API

Our first tip and trick for Microsoft Visual Studio code is to integrate your GitHub repositories within VSCode.

(Note: You can do this with other version control programs as well, but for this example and those going forward, we will stick to GitHub.)

To do this, open a new VSCode window and select “Clone Repository…”. At the top of the screen, either select your repository or enter the repository URL. You will then be prompted to choose a location to save your repository code locally.

There you have it! You have now pulled down a copy of your repo to save locally and work on. Next, we will review how you can easily switch branches within this repo as well as push changes to your source control program.

Now that you have connected Visual Studio Code with GitHub, let’s review how to easily switch repository branches. You can do this by selecting your current branch name in the bottom left corner of the VSCode window. In the search bar that appears at the top of the screen, choose the branch you want to check out, or create a new branch. You can create a new branch by selecting the “+Create new branch…” option followed by entering a new branch name and hitting “Enter”.

Now you can easily switch between branches or create a new branch without leaving your IDE. Talk about efficient.

The next VSCode tip and trick is an easy short cut to see all the changes you have made on your local repo that have not yet been pushed to your remote repo. To do so, hit Ctrl + Shift + G and you will see a list of files with changes made on your local repository within the Source Control panel. Select any file listed in the Source Control section to compare the changes on your local repo and the latest version on GitHub.

This makes it very easy to see what changes you are planning to push, as well as to quickly make some rollbacks.

There you have it! As easy as one, two, three. Your changes have now been pushed to your version control repository.

Explore More:

• 4 Tips for Becoming a Postman Guru
• 4 More Tips for Your Journey to Becoming a Postman API Testing Guru
• Get Resourceful with GitHub: Four Tips for the Skilled Developer
• GitHub Enrichment: 4 Tips for Efficiency and Security

The GitHub platform is used by over 52,000 companies worldwide, including Team DataMotion. Why, you might ask? Because GitHub’s source code management and version control functionalities make it super-easy to add and contribute to your projects. For developers working in a group and sharing responsibilities, it’s essential to push code changes quickly and efficiently. As we know all too well, delays can have a ripple effect as others on the project may need your work to be completed before moving forward.

By enhancing your version control knowledge, you can quickly add new features and bug fixes to a project and avoid these slowdowns. In addition to efficiency, by building your GitHub knowledge you can take the incentive to ensure there are other controls in place on your repositories, such as security policies and safety nets. With cybercrime and insider threats on the rise, DataMotion and many other large corporations consider these security features to be essential for any GitHub repository.

To help you build this knowledge, the development team here at DataMotion has put together a list of tips and tricks to help you utilize GitHub to its fullest potential. If you are just joining in, this blog post is the second in a two-part series summarizing the tips we’ve shared over social media. You can find a quick GitHub overview, as well as the first of the series of tips and tricks, in our first blog post.

These tips are intended to enhance an already-basic knowledge of the GitHub platform, but for those of you who are still pretty new to GitHub and would like more information on how to get started, we recommend you visit their quick start guide. Otherwise, let’s continue and review four new GitHub tips that will help secure your repositories, increase efficiency, and enhance collaboration.

The fifth tip in our series is to limit who has access to your repositories. Limiting who has access is an important security strategy known as a Least Privilege Model (LPM) implementation. In essence, you are allowing only those who need access to the repository to have that access and therefore are cutting down the possibility of an insider threat.

The first step is to ensure the visibility of the repository is set to private, rather than the public setting that grants everyone access by default. To do this, navigate to the repository you would like locked down. Once on the repository, select “Settings” then scroll to the bottom of the screen where you will find a “Danger Zone” section. In this section, select “Change Visibility” and choose the “Make Private” option.

Once your repository is private, you will be the only user with access. From here, you will want to assess who on your team should also have it, then make them a contributor. You can do this by scrolling to the top of “Settings” and choose “Manage Access” on the left-hand side menu. A new page will display; in the page select the green “Add People” button within the manage access section.

From here, you can search for the persons you would like to have access and contribute to your project.

Now only those who need access to your project will have it, reducing the chance of an insider threat.

Continuing with security and efficiency in mind, our next tip is to scan your code once it is added to your GitHub repository. You can utilize CodeQL (or another third-party tool from the marketplace) to set up code scanning. This means CodeQL or another third-party scanning software program will crawl your code and identify errors or possible vulnerabilities within your code once it is pushed to GitHub. Note: CodeQL does have compatibility with VSCode as well.

When using CodeQL, these vulnerabilities and errors are found using queries. You can utilize queries created by GitHub and community contributors or create your own to use during these scans. Scans may identify errors in data flow, structure, and syntax. Custom queries can be used to search for errors unique to your organization, such as a query that may search for instances of a deprecated company URL. Searching for these vulnerabilities will keep your code clean and help thwart attacks in the future.

In addition to scanning for vulnerabilities, you can tighten security by scanning for secrets as well. To configure this setting within GitHub, navigate to your repository and select “Settings” followed by “Security and analysis”. Then, next to “Secret scanning” click “Enable”.

Doing so will ensure that no sensitive tokens or private keys that may grant permissions are pushed to your current repository. Therefore, you can ensure that sensitive data, as well as permissions, stay locked down.

Quick Note: This feature is automatically enabled for all public repositories (thankfully!). For private repos, you will need an advanced security license to enable this feature.

While developing and continuously pushing project changes, you may find that you need to look at changes on a specific branch of your repository and compare it to the main branch. Therefore, our last GitHub tip in the series is how to efficiently do this from the version control platform.

To compare repository changes with another branch, add “/compare/branch1..branch2” to your repo path. For example, you can navigate to github.com/HeatherPost/GitHubTesting to see our latest repository. Then navigate to github.com/HeatherPost/GitHubTesting/compare/main..TestBranch to see the changes made on our test branch.

There is also the ability to compare two commits as well. To do this, use two dots to separate the version numbers. For example to compare commitA and commitB you would navigate to github.com/HeatherPost/GitHubTesting/compare/commitA..commitB.

Congratulations! You are on your way to becoming a GitHub master. With these tips and your new skills, you can now add security and efficiency features to your GitHub repositories and code. As a final tip, we recommend trying each of these suggestions out on a test repository before implementing in your current and future projects.  Once you’ve had a chance to test drive these tips for yourself, you will be ready to go!

We’ll be back soon with the next series of tips and tricks, which are all geared toward enhancing and broadening your skillset. These will be posted on DataMotion’s Twitter, Facebook, and LinkedIn pages every Tuesday. As always, we will be sure to summarize each set of tips in an easy and convenient blog post. Keep an eye out!

You can find DataMotion’s open-source projects, Postman collections and libraries on our GitHub. To find out more on how our secure message APIs can help you, visit datamotion.com today!

Have you ever been asked to share your GitHub profile at a job interview, or when meeting other developers at a conference? Doing so is an easy way to share your work and experience with others. With GitHub’s growing popularity, it’s now just as common for employers to request a GitHub profile as they would a LinkedIn profile. However, as great as the code hosting tool is for showboating talents, it does so much more. 

GitHub’s primary functions provide version control using Git and Internet hosting for web applications. As the platform continues to grow, new features are developed to enhance the primary functions and the development process as a whole. Understanding the magnitude of GitHub’s benefits, and how to use it to its fullest ability, will help advance your team’s productivity (as well as your career path).

Over the past few weeks, our dev team has provided GitHub tips and tricks on DataMotion’s Twitter, Facebook and LinkedIn accounts to help users better utilize this version control tool. Below are the four tips we have provided to date, aggregated into a blog post for easy, convenient review.  

We created these tips to enhance an already-basic knowledge of the GitHub platform, but for those of you who are still pretty new to GitHub and would like more information on how to get started, visit their quick start guide.

Just as developers can showcase their software projects on GitHub, the GitHub Gist feature allows developers to easily display snippets of code as well. The gists are hosted on GitHub as any other repository would be and can be found on one’s GitHub profile. 

Gists can be used to share data and snippets of code through a URL or embed them into your webpages as I have below. By adding a quick source tag to our HTML, I was able to embed an example gist I created to this blog. 

This feature allowed me to easily provide the formatted code needed to get a DataMotion session key now without having to link to a full GitHub repo. Gists can be extremely useful when building documentation pages, how-to guides and, of course, technical blogs.

When collaborating on a project, you may want to fork a repository and push your changes to the main repo when you’re ready to contribute. This is a helpful strategy, but requires continuous pulling of the changes your partners push to the main project to ensure you are working with the latest code. Thankfully, GitHub makes it easy to know when you need to fetch these changes. 

Once your project is forked, make sure to enable the “Watch” feature on the main repository. By doing so, GitHub will notify you when a fetch is required. To do so, navigate to the main repository, select the watch button in the top right corner of the page, and choose your desired option!

When collaborating on a development project, you can keep track of tasks by assigning bugs and feature requests with GitHub’s “Issues.” This feature allows users to create issues, which outline the different tasks that must be accomplished in order to complete a project. Developers can link to the issue in their push and pull requests in order to keep track of the issue’s progress. 

This adds issue tracking functionality on top of version control which helps further organize the development process. To get started, navigate to your project’s repository, select “Issues” at the top of the page followed by the “New Issue” button. From here, you can start filling out the details.

Now that we understand how the ‘Issues’ feature works, I’ll expand upon it. Developers may have a list of smaller tasks that need to be completed for one larger feature to be accomplished. To keep track of progress on a group of issues, utilize GitHub’s Milestones. 

The Milestones feature allows you to prioritize tasks and monitor which issues are completed and which are still open. You can also add a due date to each milestone to help better plan releases and keep to a specified development timeline. 

You can find more information on milestones within GitHub’s documentation. 

GitHub is an excellent tool for showcasing hosted code, but you can now see just how much more it has to offer. With the four tips reviewed today, you can enhance your development process and streamline collaboration by: 

• Utilizing GitHub gists to share and display snippets of code
• Ensuring you are notified when you must fetch upstream from a forked project 
• Keeping track of bugs and feature requests with GitHub’s Issues
• Using Milestones in order to group and prioritize various Issues

In the coming several weeks, every Tuesday, we will provide additional GitHub tips on DataMotion’s Twitter, Facebook and LinkedIn accounts. In the meantime, be sure to check out DataMotion’s GitHub profile to find our projects and development resources. To learn more about DataMotion and our products, visit our documentation site or contact our team of experts. 

In software development, application programming interfaces (APIs) are an absolute necessity. APIs play a crucial role in enabling various systems to communicate and share data with one another. These versatile tools make it possible for developers to incorporate ready-made code into their applications, saving them the time and effort of creating complex features from scratch. Just as peanut butter pairs perfectly with chocolate, and a baseball game isn’t complete without sunshine, APIs are an integral part of a developer’s toolkit.

When it comes to working with APIs, there’s one tool that stands out above the rest: Postman. Loved by over 15 million developers and half a million companies worldwide, Postman has emerged as a key tool for programmers who need to test APIs, streamline their workflows, and save time.

Postman is more than just an API testing application. It’s an all-in-one platform that supports every stage of the API lifecycle, from design and development to testing, documentation, and monitoring. With its user-friendly interface and extensive API collections, Postman has simplified the often-complex task of working with APIs.

Imagine you’re experimenting with a new API. You would likely need to set up the necessary request details, create an account, and provide account credentials before making the API call. With Postman’s API collections, all these details are readily available, cutting down your setup time and letting you ‘plug and play’ with ease.

As a testament to its effectiveness, the development team at DataMotion frequently utilizes Postman in their work, appreciating the many ways this tool enhances their productivity and efficiency.

Postman is more than just an API testing application. It’s an all-in-one platform that supports every stage of the API lifecycle, from design and development to testing, documentation, and monitoring. With its user-friendly interface and extensive API collections, Postman has simplified the often-complex task of working with APIs.

After extensive use of Postman and thorough research, the development team at DataMotion has pulled together numerous tips and tricks to make the most of this powerful tool. These tips will save you time, streamline your API testing process, and help you become a Postman guru.

Manually updating headers and parameters for each request can be time-consuming and repetitive. The ‘Bulk Edit’ feature in Postman is a lifesaver here. You can access this feature in the Header and Params sections, allowing you to see the list of headers or params in text rather than in a table format. This then allows you to copy the text and paste it into your new request. In the same section of your new request, select ‘Bulk Edit’ again and paste the text within. From here you can select ‘Key Values’ which has replaced the bulk edit option to see all your headers or params in the table format. This way, you can swiftly update your requests without having to modify each one individually.

Another handy feature in Postman is its support for variables. You can set up variables within a folder or collection for data that is used repeatedly across multiple requests. For example, in DataMotion’s API collections, we have a header for a session key in most of our requests. When the session key updates, you can instead create a variable and update the session key variable’s value. You can then use {{variable}} to reference the variable in your requests. This simplifies updating the session key; you just update the variable value once, and it applies to all references across your requests.

As a developer, quality assurance (QA) testing is an inevitable part of your role. Postman has a convenient way of allowing you to test multiple requests at once with the same script. To do this, select the folder or collection containing the requests you want to test, then navigate to the ‘Test’ tab and add your test code. You can then run the entire collection, executing multiple tests at the same time.

There might be times when you want to run a request without certain headers or parameters. Rather than deleting them and then having to add them back in later, Postman lets you disable or enable headers or parameters with a simple click. Deselect the checkbox next to each header or parameter you want to disable. This allows you to run the request with only the enabled headers or parameters included.

A great tip I recently learned utilizes the Postman console to update environment variables using data from a JSON response. You can write a script that parses the JSON response returned after making a request, then update an environment variable with this response data – all within Postman.

This trick is particularly useful when getting session keys. Within the DataMotion Postman collection, several requests require a session key. To streamline the testing process, I created a ‘SessionKey’ variable that allows me to easily update each instance at once. Then I add the following code to my console, which captures the updated session key from DataMotion’s ‘Get Sessionkey’ API call and automatically populates the ‘SessionKey’ variable with the response.

var data = JSON.parse(responseBody);

postman.setEnvironmentVariable(“SessionKey”, data.SessionKey);

This ensures that the ‘SessionKey’ variable in the majority of my requests consistently reflects the most current session key retrieved through the ‘GetSessionkey’ API call.

The session key variable is scattered across the DataMotion collection. If the variable name needed to changed or be updated, it would be a long and menial task to complete. However, this work can be replaced with Postman’s find and replace feature.

To rename a variable, such as the session key variable or an attribute name, navigate to the bottom right of your Postman workspace to find the “Find and Replace” button. Select this button and type in the phrase or regex pattern you would like to identify. From here, select specific instances of this phrase to update or select all. Then enter the new phrase you would like to replace these instances with under the “Replace With” section and click “Replace.”

Postman is not just an API testing tool; it’s also great for converting your API calls into code. After configuring your Postman request, simply select the code icon on the right panel of your workspace, select a programming language, and copy the generated code snippet of your request.

You can then seamlessly integrate this snippet into your projects for a streamlined development process.

You can create API documentation for your Postman collections using the documentation icon in the right panel of the Postman workspace.

Once you have selected the documentation icon, you will see the documentation for your request, including details on the endpoint, parameters, headers and body values. You can also select the ‘View the complete documentation’ button at the bottom of this view to get documentation on your entire collection. From here, you can select publish in the top right corner to publish this information, directly from Postman.

While Postman is a powerful ally for any API-related work, its functionality is especially evident when used with the secure message center API. Developed by DataMotion, the secure message center API enables secure messaging, email, and document exchange integration into self-service portals like online banking, insurance member services, wealth management portals, and more.

These self-service portals have become the primary interfaces for customers to manage their accounts, conduct transactions, find healthcare specialists, or check insurance claim statuses. However, these portals occasionally fall short of providing secure and compliant communication channels. This is where the secure message center API, built with data privacy and governance regulations like GLBA and HIPAA in mind, comes into play. By integrating the secure message center API into these portals, businesses can quickly establish a robust, secure, and compliant communication resource.

Postman’s ability to test, validate, and demonstrate the functionalities of the secure message center API proves invaluable in these integrations, making it easier for developers to understand, work with, and leverage the API to its full potential.

To help you navigate the complexities of secure messaging and API testing, DataMotion has prepared a series of demo videos showcasing the use of Postman with the secure message center API. These videos serve as a step-by-step guide, walking you through the API’s functionality and demonstrating how Postman can be utilized to facilitate API testing. Not a fan of Postman, but are looking for something different to test APIs? Check out our recent blog post and video demonstration that leverages the Insomnia REST Client for API testing.

Here’s one of our software developers demonstrating our ‘send message’ API. If you’d like to follow along, you can view our Postman Collection on GitHub and try out our APIs in our self-service portal.

This video offers a comprehensive demonstration of folder management with the secure message center API. It covers the essential steps of listing, creating, and deleting folders for efficient organization.

If you are developing a self-service portal for a financial services or insurance company – we hope this taste of secure message center programmability clarifies what you can build with our APIs. Of course, there is a lot more functionality – and all of the secure message center APIs are well documented with sample code and SDKs.

APIs have revolutionized the way developers work, and Postman is one of our favorite tools leading the charge in making API testing more accessible, efficient, and effective. As we continue to explore and discover new facets of this and other powerful tools, we’ll continue to share our knowledge and tips with the developer community. For more insights into the world of Postman, similar tools like Insomnia, and API testing in general, follow us on LinkedIn, Facebook, and Twitter and subscribe to our monthly newsletter. We post new tips and tricks every Tuesday, providing fresh content to help you master these incredible tools. To put your Postman learning into practice, download our Postman collections on GitHub.

Feel free to contact us for any questions or to discuss your project ideas, and don’t hesitate to book time for a conversation or technology demonstration!

Updated November 9, 2023

It’s a common analogy: the decision between building or buying a software application is comparable to choosing whether to build or buy a house. The pros and cons for both are similar. Building it yourself often leads to something made specifically for your needs and could save you money. However, it also can take much longer than predicted and has a substantial risk of unexpected expenses. While choosing to buy can be the simpler and faster decision, you may not receive that “made just for you” feeling you were hoping for. Many of our customers struggled with this dilemma before choosing to use a third-party vendor. Why is this? We’ll highlight five things to consider before developing software in-house and why it may be better to let someone else do the heavy lifting.

Before getting started, we want to emphasize that building software in-house is not always a bad decision. If your desired solution is expected to be core to your business and your team has the resources to build it themselves, then building it in-house can be the better option. Not only will your solution have the features you need, but you’ll also have greater control over it in the long run. On the contrary, if your solution is not expected to handle core business processes and your team has other critical priorities, we encourage you to keep reading.

Now that we’ve gotten that out of the way, let’s get started. Here are five things to consider before building software in-house.

1. It’s a massive time commitment. As we alluded to earlier, building a new software solution or application from scratch can be an extremely long, drawn-out process. In fact, the time it takes to develop the front and back-end infrastructure for a standard web application is 4.5 months. If your project includes complex features, such as secure messaging, assume it will take longer. And when you think you’re done, you’re not. Work isn’t complete once you go live. As the software developer, you will be responsible for monitoring, updating, and supporting your application even after it’s launched.

2. It’s incredibly expensive. When you build software in-house, it’s common to assume that you’re saving money. While that may be true, it’s not always the case. To put the costs into perspective, let’s crunch some numbers.

For simplicity, we’re assuming we have a one-person team, a front-end developer. We’re also assuming they’ll complete the project in 4.5 months while working 40 hours per week.

That works out to 720 hours for one employee to work on a single application. Odds are, you’ll have a team of developers working together, so make sure to multiply that number by the number of people on your team.

Since we’re talking in terms of money here, let’s convert that to how much you will spend during that time frame, using $57 as the average pay per hour for a front-end developer in the United States.

$41,040. That’s the minimum you’ll spend to build a standard web application. Now, we’ll admit that math was not perfect. You’ll likely have a larger team, consisting of employees in various roles, all getting paid different amounts.

Not to mention – all that time and money that went towards building your application could have been spent focusing on other priorities, so there’s an opportunity cost to consider.

3. It’s (probably) already been built. Unless your requirements are highly specific and unique, there’s an excellent chance someone has already built all, or at least part of, what you’re searching for. A third-party vendor has already put an extensive amount of time and work into testing and perfecting their solution to ensure it works exactly as expected. Thus, they will know the ins and outs of their product, how it was built, what it can and cannot integrate with, the potential to customize it, and solutions to common problems. In short, these folks have years of experience and know what they’re doing.

Word of warning: not every third-party vendor is built equal. While many have taken the necessary steps to protect their system’s security and meet the needs of their customers, it’s important to do your due diligence when choosing to outsource all, or parts of, your project. Here are 14 points to consider when vetting a third-party vendor, particularly when choosing an API company.

4. You will be your own support team. As mentioned earlier, building software in-house means providing support for your software throughout its lifespan. This requires a significant, ongoing time commitment from your team. It also involves a constant effort to maintain the skills and knowledge to properly respond to requests. This means continuous training for your current team, and any future team members.

5. Other products have been polished and perfected. Remember when we mentioned earlier that an application with your requirements has likely already been built? This is a critical topic, so we’re going to reference that again in this last point. Many API and SaaS companies have been around for a while and have already spent years testing, modifying, and updating their services. Often, this results in a fine-tuned product specifically designed to meet customer demands.

This experience factor is also important to consider if your desired solution must comply with industry and privacy regulations. To satisfy compliance requirements, specific steps must be taken, and certain criteria met both within the services offered and the organization who provides the service. Many third-party vendors have already taken the extensive time needed to fulfill these requirements so their customers can focus their resources elsewhere.

Building software in-house may sound like a promising idea when you’re considering a project. However, it is critical to assess the pros and cons of building it yourself, lest you fall into a never-ending development cycle. And if your project involves any type of secure messaging system, additional time must be taken to meet regulatory compliance requirements.

To close out this blog post, we’d like to provide you with five preliminary questions to ask yourself when choosing to build or buy software:

1. Is my desired solution core to my business processes?
2. How much time and money should I devote to my project?
3. Do integrations for any of my solution’s preferred features exist?
4. Do I have the resources to update, maintain, and provide support for my solution throughout its lifespan?
5. If my solution deals with any kind of sensitive information, what are the relevant regulations with which it must comply?

DataMotion offers a variety of API and pre-built solutions for organizations seeking to add an easy-to-use and secure messaging system to their communications toolkit. We also offer several pricing plans for our pre-built services and tiered pricing for our transactional APIs. To get an estimate on how much you’ll spend using our secure message delivery API, you can use the calculator on our pricing page.

• Choosing an API Company: 14 Points for Due Diligence
• DataMotion: A Zero Trust Model You Can Trust
• SaaS vs. PaaS: How to Choose What Type of Secure Exchange Solution is Right for You

• How Long Does It Take to Develop a Web App: Answers to All Questions
• Building Software In-house: Is It A Good Idea? (Build vs Buy)
• Hourly Pay for a Front-End Developer (salary.com)
• 7 Reasons In-House Software Fails
• 5 Reasons Why Building Your Own Software Solution is Not a Good Idea
• What to Expect When You’re Developing Software in House
• Ask Yourself These Questions Before Developing Software In-House

Recently, we released the DataMotion API for secure message delivery. Like the rest of our family of APIs, it’s just as easy to code into your apps, portals, and workflows as it is to bake a cake. But what makes it unique is that it’s a small subset of our larger collection of secure message center APIs. So, instead of getting APIs for secure messaging, administration, and provisioning, you’ll only be buying an API for sending secure messages. Think of it like a computer monitor, keyboard, and mouse bundle. If you only need the monitor, there’s no sense in paying more for the mouse and keyboard, so you’ll just buy the monitor by itself.

So, if the secure message delivery API is only a subset of our secure message center APIs, what exactly does it do? Well, as you would expect, it integrates the ability to send a secure message in one direction into whatever you build. Also, it supports granular tracking and reporting at the per recipient, per attachment level. With this API alone, you probably won’t be building out an entire ecosystem for secure exchange, but you might enable automated, secure email notifications or a one-way, user-initiated secure channel for sending sensitive documents in your app or portal, for example.

To paint a better picture of what you can build with this API, we’re going to highlight a brief, sample use case. Let’s imagine you’re a front-end developer for a wealth management firm tasked with creating a secure and automatic system for notifying clients whenever there is a change in their account allocation. You already have a system in place that tracks every action taken on a client’s account and records the exact time that each action occurred. Now, you just need to create a workflow that automatically sends an email notification whenever a major change in an account takes place, such as an account allocation change. You don’t want clients to be able to reply directly to this notification, they just need to be able to view the description of the change that was made, view the steps needed to resolve changes that they don’t recognize, and you need to be able to view who has received and opened each message and when they opened it. Because the workflows needed to send these notifications are linked to private account information, you recognize that it’s better if they are sent in a secure manner to protect your client’s data.

This is where the secure message delivery API comes into play. With a few lines of code, it helps you quickly inject the functionality for sending secure email alerts right into your workflow, so you don’t have to build it yourself. With this API, your organization can easily send secure, automated account notifications and track the status of every message sent for operational and compliance reporting. Essentially, you’ll achieve a win-win-win scenario. You’ll streamline your business processes, your developers will save valuable development time, and your client’s will receive a simpler and more secure user experience.

So, now that you have a better idea of what you can build with the secure message delivery API, it’s time for you to get started and try it out for yourself. You can view documentation for this API or start building right now by signing up for a free trial right in our self-service portal.

4 Minute Read

In this blog series, you’ll learn how to use the DataMotion secure message center APIs. We’ll start with the basics of getting a session key and sending a message, then explore a wide range of additional functionality. To make this series quick and easy to follow, we’ve broken it up into a few, easy-to-consume parts. This first part should only take you a few minutes, so you can start brewing a pot of coffee and celebrate with a fresh cup when your code is done.

For those who aren’t familiar with this family of DataMotion APIs, they make implementing modern secure document and message exchange in your mobile apps, portals, and workflows easy and fast. It’s a win-win – you get the secure features you need while having extra time to focus on other features that make your app best-of-its-kind.

There are many use cases where our secure messaging APIs have saved the day, ranging from enabling client to advisor exchanges in wealth management apps, to the exchange of medical results for clinical trials. Now, customers can say goodbye to muzak on hold, stamps, faxes or trips to see their advisor. Instead, they’ll be saying hello to securely getting business done in record time.

Now that you have a better understanding of what these APIs can do, let’s begin with the first part of this tutorial. We’ll start with showing you how to get a session key and send your first secure message directly from the “How Do I?” module in our self-service center.

There are a couple of things you will need to confirm prior to diving into this tutorial. First, in order to get a session key and send your first message, you must be signed up for a DataMotion developer account. If you don’t have one yet, you can fill out the form that pops up to “Create a DataMotion Account” when clicking the “Login” button at the top right corner of the self-service center. Upon completion of this form, you’ll begin a free 120-day trial of our secure message center APIs and you’ll be ready to move on to the rest of this tutorial. So, let’s get started!

Before calling any of the functions in this suite of APIs, you’ll need to get a session key. A session key verifies a user’s account credentials, so the system knows it’s actually them when making API calls. To get a session key, your users will enter their UserIDorEmail and Password. In this example, use the ones that you established when creating your developer account and enter them into the body of your HTTPS request. Then click the Submit button.

A successful response will return a 200 Status Code with a Response BODY:

To keep things secure (that’s what we do), this session key will expire after 30 minutes of inactivity on an account.

It’s important to take a quick step back to discuss this process of getting a session key in a little more detail. For the purposes of this tutorial, we asked you to simply input your UserIDorEmail and Password. However, this isn’t the only method to verify your identity with our services. We also support single sign on and integrations with public or private identity providers, such as SAML, to establish and verify a user’s identity.

Now that you have a session key, keep it handy. We will be adding it as a custom header value to every other DataMotion secure message center API call we make. Alright, so let’s send your first message.

Using the same “How Do I?” module, you’re going to move down to the tab labeled “Send a Message.” First, to make things easy, you’ll notice that the “To” and “From” fields are already filled out for you using the email address associated with your DataMotion account. All you’ll need to do is fill out the Subject and the TextBody, then click Submit to send your message.

If your secure message sends successfully, you will receive a 200 status code along with your message ID and the message expiration date. Because the “To” field was pre-populated with your email address, you will receive a message waiting notification in your inbox. A successful request will look similar to the following:

Take a bow!  You’ve successfully gained access to the API, established a Session Key and sent a message. It’s a great time to treat yourself to that fresh cup of coffee!

You’re now ready to move on to the next step. In the next part of this blog series, we’ll show you how get your message summaries and how to read a message.

In the meantime, you can read up on our Get a Session Key and Send a Message documentation for the secure message center APIs in our developer center.