Web SDK best practices

We recommend the following best practices to improve the capability of the Web SDK:

  • If you are implementing our APIs for the first time, be sure to follow the setup details in Getting started with automation.
  • Review and grant the API caller the necessary permissions that match your API calls. You can use the API descriptions in this guide to refine caller permissions.

  • Whenever you get an unexpected result, carefully check the API call and JSON payload. Unless otherwise specified:

    • API method names evaluate as case insensitive.
    • Parameter names and values evaluate as case sensitive.
    • Extra parameters may be ignored.
    • Invalid syntax, data, or parameters generate errors.
  • Apply the same naming standard whenever you create any new object.
  • Adopt a standard convention for avoiding device and certificate name collisions. Collisions can occur when the name you define already exists in a Venafi product. You can use the same prefix or suffix, and then add something unique to the name. Suppose you are defining an object for a company called SW Banking, you could prepend SW to the start of the name. For example, SWDeviceObject.
  • Assign the credentials to a Policy folder that contains multiple devices. The policy credentials allow multiple devices to use the same credential.
  • Reuse Credential objects wherever standardization is possible to avoid creating extraneous objects.
  • To view API changes in the UI, be sure to Refresh refresh the contents of the page.
  • Use the event log to audit and troubleshoot API calls. A list of Web SDK event definitions appears in the Logging tree. Not every API method logs events. However, Web SDK and other events that occur appear on the General Log tab of a Policy folder or in the MMC Event Viewer snap-in.