Preview for RESTful applications

The web services framework and REST services framework can leverage the use of preview tokens to allow business users the ability to preview content in RESTful applications outside of the store's web module. For example, you can make customizations for your Android smartphone native reference application to preview actions in your application with the preview options specified in the preview token.

For information about preview tokens, see Preview tokens.
Note: In addition to customizing your RESTful application to obtain a preview token, you must also Enable preview support for RESTful applications in your HCL Commerce server configuration file.

BOD service preview

To support BOD service preview, the web services framework can accept a generated preview token as a context data element named previewToken in the BOD business context element. When the web service framework calls the business context service to start a request, the preview token is decrypted and verified. If successfully verified, the user's business context is temporarily updated with the preview options that were specified when the preview token was generated.

Sample BOD service request with a preview token:
<_mkt:GetMarketingSpotData versionID="" 
	<oa:ApplicationArea xsi:type="_wcf:ApplicationAreaType"> 
		<_wcf:BusinessContext intent="Authoring"> 
			<_wcf:ContextData name="storeId">10001</_wcf:ContextData> 
			<_wcf:ContextData name="catalogId">10001</_wcf:ContextData> 
			<_wcf:ContextData name="langId">-1</_wcf:ContextData> 
			<_wcf:ContextData name="previewToken">iuJOiPLnTn0=</_wcf:ContextData> 
			<oa:Expression expressionLanguage="_wcf:XPath">{_mkt.triggerParameters=&apos; 
			&amp;DM_EmsName=StoreHomePage_mkt.endTriggerParameters&ap os;}/MarketingSpotData</oa:Expression> 

REST services preview

The REST services framework can accept a preview token via the HTTP header field WCPreviewToken. At the start of the request, the preview token is checked to confirm if the token is sent over HTTPS. If successful, the preview token is copied to the BOD business context element and processed by the web service framework. If the preview token is sent over a non secure channel, for example HTTP, the preview token is revoked and cannot be used by REST services.