Docs‎ > ‎

Live API Creator Overview

With CA Live API Creator (LAC), you can:
For both, RESTful API provides for GET (with pagination), PUT, POST, and DELETE operations, with arguments for common functions like filter and sort, including custom arguments.

You can test your API using the RESTlab or the Data Explorer. For more information about the services, such as authentication, filtering, sorting, pagination, and update, see the API Docs.

A useful API must provide not only access to data, but it must enforce the semantics for that data. Proper support opens up the possibility of simple and fast public API creation. So, REST Data APIs enforce:
  • Security at the row/column level, based on authenticated Users' roles, and 
  • Rules to enforce PUT/POST/DELETE transactional business logic that should be applied when committing a transaction.  This consists of various multi-table computations, validations, and events such as auditing, cloning, sending mail, messages, etc.

Live API - Process Overview

You can use Live API as summarized below:
  1. Connect. Enable your default API and Data Explorer by connecting to Live API Creator to your database.
  2. Declare logic and security with a point-and-click interface.
  3. JavaScript. Address complex requirements, based on a rich Object Model created from your schema, using JavaScript.


You create your API by connecting Live API Creator to your database.  Schema Discovery finds your base/view tables and your Stored Procedures, and makes them available as REST endpoints. You can set default security so objects are visible only to designated roles.


Define Custom Resources and Security using Live API Creator's point-and-click interface.

Custom Resources

In addition to the automatic resource endpoints per Schema Discovery, you can define your own Custom Resources. You can:
  • Define "document oriented" resources with nested sub resources, for a more convenient programming model that can reduce network latency.  Joins are supplied automatically.

  • Alias and project your columns so your API is independent of database names.


You can Authorize which endpoints are visible to which roles. You can also define Role Permissions for row and column level security. Roles are obtained from the Authentication process. This returns an APIKey you pass on subsequent requests.

You can use the default Authentication Provider for testing. For production, you will most likely want to build your own Authentication Provider, which connects to corporate security using LDAP, AD, oAuth, etc.

Live Logic

In the context of Live API Creator, business logic refers to the transactional logic that should be applied when committing a transaction. This consists of various multi-table computations, validations, and events such as auditing, cloning, sending mail etc.

Transactional business logic is complementary to other forms of business logic such as process (workflow) logic, application integration, and decision logic.

Unlike conventional approaches where logic is coded in an OO or 4GL language, logic is declared in spreadsheet-like expressions. Live API Creator automatically invokes this logic as a consequence of PUT, POST, and DELETE events. The logic is part of your Live API. You don't call the logic directly. Live API Creator provides for ordering, dependency management, sql handling, and optimizations such as pruning.


Live API Creator builds a complete object model, providing access to attributes and related data, persistence, and Live Logic enforcement. Part of Live Logic is the server-side events (insert, update, and delete) that you can handle in server-side JavaScript.

JavaScript Event Types are listed here. Your code is pre-supplied JavaScript Context, such as the row representing the current object instance.

JavaScript integrates with the Connect/Declare services above. The result is that you can build powerful systems with a small amount of code.  See the data integration samples.