Mark Carrington is the Chief Technologist at data8 and lives and breathes everything to do with data and Dynamics
Removing Our Web Services
Our data validation API was first introduced over a decade ago, when the Internet was a different place. We've taken a great deal of effort to ensure backwards compatibility with every change, addition and improvement we've made over the intervening time, but we finally need to make one breaking change: removing our HTTP endpoint and ensuring everyone is using HTTPS.
Thankfully most of our users are already using HTTPS, and we started the process of working with those who were still using HTTP some months ago to help with the transition.
If you are still using HTTP you will be contacted shortly to ensure you are aware and provide any assistance required in ensuring that your API requests are moved over to our HTTPS endpoint.
How do I move to HTTPS?
The details will vary depending on how your integration is built.
If you are using one of our ready-made integrations, e.g. for Microsoft Dynamics, Salesforce, Magento, Wordpress etc., please contact us for details of upgrading to the latest version that uses HTTPS.
If you have written your own code to call our API, that code will need to be updated. In most cases this should be as simple as changing http:// to https:// in the URL to the API. There are examples for most scenarios below, but please get in touch if you need any help.
Why not just redirect requests to HTTP?
We want to stop any sensitive data being transmitted to us insecurely. If we were to use an automatic redirection mechanism, the initial request containing potentially sensitive data would still have been sent in order for us to generate the redirection response.
Instead we will be disabling the HTTP endpoint entirely, so any clients still trying to connect to it will get a timeout error before any information can be sent.
Examples
Some simple before-and-after examples for common scenarios:
PHP
Change the URL used by the SoapClient constructor to use HTTPS:
HTTP
$params = array( "username" => "your-username", "password" => "your-password", "telephoneNumber" => $telephoneNumber, "defaultCountry" => $defaultCountry, "options" => $options ); $client = new SoapClient("http://webservices.data-8.co.uk/InternationalTelephoneValidation.asmx?WSDL"); $result = $client->IsValid($params);
HTTPS
$params = array( "username" => "your-username", "password" => "your-password", "telephoneNumber" => $telephoneNumber, "defaultCountry" => $defaultCountry, "options" => $options ); $client = new SoapClient("https://webservices.data-8.co.uk/InternationalTelephoneValidation.asmx?WSDL"); $result = $client->IsValid($params);
Javascript
Update the <script> tag that is loading the API to use HTTPS:
HTTP
<script type="text/javascript" src="http://webservices.data-8.co.uk/Javascript/Loader.ashx?key=your-api-key&load=InternationalTelephoneValidation"> </script>
HTTPS
<script type="text/javascript" src="https://webservices.data-8.co.uk/Javascript/Loader.ashx?key=your-api-key&load=InternationalTelephoneValidation"> </script>
.NET 2.0 Web Reference
Update your app.config / web.config file:
HTTP
<applicationSettings> <MyApp.Properties.Settings> <setting name="MyApp_AddressCaptureWS_AddressCapture" serializeAs="String"> <value>http://webservices.data-8.co.uk/addresscapture.asmx</value> </setting> </MyApp.Properties.Settings> </applicationSettings>
HTTPS
<applicationSettings> <MyApp.Properties.Settings> <setting name="MyApp_AddressCaptureWS_AddressCapture" serializeAs="String"> <value>https://webservices.data-8.co.uk/addresscapture.asmx</value> </setting> </MyApp.Properties.Settings> </applicationSettings>
or, if you don't have the URL in your config file already, or if your web reference is set to use a static URL rather than dynamic, select the web reference in the Solution Explorer window of Visual Studio, go to the Properties window and update the Web Reference URL to use https.
.NET WCF Service Reference
Update your app.config / web.config file. If you're using basicHttpBinding:
HTTP
<system.serviceModel> <bindings> <basicHttpBinding> <binding name="AddressCaptureSoap" /> </basicHttpBinding> </bindings> <client> <endpoint address="http://webservices.data-8.co.uk/AddressCapture.asmx" binding="basicHttpBinding" bindingConfiguration="AddressCaptureSoap" contract="AddressCaptureSvc.AddressCaptureSoap" name="AddressCaptureSoap" /> </client> </system.serviceModel>
HTTPS
<system.serviceModel> <bindings> <basicHttpBinding> <binding name="AddressCaptureSoap"> <security mode="Transport" /> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="https://webservices.data-8.co.uk/addresscapture.asmx" binding="basicHttpBinding" bindingConfiguration="AddressCaptureSoap" contract="AddressCaptureSvc.AddressCaptureSoap" name="AddressCaptureSoap" /> </client> </system.serviceModel>
or if you're using customBinding for SOAP 1.2:
HTTP
<system.serviceModel> <bindings> <customBinding> <binding name="AddressCaptureSoap12"> <textMessageEncoding messageVersion="Soap12" /> <httpTransport /> </binding> </customBinding> </bindings> <client> <endpoint address="http://webservices.data-8.co.uk/AddressCapture.asmx" binding="customBinding" bindingConfiguration="AddressCaptureSoap12" contract="AddressCaptureSvc.AddressCaptureSoap" name="AddressCaptureSoap12" /> </client> </system.serviceModel>
HTTPS
<system.serviceModel> <bindings> <customBinding> <binding name="AddressCaptureSoap12"> <textMessageEncoding messageVersion="Soap12" /> <httpsTransport /> </binding> </customBinding> </bindings> <client> <endpoint address="https://webservices.data-8.co.uk/addresscapture.asmx" binding="customBinding" bindingConfiguration="AddressCaptureSoap12" contract="AddressCaptureSvc.AddressCaptureSoap" name="AddressCaptureSoap12" /> </client> </system.serviceModel>
JSON
Change the URL that you are posting the request to to use HTTPS:
HTTP
POST http://webservices.data-8.co.uk/InternationalTelephoneValidation/IsValid.json
{
"telephoneNumber": "01513554555",
"defaultCountry": "GB"
}
HTTPS
POST https://webservices.data-8.co.uk/InternationalTelephoneValidation/IsValid.json
{
"telephoneNumber": "01513554555",
"defaultCountry": "GB"
}
ADO
Change the URL that you are opening the recordset from to use HTTPS:
HTTP
Dim rs As ADODB.Recordset Set rs = New ADODB.Recordset rs.Open "http://webservices.data-8.co.uk/recordset.ashx?service=InternationalTelephoneValidation&method=IsValidSimple" & "&username=your-username" & "&password=your-password" & "&telephoneNumber=" & telephoneNumber & "&defaultCountry=" & defaultCountry
HTTPS
Dim rs As ADODB.Recordset Set rs = New ADODB.Recordset rs.Open "https://webservices.data-8.co.uk/recordset.ashx?service=InternationalTelephoneValidation&method=IsValidSimple" & "&username=your-username" & "&password=your-password" & "&telephoneNumber=" & telephoneNumber & "&defaultCountry=" & defaultCountry
HTTP GET
Change the URL that you are making the request to to use HTTPS:
HTTP
GET http://webservices.data-8.co.uk/InternationalTelephoneValidation.asmx?username=my-username&password=my-password&telephoneNumber=01513554555&defaultCountry=GB
HTTPS
GET https://webservices.data-8.co.uk/InternationalTelephoneValidation.asmx?username=my-username&password=my-password&telephoneNumber=01513554555&defaultCountry=GB
HTTP POST
Change the URL that you are making the request to to use HTTPS:
HTTP
POST http://webservices.data-8.co.uk/InternationalTelephoneValidation.asmx
Content-Type: application/x-www-form-urlencoded
username=my-username&password=my-password&telephoneNumber=01513554555&defaultCountry=GB
HTTPS
POST https://webservices.data-8.co.uk/InternationalTelephoneValidation.asmx
Content-Type: application/x-www-form-urlencoded
username=my-username&password=my-password&telephoneNumber=01513554555&defaultCountry=GB
Find out more about how Data8 can help you
About the author
Mark Carrington