The RestAPI backend has to be provided by the CBs system including an authentification process. The provided description is an example on the possible implementations and data exchanges IATF CARA will support.
IATF CARA is a single user application using progressive web app technology without a central database. At the moment all communication with IATF CARA is done using loading and saving files. CBs have their own systems and database infrastructures. To improve the interaction with those system the concept exists to provide a restful interface to pull and push data from CARA. The base IATF CARA won’t be changed. It will be offline available and only locally active and use the browser cache as comfort feature to give access to all locally saved reports.
All added restful interaction will be only possible while IATF CARA is active on the users device and only IATF CARA will be able to pull or push data to other systems. The backend REST-API backend has to be provided by
The idea is to solve the following functionalities. Though not each functionality has to be used and some functionalities might be set on the local instance of IATF CARA while other might be provided by the defined CB which is selected in the report.
Actions and data
Automatic saving of active report to RESTApi backend
Requesting pre generated reports from CB
Requesting co auditor reports for merge
Pushing reports to CB
Pulling of nc management reports by an organization
Pushing of nc management reports by an organization
xml/json format for complex structures
string for single returns like tokens
GET for requesting data
POST all other requests and updates (PUT?)
IATF CARA will support authentication with restful using username and a password. The password can be hashed.
Authentication will be possible by providing authentication data it on each restful request