Signed Updates REST API
Information on signed updates is divided into the following sections:
| • | Find Available Signed Updates |
| • | Poll for Response to the Request for Signed Updates |
| • | Request Manifest File |
| • | Poll for Response to the Request for Manifest File |
The REST APIs mentioned in these sections must be prefixed with a base URL, as described in Notification Server Base URL and FlexNet Edge Base URL.
Request all signed updates available to a device given its identification and the version currently being run, in a JWS signed format.
|
Item |
Description |
|
URI |
|
|
Method |
POST |
|
Query parameters |
updatesRequest |
|
Request body |
{ "id": "string", "idType": "string", "language": 0, "platform": "string", "publisherName": "string", "updateFromPkgId": "string" } Note:For devices that are assigned to an account, it is recommended to populate the fields id, idType, and publisherName. For anonymous devices, these fields should be left blank. |
|
Response codes |
200: Not used 202: Asynchronous request. Use the URL returned to poll for a response. |
Sample Response
If the request has been accepted (status 202), a URL including a polling ID to poll for completion of the search is returned:
{
"url": "string"
}
Poll for Response to the Request for Signed Updates
Poll for a list of possible signed updates, using the polling ID returned by a POST to the /uai/2.0/signed-updates API. It can be used repeatedly until a 200 response is received.
|
Item |
Description |
|
URI |
|
|
Method |
GET |
|
Query parameters |
pollingId: ID returned in Find Available Signed Updates service |
|
Request body |
N/A |
|
Response codes |
200: Success. 202: Submitted request is still being processed. Use the URL returned to continue to poll for the response. 401: The request is unauthorized. This could be because a JWT was not found in the header, the token has expired, the signature is invalid, or a public key could not be identified (most commonly because the public key has not been uploaded to FlexNet Operations). 404: The request failed due to bad input data provided in the request. The response could not be signed because either it was not possible to identify the private key from the request body, or a public key had not yet been requested. More detail can be found in the error response body. 500: The request failed due to an internal error and it was not possible to sign the response. More detail can be found in the error response body. |
Sample Response
This is the data structure for a successful response (status 200). The body of the response is a JWS token. Refer to JWS documentation for further details. Once the response has been received, the first step is to verify the signature using the public key and the three fields in the JWS token. If the signature verification fails, then the response content has been tampered with and should not be used. The second step is to Base64 decode the payload field, which will result in a JSON structure containing the list of possible updates for the response. (See the description of the response for /uai/2.0/updates for more information.)
{
"payload": "string",
"protected": "string",
"signature": "string"
}
If the request is still being processed (status 202), a URL to poll for completion of the request is returned:
{
"url": "string"
}
This is the data structure for a status 404 and 500 response:
{
"arguments": "string",
"key": "string",
"message": "string"
}
Request a manifest for a specific update, selected from the response to a request for signed updates. (The manifest file contains details of all files required to achieve the update.)
|
Item |
Description |
|
URI |
|
|
Method |
POST |
|
Query parameters |
manifestRequest |
|
Request body |
{ "uuid": "string" } |
|
Response codes |
200: Not used 202: Asynchronous request. Use the URL returned to poll for a response. |
Sample Response
If the request has been accepted (status 202), a URL including a polling ID to poll for completion of the request is returned:
{
"url": "string"
}
Poll for Response to the Request for Manifest File
Poll for the requested manifest, using the polling ID returned by a POST to the /uai/2.0/signed-updates/manifests API. It can be used repeatedly until a 200 response is received.
|
Item |
Description |
|
URI |
|
|
Method |
GET |
|
Query parameters |
pollingId: ID returned in Find Available Signed Updates service |
|
Request body |
N/A |
|
Response codes |
200: Success. 202: Submitted request is still being processed. Use the URL returned to continue to poll for the response. 401: The request is unauthorized. This could be because a JWT was not found in the header, the token has expired, the signature is invalid, or a public key could not be identified (most commonly because the public key has not been uploaded to FlexNet Operations). 404: The request failed due to bad input data provided in the request. The response could not be signed because either it was not possible to identify the private key from the request body, or a public key had not yet been requested. More detail can be found in the error response body. 410: A response for the polling ID could not be found. This could be a result of using an incorrect polling ID, or of too much time having elapsed, so that the polling ID is no longer valid. 500: The request failed due to an internal error and it was not possible to sign the response. More detail can be found in the error response body. |
Sample Response
This is the data structure for a successful response (status 200). The body of the response is a JWS token. Refer to JWS documentation for further details. Once the response has been received, the first step is to verify the signature using the public key and the three fields in the JWS token. If the signature verification fails, then the response content has been tampered with and should not be used. The second step is to Base64 decode the payload field, which will result in a JSON structure containing the manifest contents for the response. (See the description of the response for /uai/2.0/signed-updates/manifests for more information.)
{
"payload": "string",
"protected": "string",
"signature": "string"
}
If the request is still being processed (status 202), a URL to poll for completion of the request is returned:
{
"url": "string"
}
This is the data structure for a status 404, 410, and 500 response:
{
"arguments": "string",
"key": "string",
"message": "string"
}
FlexNet Operations 2020 R1 SP1 User GuideMarch 2020 |