GET /api/apps/{AppID}/package

Exports the information associated with a specific app.

Authorization Roles/Permissions: Site Admin, or a user authorized to modify the specific app (an app team member).

This topic includes the following sections:

HTTP Method

GET

URL

https://{hostname}/api/apps/{AppID}/package[?][exportVersion=all][&migration.app.pki.export=true][&migration.export.include.api.connections=true[]&migration.export.include.app.team=true]

Sample Request

The example below shows a request to export the specified app information to a download file.

Request URL #1 

http://acmepaymentscorp/api/apps/e1f104d8-8e00-48f3-94ca-499fa70bd28e.acmepaymentscorp/package?exportVersion=all

Request URL #2: all parameters 

http://acmepaymentscorp/api/apps/e1f104d8-8e00-48f3-94ca-499fa70bd28e.acmepaymentscorp/package?exportVersion=all&migration.app.pki.export=true
&migration.export.include.api.connections=true&migration.export.include.app.team=true&download=true

Sample request headers 

http://{hostname}/api/businesses/GET /api/apps/3696840e-3475-4ef8-bbe1-133fc61387c7.acmepaymentscorp/package?exportVersion=all&download=true
Host: {hostname}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
X-Csrf-Token_acmepaymentscorp: TokenID%3D8ed70a13-8469-11e8-b37a-b155e4eabeb8%2CexpirationTime%3D153...

Sample request in Postman #1: with URL parameters and CSRF header

In the example below, the platform requirement for the CSRF header for GET operations is enabled, so the CSRF header is needed. All the request parameters are included in the URL, so no other headers are needed.

Export App in Postman: URL parameters, CSRF header

Sample request in Postman #2: Parameters defined as headers, no CSRF header needed

In the example below, the platform requirement for the CSRF header for GET operations is disabled, so no CSRF header is needed. In this example, the request parameters are defined as request headers.

Export App in Postman: values in headers, no CSRF header

Sample request body

Not applicable.

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header Description
Accept application/json or application/octet-stream, application/vnd.soa.v71+json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json
Cookie AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies.
X-Csrf-Token_{fedmemberID} The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login.

Request Parameters

Parameter Parm Type Data Type Required Description
AppID Path string Required The unique ID for a specific app.
download Query string Optional If set to true (the default), the content is downloaded. If set to false, the user is prompted for content disposition.
migration.pki.export Query boolean Optional

If specified with value true, include in export file:

  • API Private Key + Certificate (if existing; must be imported via the Policy Manager Console)
migration.app.pki.export Query boolean Optional

If specified with value true, include in export file:

  • App Private Key + Certificate
migration.export.include.api.connections Query boolean Optional

If specified with value true, include in export file:

  • Contracts
migration.export.include.app.team Query boolean Optional

If specified with value true, include in export file:

  • App team members.

    Note: The user's relationship to the app is exported, not the actual user resource; in order for the relationship to be preserved in the target environment, the user must exist in the target environment. If not: a) create and invite the user, b) create the user and re-import the data, or c) invite a different user.

Response

If successful, this operation returns HTTP status code 200, with the export information in a download file.

Sample Response

The sample response below shows successful completion of this operation. The export file is downloaded as specified in the request parameters.

Sample response headers 

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Fri, 25 Aug 2017 18:17:26 GMT
Content-Disposition: attachment;filename="application-export.zip"
Content-Encoding: gzip

Sample response body

The response body is the export file named in the Content-Disposition header. The client you are using must support file download.

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header Description
Content-Type application/json or application/octet-stream, application/vnd.soa.v71+json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json
Content-Disposition attachment;filename="application-export.zip"

Response Body

The response body is a download file that includes information about the app. The export file is a standard format that can be imported into another instance of the platform for the same tenant. It includes the following files:

  • exportproperties.properties
  • objectdata.xml
  • objectgraph.xml

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item Value
401 Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header. You would also get this response for any operation that requires login (almost all) if the login cookie was missing.
500 An error occurred processing the call.

More information about Akana API Platform API error messages.