This is an old revision of the document!

Secure

The Secure option is used to restrict access to only SSL/TLS (or https) traffic.

It's common to protect all API endpoints - particularly those that authorise access - with the requirement that they are secure.

Set the value to '1' to enable the rule.

Example

{
   "paths": {
      "/api/": "sslrequired"
   },
   {
       "sslrequired": { 
            "type": "open",
            "secure": 1
        }
   }

In the example above, all URLs inside the 'api' folder are openly available, but must be accessed via SSL.

Advanced Example

{
   "paths": {
      "/api/": "sslrequired"
   },
   {
       "sslrequired": [[{ 
            "type": "open",
            "secure": 1
        }],[{
            "type": "open",
            "demote": "reader"
        }]]
   }

Similar to the first option, this allows non-https API access, but it will not allow you to write data, as the user will automatically be demoted to a 'reader', even if they are signed in as an administrator.

Alternate Methods

Note that you can also simply disable access to ARDI on port 80 to force all connections to be secure.

ARDI Admin Guide

SYSTEM

DATABASES/SITES

USERS

ADMINISTRATION

ASSET BASICS

PROPERTIES

RELATIONSHIPS

SPECIAL RELATIONSHIPS

ASSET DETAILS

ENVIRONMENTS & 3D TOPICS

ASSETS & 3D

IMPORT/EXPORT

FEATURES

REPORTS

HOWTOS

ADVANCED

—-

Other Documentation