Web API Services

API Access Control -  This section defines the integration control and security settings for the Server Service of the XDOC API. These settings would come into play when the integration with an LOS happens remotely via HTTP services, instead of a direct database connection. For more information on these settings, please contact XDOC Customer Support.


Field Value
API Enabled Defines whether the API services are enabled
Allow Local Test Turns on local testing for test purposes
Security Context Defines the security context for the integration
Require Security Context Yes/No Value – This should always be set to "yes" for any production environment
Require Security Token Yes/No value – This should always be set to "yes" for any production environment
Security Token Expire Time (sec) The timeout, in seconds, for the security token
Security Token App Key(s) Enter the value(s) for any App Keys
Remote IP ACL List Additional security for remote Access Control Lists.


HTTP Services Token Encryption - Defines the encryption for the tokens above. Configuration of these options may require assistance from XDOC Customer Support. 

Field Value
Encryption Class Currently there is only one choice from the dropdown, AES
Encryption Key Enter the Encryption Key, if any
Key Size (Bits) Choose the appropriate key size from the dropdown
Cipher Mode Choose the appropriate cipher mode from the dropdown
Padding Mode Choose the appropriate padding mode from the dropdown
Init Vector Please contact Scrypt Customer Support for assistance on this


** ZAPP Legacy Access Control - Please see XDOC Customer Support for more information on this.