Rest API

Field

Function

Block SQL for the Lucity Citizen Portal REST API

Turning this on reduces the risk of SQL Injection attacks from the web citizen. When this is on the 3rd party applications that use the Lucity Citizen Portal REST API will be prevented from providing direct SQL for querying records. Before setting this to true, make sure any 3rd party applications do not need the querying capability.

Default Public REST WKID

Enter the WKID for the coordinate system that an external GIS service uses, if it is different than the Operational Data Spatial Reference WKID found on the GIS Web tab and is NOT a Mercator projection.

Disable DOS protection

Turns off protection for Denial of Service attacks.

Logon to use for anonymous REST API Access

The REST API Logon allows users to gain access to Lucity.

Maximum records to return

Limits the amount of records in a filtered set. The higher this number, the more likely it will affect the web server performance.

Use an alternate coord system as the Default Coordinate System for Public REST calls

If this option is false the system assumes that any incoming geographic information is using the Operational Data Spatial Reference WKID found on the GIS Web tab.

If this option is set to true and the Default Public REST WKID is blank the system assumes the incoming geographic information is using a Mercator projection. If the Default Public REST WKID is filled out the system uses the specified WKID's projection.

Use Extensionless URL's (only supported in IIS7+)

The Use Extensionless URLs allows you to change the URL so that it doesn't have the (.extension).

• For example, if the URL is http://restapi.gbams.net/Public/Work/Requests.svc/57481, setting this option to "True" would allow you to use the following URL instead: http://restapi.gbams.net/Public/Work/Requests/57481. Notice the ".svc" is not in the second URL.