Calling Out from the IBM i Securely to Public Web Services

Learn how you can open up your IBM i and connect to public web services through APIs securely and reliably.

Video Transcript

Hi, and welcome to this video on securely calling web services from your IBM i using JavaScript and SSL or TLS. We’re going to use a call to the open weather service API to show you just how easy this is. Our JavaScript engineer Sean will start out by showing you how simple it is to write the web service call from scratch. And then he’ll show you how to add TLS or SSL support with just a couple of keystrokes, no extra coding necessary. And at the end, I’ll show you how to call this web service and retrieve the results right from your RPG application with just a few lines of code. The whole process will take just about five minutes.

So for an example, I’m making calls to get the weather at a city’s location using open weather APIs. So I’m on their homepage right now, and I’m going to go to “current weather.” And this will take me to their API page or how to access them. So I’m going to grab this URL. Give me a second, and that’ll be how we communicate with it. So now I’m going to go and create a node project in Visual Studio code so that we can make a call out to this API. So I’m going to go through all of the defaults creating this package. And here we are. A package.json file was created just by executing the NPM init command. Sean is automatically creating the framework for his JavaScript code. Now he can import open source modules and write any code he needs to make the web service call.

Now, we’re only going to need one package for this project, and that’s called Axios. Axios is one of the most common node packages for making HTTP calls. So that installed, you can see it right here. Calling a web service could require lots of hand coding. However, since Sean is using JavaScript, he can simply import Axios, a readily available open source JavaScript module that contains all of the code necessary to securely make HTTP calls. You can simply add it to your project. This is part of the power of using JavaScript for your web service calls. There are over a million modules of prewritten code that you can use to extend the capabilities of your application. 

Once Sean has added the module to his project, he can write the actual web service call. Now I just need to create a file for us to write our code in. So now if I open that up here, the first thing we have to do is import Axios. So I’m going to make a constant and store Axios in here, and require Axios. So now we can actually work with that module. Now there’s only going to be one line here, it’ll be a little long, but I’m going to call Axios.get. We are making an HTTP GET request. And then I’m going to paste in that URL I had earlier. And for the moment I’m going to add HTTP to make a standard HTTP request. So I’ve got that URL right there. And then I’m going to add an object with some parameters. So here’s going to be prams, and here’s my object. So the first thing is going to be the city. So let’s do San Francisco. And then the second parameter will be my ID, my API key to use this. So I’m actually going to copy that over. I have that already. You can register your own API key from So there’s my API key. And then the last thing is units. I’m going to use imperial so we don’t get Celsius or Kelvin units. So now that we have that right there, I’m just going to do some quick handling to actually receive our response. So there, I’m just going to do some error handling as well. So, on a response, we want to see what we got back. So I’m going to log that response to the console, and I will be logging the response data. And I happen to know the structure, so I’m just going to jump right to it and get the data out of there. And then I’m also going to log the protocol that I was using. So that would be in res.request.agent.protocol. And then just for example’s sake, we’ll log any errors. Though this is an example, so I know we won’t have any. In those few lines of code, Sean has imported an open source module, called the web service, passed in the parameters, and set up logging and error handling so he can see exactly what the call is doing and easily troubleshoot if something goes wrong. If you were writing this call in RPG, you’d need to hand code all of that. Now he can run his web service call. So here we go. That’s all set. Now we just need to run this. So you simply run node index.js, make this call, and you’ll see. You get back a temperature of 68.43 degrees Fahrenheit, and we use the protocol of HTTP. Now Sean will show you just how easy it is to add TLS or SSL support to this HTTP call. Now, if you want to use SSL and make an HTTPS call, which many APIs will require and is much more secure, it’s already built into this module of Axios and is very easy to do in JavaScript. I just added an S. Simple as that. S is there. Let’s run this call again. Boom. From a response, we’re using the protocol HTTPS. It’s as simple as that. So that’s all there is to writing the JavaScript.

Now let’s look at the RPG code. Using Eradani Connect, you simply need to identify the data you’re sending and receiving, and then write two lines of code. Here is the description of the data that allows us to send latitude and longitude or an address and provides a field for the results. You then write a standard procedure call that calls Eradani Connect send request to make the call. Then you write a second standard procedure call that calls Eradani Connect receive result to get the results. And that’s all there is to it. That’s all you need to write in your RPG code. 

Calling web services from RPG with JavaScript and Eradani Connect dramatically reduces the amount of code you need to write and maintain. With JavaScript and Eradani Connect, you don’t have to write the TLS SSL code. It’s generated for you automatically. You don’t have to write the authentication code like OAuth 2. You don’t have to manage certificates. You don’t have to write the web service calling code and you don’t have to parse JSON messages. You don’t have to write the error handling code and you don’t have to write the logging code. And you don’t have to handle queuing of requests. Eradani Connect does that for you automatically. You automatically get the latest cipher suites. You can simply plug in the latest security modules. You keep your security modules up to date with automated updates. And you can import vendor supplied SDKs, which can save you hundreds or even thousands of lines of coding by using the code that the vendor or the provider of the API provides. You can easily add an open source modules for enhanced functions. And you can monitor your API performance and get alerts regarding problems.

If you’d like any more information about how Eradani Connect and JavaScript can help you extend your applications using open source and APIs, please contact us. Our email information is on the slide. Thank you.