Introduction

TigerGraph's REST API endpoints exist on the REST++ and the GSQL server. REST++ (or RESTPP) is the TigerGraph customized REST server. Our API accepts URL-encoded query string parameters, JSON-encoded request bodies and returns JSON encoded responses. This user guide provides information on how to engage with our REST APIs: the introduction section explains how to send requests, pass parameters, and format request bodies, while the subsequent sections describe in detail each endpoint and its input and output.

To submit a request, send an HTTP request to the REST++ server or the GSQL server. By default, the REST++ server listens for requests at port 9000 and the GSQL server listens on port 14240. A request needs to specify five things:

  • The request method (GET, POST, PUT, or DELETE)

  • The endpoint address

  • Any required or optional request parameters in URL encoding

  • For POST requests, a data payload (i.e., request body) in JSON encoding unless otherwise specified

  • In some cases, request header parameters

For requests that are sent to the GSQL server, the sender needs to provide TigerGraph user credentials for the request to be accepted. If authentication is enabled on the RESTPP server, a request token needs to be included in the request header as well.

In a test or development environment, the requester may be on the same server as REST++. In this case, the server IP is localhost.

Query String Parameters

TigerGraph's API endpoints accept parameters in URL encoding, which is straightforward in the case of string, number, and boolean values. However, some parameters are more complex and require specific formatting. The list below describes how to format the complex type parameter values when executing a query.

Input Data for POST requests

Input data for POST requests should be in JSON format, unless the endpoint specifically accepts data in other formats. There are two ways to supply the data: inline or in a separate file.

Inline Data

The data should be formatted as a single string without linebreaks. If using curl, use the -d option, followed by the JSON string.

Syntax for a POST request with Inline Data Payload
curl -X POST -d 'json_string' "http://server_ip:9000/path_to_endpoint?request_parameters"

The following example uses the POST /graph endpoint to insert one User type vertex whose ID is "id6" into the graph called "socialNet".

Example using inline input data
curl -X POST -d '{"vertices":{"User":{"id6":{"id":{"value":"id6"}}}}}' "http://localhost:9000/graph/socialNet"

Data File

Often it will be more convenient for the input data to be in a separate file, especially if the data is large.

For curl, use --data-binary <path_to_file> as in the example below:

Syntax for a POST request with Payload Data File
curl -X POST --data-binary <path_to_file> "http://server_ip:9000/path_to_endpoint?parameter1=<parameter1>"

Formatting Data in JSON

Data of primitive types, including INT, UINT, FLOAT, DOUBLE, STRING, BOOL, and DATETIME, as well as arrays and objects, follow the standard JSON Data Interchange Syntax. This subsection describes how to format complex data types.

TYPEDEF TUPLE <field1 INT(1), field2 UINT, field3 STRING(10), field4 DOUBLE> myTuple

Vertices with Composite Keys

If a vertex has a composite key composed of N attributes, then N values must be provided for the "id" . The values can be presented either as a JSON object with N key-value pairs, or as a JSON array with a list of N values in the same order as defined in the schema.

The example below shows the two methods for a vertex v having a composite primary key composed of the three attributes id, name, and label.

Vertex v with composite key as JSON object
{
  "v": {
    "id": {
      "id": 3,
      "name": "c",
      "label": 300
    },
    "type": "v3"
  }
}

SET or BAG of Vertices

To describe a SET or BAG of vertices in JSON, use a JSON array with vertex objects nested in the SET or BAG array.

Output Responses

All TigerGraph REST responses are in JSON format. The output JSON object has four fields: "version", "error", "message", and "result".

  • "version" - this field describes the version of the running TigerGraph instance.

  • "error" - a boolean value to indicate if there is an error in processing the request. If there is an error, the "error" field will be true.

  • "message" - the error message when there is an error. If a request is successful, the field will be an empty string or a brief message conveying the result of the request.

  • "results" - this field contains the resulting data from the request. Details about the result of each built-in endpoint are described in the Built-in Endpoints section.

// Example response
{
  "version": {
    "api": "v2",
    "schema": 0
  },
  "error": false,
  "message": "",
  "results": [
    {
      "v_id": "id1",
      "v_type": "User",
      "attributes": {}
    }
  ]
}

To make the JSON output more human-readable in the terminal, use the jq command or Python json library built into most Linux installations:

curl -X method "http://server_ip:9000/path_to_endpoint?request_parameters" | jq .
curl -X method "http://server_ip:9000/path_to_endpoint?request_parameters" | python -m json.tool

Authentication

REST++ Server Requests

By default, TigerGraph REST++ endpoints are public: anyone with access to the HTTP ports of the TigerGraph server can run your endpoints. When REST++ authentication is enabled, then a valid authorization token must be included in the header.

The REST++ server implements OAuth 2.0-style authorization as follows: Each user can create one or more secrets (unique pseudorandom strings). Each secret is associated with a particular user and the user's privileges for a particular graph. Anyone who has this secret can invoke a special REST endpoint to generate authorization tokens (other pseudorandom strings). An authorization token can then be used to perform TigerGraph database operations via other REST endpoints. Each token will expire after a certain period of time. The TigerGraph default lifetime for a token is 1 month.

Using Tokens

Once REST++ authentication is enabled, a valid token should always be included in the HTTP header. If you are using curl to format and submit your REST++ requests, then use the following syntax:

curl GSQL request, with authorization token in header
curl -X GET -H "Authorization: Bearer <token>" '<request_URL>'

Here is a sample request:

curl -X GET -H "Authorization: Bearer 01234567abcdefgh01234567abcdefgh" "http://localhost:9000/graph/socialNet/vertices/User?limit=3"

GSQL Server Requests

All requests made to the GSQL Server must be accompanied by your user credentials. You can use the curl -u option to pass in the username and password of the TigerGraph user:

curl -X GET -u <username>:<password> "http://localhost:14240/<path_to_endpoint>

To keep your credentials more secure, one way to avoid having the user name and password on the command line is to instead use a .netrc file or a config file. If you are in interactive mode, you can also use the -u option without specifying the password, and then curl will prompt for the password.

Size and Time limits

The maximum length for the request URL is 8K bytes, including the query string. Requests with a large parameter size should use a data payload file instead of inline data.

Request Body Size

The maximum size for a request body, including the payload file, is set by the system parameter Nginx.ClientMaxBodySize. The default value is 200 (in MB). To increase this limit, use the following gadmin command:

gadmin config set Nginx.ClientMaxBodySize NNN

The upper limit of this setting is 1024 MB. Raising the size limit for the data payload buffer reduces the memory available for other operations, so be cautious about increasing this limit.

GSQL Query Timeout

By default, an HTTP request in the TigerGraph system times out after 16 seconds. to customize this timeout limit for a particular query instance, you can set the GSQL-TIMEOUT parameter in the request header. If you are using curl to submit your RESTPP request, the syntax would be the following:

curl -X <GET/POST> -H "GSQL-TIMEOUT: <timeout value in ms>" '<request_URL>'

Response Size

You can specify the response size limit of an HTTP request with the following header:

curl -X <GET/POST> -H "RESPONSE-LIMIT: <size limit in byte>" '<request_URL>'

If the response size is larger than the given limit, an error message will be returned instead of the actual query result:

{
  "error": true,
  "message": "The query response size is 256MB, which exceeds limit 32MB.",
  "results": [],
  "code": "REST-4000"
}

curl options

Request examples in this guide are made using curl. Below is a list of curl options used in our code examples:

  • -d <data>

    • Sends the specified data in a POST request to the HTTP server in the same way that a browser does when a user has filled in an HTML form and presses the submit button. This will cause curl to pass the data to the server using the content-type application/x-www-form-urlencoded.

    • If you start the data with the character @, the rest should be a filepath from which to read the data. The command curl -d @foobar will read data from a file named foobar.

  • --data-binary <data>

    • Sends data with a POST request exactly as specified with no extra processing.

  • --fail

    • Makes curl fail silently (no output at all) on server errors.

    • This is mostly done to enable scripts etc. to better deal with failed attempts. In normal cases when an HTTP server fails to deliver a document, it returns an HTML document stating so (which often also describes why and more). This flag will prevent curl from outputting that and return error 22.

  • -H <header>

    • Extra header to include in the request when sending HTTP to a server. You may specify any number of extra headers.

    • TigerGraph APIs use headers to specify size and time limits, as well as to provide RESTPP authentication tokens.

  • -s

    • Silent or quiet mode. Don't show a progress meter or error messages. It will still output the data you ask for, potentially even to the terminal/stdout unless you redirect it.

  • -u <user:password>

    • Submits the specified user name and password for server authentication.

  • -X <request_method>

    • Specifies a custom request method to use when communicating with the HTTP server. If this option is not used, curl will make a GET request by default.

Last updated