Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Customising the CMS

Creating a custom SOAP API


4 Posts   2887 Views


3 March 2009 at 7:04pm Community Member, 140 Posts


I have already previously asked about using SOAP to create a backend in relation to the e-commerce module (se [url=]this thread[/url]. I see now that SOAP is mentioned under APIs in the list of features in Silverstripe 2.3.0 ([url=]here[/url]).

Is there any documentation about how one would create a new SOAP based API? So far I have seen none. There are a few basic items that I would need to know:
- How to create the access functions
- How to get data into and out of the database
- How to secure the SOAP API, i.e., make it HTTPS only and require authentication of some sort (possibly require HTTPS client authentication)



15 March 2009 at 8:09am Forum Moderator, 801 Posts

Its a wrapper around RestfulServer, see
I've improved documentation slighty (see,
but its still fairly crude...


16 March 2009 at 3:11pm Community Member, 140 Posts


Thanks. You're doc updates are a start. So does this mean that you must have a REST API in order to have a SOAP backend?

I'd like to see more details about the security side of things. How do you restrict API access for data objects? How would you force all API accesses to use SSL?



17 March 2009 at 2:01am Forum Moderator, 801 Posts

Yes, you'll need to enable RESTful as well for the moment, I've filed a ticket to separate them a bit more cleanly:

> How do you restrict API access for data objects?
That should be in the RESTfulServer docs. Anything else you need?

> How to secure the SOAP API, i.e., make it HTTPS only
You have Director::forceSSL() at your disposal, which you could limit to match specific URLs only. Patches to make this configurable in the SOAP/REST servers are welcome :)