Give & Get Example - Exposing an API

Let's take a look at an example of an API that we expose from the Give & Get site (template).

We expose an endpoint that our (fictitious) delivery service uses to update our site when a giveaway has been delivered. The delivery service makes an API call to our site letting us know that a giveaway was delivered. When we receive such an API call, we update the status of the giveaway in the Giveaways collection to Delivered.

The code for our HTTP function looks like this:

Copy

We begin by importing a function to update a giveaway's status in the Giveaways collection, the HTTP responses that we use, and a function to decrypt IDs. 

Copy

Then we declare an HTTP function that handles POST requests to the giveawayDelivered endpoint.

The delivery service will call this endpoint using a URL like this:

.../giveandget/_functions-dev/giveawayDelivered/{giveawayId}

Copy

Next, we start building the response options by adding the appropriate header.

Copy

After that, we get an encrypted giveaway ID from the request path.

We decrypt the ID using the function we imported above.

We use encrypted IDs to prevent anyone other than the delivery service from updating our site that a delivery has been made. Other users will be able to call our API, but they won't send us the proper IDs, so their calls will have no effect.

Copy

Finally, we update the status of the specified giveaway to be Delivered.

Assuming the update goes smoothly, we return a 200 OK response and a success flag. If there was some sort of problem we add the error information to the response object and send a 400 Bad Request response.

Copy
Did this help?