ll be regular users until you promote them.
SC Admin is your primary location for user maintenance. However, you can possibly integrate your own custom user maintenance in your app, or provide certain services. The primary functions you’ll do in user maintenance include role assignment and changing user status, to disable a user, for instance, or approve w/o the confirmation link.
User Registration and Self-Service
The Registration process includes all the capabilities you’ll need out-of-the-box.
- Common validations
- Emails a confirmation link to the new user (in pending state at this point)
- Once they click on the link in the email they receive, sets their status to active
- They can always request the confirmation link be resent until they are active
- Once active, can always request a password reset link (same API request as confirmation link, but the email sent depends on whether the user is pending or active).
Your app can provide the interface for this, so it is a completely integrated experience to your users with the exception of logging in. SC uses an OAuth2 style login to help protect your users, so they are forwared to SC then back to your app upon successful login.
Creating Documents
You can define an unlimited number of document types. SC-API doesn’t need to know the structure or the types of data you’ll be including in your docs, allowing you to freely transform them as you go and develop new features and capabilities. In other words, there’s no data modeling to do in the back-end!
The only requirement for creating documents is you define an identifier and then via a simple web UI you assign roles and privileges to those roles. Privileges include Create, Retrieve, Update, Delete, Take Ownership and Give Ownership.
To give an example, you can give all your users the ability to create a document, but then only allow admins to view, update and delete it once it is submitted, like a Feedback form. SC-API will enforce the privileges based one the roles of whoever is logged in.
Document Workflow
Documents can have owners. This is important if you want a user to own their own data, or need it as part of a flow. If a user has the Give Ownership privilege, and they own the document, they can also transfer ownership to another user. If they have the Take Ownership privilege, they can take a document from another. This is the beginning of your workflow.
Because the role privileges are tied to a certain document type, you can change the privileges at runtime by simply allowing a user to copy a document to another type.
Let’s say a doc type comes with the type “MYDOC/0”, and after being added by any user, only an admin has the other privileges. The admin may assign an owner to it, then copy it to the “MYDOC/1” type which would be a new type to SC. When you have SC-API do this copy, you can have SC mark the original document as archived history since it is no longer needed in the workflow or for normal presentation.
Now, your document is MYDOC/1 and that has different roles and privileges. Perhaps now the owner can view or update the doc, and can transfer ownership.
You can effectively “publish” a document either by also transferring to a different doc type that has this visibility for the target audience, or by setting the publish flag, which can be used to filter queries.
The Next Generation
SC-API continues to improve to overcome the challenges of new use cases. One use case it could cover in the future would be real-time streaming.
It is designed at its core to be very easy to expand and handle new dynamics. Its potential is largely limited by imagination. Nevertheless, its current feature set covers a large portion of capability out there today.
If you’d like to learn more about the Service Craze API, you can email e_learn-api@servicecraze.com