Test Enterprise-Class Web CMS Scrivito Free for 30 Days
Test Scrivito Free for 30 Days

Scrivito as a Headless CMS: The REST API

Scrivito as a Headless CMS: The REST API

A brief introduction to headless CMSs

Scrivito includes a RESTful API for retrieving and updating content from within any application able to issue web requests, e.g. mobile applications. This fully qualifies Scrivito as a headless CMS even though it comes with a WYSIWYG editing interface.

A headless CMS provides an API for accessing the content stored in a repository. It does not provide the means to present this content, i.e. to visualize it and make it accessible to the audience. This makes a headless CMS an ideal solution in situations where, due to special requirements or the diversity of the platforms to address, standard presentation technology cannot be applied and thus tailored interfaces (heads) are needed.

With a headless CMS, having a flexible content maintenance tool as one of its heads is essential. If the same content is to be used on platforms that are different with respect to their capabilities, operability, etc., special fields or attributes may be required to control where which pieces of content should be used in which way.

With Scrivito, such requirements can be met easily due to customizable object classes (content models), its standard output format (JSON), and an easy-to-use in-place editing interface for maintaining all aspects of the content. All you would need is a minimalistic custom web application for browsing the content.

Scrivito’s RESTful API

To issue an API request, you require the ID of the CMS (the tenant) to query, represented as the :tenant_id part in the URL templates below. :tenant_id is a placeholder for your personal tenant ID. Replace all :-prefixed placeholders with a concrete value. For querying CMS resources, you require their respective ID which is also represented in the URL. The data is returned in JSON format.

Authentication

For read access to the published and unrestricted content of a CMS, no authentication is required. Example:

curl \
  -X GET \
  -H 'Content-Type: application/json' \
  https://api.scrivito.com/tenants/:tenant_id/workspaces/published/objs/:obj_id

Access to working copies and changes to resources require authentication. You can obtain the API token of your CMS tenant via its “Settings” tab in your account, section “REST API Keys”. API requests that are authorized via an API token have full permissions on all resources of your CMS. Here’s an example of a token-authenticated request, with MYTOKEN as the token:

curl \
  -X GET \
  -H 'Content-Type: application/json' \
  -u 'api_token:MYTOKEN' \
  https://api.scrivito.com/tenants/:tenant_id/workspaces/:ws_id/objs/:obj_id

Datetime format

Dates and times are strings in the “%Y%m%d%H%M%S” format, for example, “20170704154214” represents 2017, July 4th, 15 hours, 42 minutes, 14 seconds. The timezone is always UTC. In JSON, this date and time value looks like this:

{
  "_created_at": "20170704154214"
}

Error responses

Errors are reported with a 4xx HTTP code and are JSON objects containing the error details. Every error response includes a human-readable error message. Some errors also have a symbolic code that can be used to check for specific error cases.

{
  "error": "WorkingCopy not found: k123456789abcdef",
  "code": "precondition_not_met.workspace_not_found"
}

Some errors include further details, for example validation errors:

{
  "error": "invalid value for key 'description' (value_too_long): xxxx…xxx",
  "code": "validation.invalid_value",
  "details": {
    "field": "description",
    "reason": "value_too_long",
    "value": "xxxx…xxx"
  }
}