Magento2 supports two formats of the messages for REST APIs: json and xml. Let's take json as an example: the api call for the service you created will looks like this:
curl -X POST "http://magento.url/rest/V1/vakri/update" -H "Content-Type: application/json" -d '{"xml": "<OrderEventNotification Id="E201602261456522075"> .. "}'
As you see here, you should have field, "xml", which corresponds to input parameter name of the method.
For XML it might be a bit more tricky, I would assume something like
curl -X POST "http://magento.url/rest/V1/vakri/update" -H "Content-Type: application/xml" -d '<xml>"<OrderEventNotification Id="E201602261456522075"> .. "</xml>'
In any case, there will be a problem if xml code contains characters which can break the request json/xml structure. One way to overcome that is to obfuscate xml string with some encoding, let's say base64, or escape all dangerous characters. In API service implementation you would need to do reverse operation.
Another, and much better way, is to actually create the Data Object, which represents the data from the XML file. Instead of sending raw XML string, you'll just use possibilities of Web API framework to serialize/deserialize data.
namespace Ezprints\Valkyrie\Model\Api\Data;
interface OrderEventNotificationInterface
{
/**
* @return string
*/
public function getId();
/**
* @return string
*/
public function getOrderId();
/**
* @return string
*/
public function getEZPReferenceNumber();
/**
* @return string
*/
public function getAcceptedDateTime();
}
namespace Ezprints\Valkyrie\Model\Api;
interface ValkyrieStatusUpdateInterface
{
/**
* Parse the notification XML and handle accordingly
*
* @api
* @param Data\OrderEventNotificationInterface $orderNotification
* @return Data\OrderEventNotificationResponseInterface
*/
public function processVaklyrieStatusUpdate(Data\OrderEventNotificationInterface $orderNotification);
}
API call will looks like:
curl -X POST "http://magento.url/rest/V1/vakri/update" -H "Content-Type: application/xml" -d '<id>E201602261456522075</id><order_id> 000000024</order_id><e_z_p_reference_number>0-01-7899-201602242228-0027-3808</e_z_p_reference_number><accepted_date_time>2016-02-26T21:27:55<accepted_date_time>'
I will be trying to make an answer quite simple for you to see through Magento a bit more fluently. (background, there is a lot of documentation and a couple of sentences may guide you to understand what is what..)
Magento is an e-commerce framework (php code and connect to mysql).
In steps:
- you may deploy this framework with simple data (in this process, you do have to setup a webserver indeed)
- you have at this point an ecommerce website that you can use: purchase items and create customer and so on (I understand this is not something you are interested but just to make it clear, this is what most people use Magento for). Also, anybody using this site will be able to create orders, register as a new customer like we do onto a site. By doing this the sample data are modified and your API queries can have different returned data
- finally, with just setting up the API (add an API user in the backend for querying some Magento API with a token), you have now access to all the Magento API to gather the data that the website host in its mysql database
--> you can create as many API users as you want and each can have different privileges (access different API)
--> the data that you will receive from these API calls will be the data in your mysql database and therefore will be the data related to the sample data (2k products, 1 customer and 2 orders are the content pretty much of the sample data)
I hope this clarify your situation. I don't see what you call "your users' own Magento data" and therefore I hope you see now that the data in the Magento API are only reflecting the e-commerce data you have in your site.
Best Answer
Alan, you are right, SOAP framework is completely different from the one in Magento 1 and was created specifically for Magento 2 needs to have Service layer interfaces same for REST, SOAP and PHP clients.
SOAP Authentication uses oAuth 2.0-like style of authentication using Bearer token. This is simple example on how to configure the SOAP client on PHP side:
Now, to the question where to get this token. There are few ways to obtain it, first one is to create manually in the Admin Backend. For this go to the System -> Integrations, click "Add New Integration", fill the form, select resources which you want to share with this integration and save. Then, click on "Activate" button. After few steps in the wizard, you will be provided with Four tokens. You should use Access Token as a Bearer token.
Another way to get a token is to complete oAuth registration http://devdocs.magento.com/guides/v2.0/get-started/authentication/gs-authentication-oauth.html#get-access-token