REST API: Handling application/x-www-form-urlencoded requests

41 views
Skip to first unread message

Usama Ahmed

unread,
Dec 1, 2025, 4:02:29 AM (4 days ago) Dec 1
to iDempiere

Hello everyone,

I understand that iDempiere processes typically run on POST requests and the parameters are sent as JSON payloads. In scenarios where a user sends a payload to trigger processing, I usually handle it successfully through processes.

However, in cases where a client needs to call the iDempiere REST API and sends data as application/x-www-form-urlencoded, what is the best approach?

  • Does the REST_API plugin have built-in support for handling form-encoded payloads?

  • Or is extending the plugin the only option?

My use case is that some platforms, such as payment gateways or messaging APIs like Twilio for message replies, only send data as x-www-form-urlencoded.

If anyone has implemented this before, please share your approach.
Otherwise, I would appreciate guidance on the architecturally best practice for handling such scenarios.

Thanks,

Jesús Castillo

unread,
Dec 2, 2025, 8:41:02 PM (3 days ago) Dec 2
to idem...@googlegroups.com

Hello Usama,

Some time ago I was asked to build an API for iDempiere. Since the specification was already done, I only had to make a few small modifications to the REST API project. The modification consisted of adding filters to adjust the requests—for example, to change the shape of the original request and transform it into what iDempiere actually expects. In your case, you need to create a filter like this in the REST API project:

import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.ext.Provider;

@Provider
public class RequestCustomFilter implements ContainerRequestFilter {
    
    public RequestCustomFilter() {
    }
    
    @Override
    public void filter(ContainerRequestContext requestContext) throws IOException {
        ....
    }
}

Then I execute it manually in the RequestFilter class:

if (authHeaderVal != null && authHeaderVal.startsWith("Bearer")) {
    try {
        validate(authHeaderVal.split(" ")[1], requestContext);
        if (Util.isEmpty(Env.getContext(Env.getCtx(), Env.AD_USER_ID)) ||
            Util.isEmpty(Env.getContext(Env.getCtx(), Env.AD_ROLE_ID))) {
            if (!requestContext.getUriInfo().getPath().startsWith("v1/auth/")) {
                requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
            }
        }
        customFilter.filter(requestContext); // Execute here
    } catch (JWTVerificationException ex) {
        ...
    }
}

I placed it there so I could intercept the request before iDempiere processes the body, but after the JWT authentication.

 
Atte: Jesus Castillo.


--
You received this message because you are subscribed to the Google Groups "iDempiere" group.
To unsubscribe from this group and stop receiving emails from it, send an email to idempiere+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/idempiere/ba96b0e0-8484-4c63-91d7-f08c74d82e8en%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages