REST Properties

Defines the default maximum amount of entity instances that are returned by the API.

Default value: 10000

Defines the default maximum amount of entity instances that are returned by the API for a particular entity.

The following example configures the entityMaxFetchSize value for two entities. For all other entities the value from jmix.rest.default-max-fetch-size is used.

Property defining a file that contains a list of JSON transformations configurations used by the REST API when the client needs data in the format of some particular data model version.

The file is loaded using the Resources interface, so it can be located in the classpath or the configuration directory.

Default value: none

Maximum file size (in bytes) that can be uploaded with the REST API.

The file is loaded using the Resources interface, so it can be located in the classpath or the configuration directory.

Default value: 20971520 (20 Mb)

Enables optimistic locking of entities with optimistic locking if the version attribute is provided in JSON.

Default value: false

Property defining a file that contains a list of JPQL queries available as part of the Entities API.

The file is loaded using the Resources interface, so it can be located in the classpath or the configuration directory.

Default value: none

Property defining a file that contains a list of Service methods that are exposed via the Services API.

The file is loaded using the Resources interface, so it can be located in the classpath or the configuration directory.

Default value: none

If set to true, the responseFetchPlan parameter with the fetch plan name can be passed in the create and update requests. In this case, the created/updated entity is reloaded with the specified fetch plan and returned as part of the response JSON.

If set to false, the response contains JSON with a minimal representation of the created/updated entity.

Default value: true

Defines a comma-separated list of URL patterns, which should allow anonymous access.

Default value: none

Defines a comma-separated list of URL patterns of custom controllers that require the standard OAuth2 authentication.

Default value: none

Defines an identifier of the REST API client. In this case, the client is not a platform user, but an application (some web portal or mobile app) that uses REST API. Client credentials are used for basic authentication when accessing the REST API token endpoint.

Default value: client

Defines the secret for the REST API client. In this case, the client is not a platform user, but an application (some web portal or mobile app) that uses REST API. Client credentials are used for basic authentication when accessing the REST API token endpoint.

The application property value in addition to the actual password value (e.g., secret), must contain an identifier of the Password Encoder (e.g., {noop}). More information about the Password Encoder Mechanism can be found in the Spring Security documentation.

Default value: {noop}secret

Authorized grant types.

Default value: password,external,refresh_token

Access token expiration time in seconds.

Default value: 43200 (12 hours)

Refresh token expiration time in seconds.

Default value: 31536000 (365 days)

Development mode allows using of REST API without an authentication token. Default user that is used for all REST API invocation in the dev mode is specified in the jmix.security.oauth2.dev-username property.

Default value: false

Username that is used for development mode. See jmix.security.oauth2.dev-mode.

If true, tokens are masked in application logs.

Default value: true

Whether to reuse refresh tokens until they are expired.

Default value: true

Whether to support refresh tokens.

Default value: true