Introducing Mobile Cube

This document provides an introduction to the Mobile Cube API and a brief overview of the framework.

This document covers Mobile Cube Release 1 for ATG 9

Mobile Cube
Supported Platforms
Licensing
Services
Technology
Security and Session Management
1. Transport Security
2. Sessions and Cookies

Mobile Cube

Mobile Cube is a framework that provides focussed REST APIs for native mobile applications to interact with an ATG-based commerce application.

Mobile Cube runs on ATG 10 and ATG 9.

Business-Friendly

Mobile Cube enables Omnichannel Commerce - with tight integration of native mobile applications with ATG-based websites.
With the features and APIs supported in Release 1, Mobile Cube can enable Mobile-First or Mobile-Only Commerce
Mobile Cube has very clear and simple licensing.

Mobile-App-Friendly

Mobile Cube is designed for Native Mobile Applications - with well-defined and strongly typed data structures.
Mobile Cube is true REST - with data resources represented as URIs, business actions represented as HTTP methods, and full use of HTTP status codes and headers.
Mobile Cube is Tightly Focussed - providing just the information that is needed, and no more.
Mobile Cube is Highly Structured, and supports representation as both XML and JSON.

ATG-Friendly

Mobile Cube supports Single Sign-On - common customer profiles across native mobile apps and ATG-based website.
Mobile Cube has Shared Persisted Baskets - allowing synchronised basket management across mobile and web channels.
Mobile Cube provides a Common Pricing and Promotions model - ensuring absolute parity across mobile and web channels.
Mobile Cube is Highly Customisable - allowing the API data structures to be enhanced to match the underlying commerce data structures
Mobile Cube is Extensible - enabling you to expose custom functionality in a consistent and coherent manner.

Supported Platforms

[Back to Top]

Mobile Cube provides the APIs on top of a standard ATG installation, grouped into three fundamental services covering Customers, Products and Orders.

We know there is no such thing as a standard ATG installation in the wild, and the Mobile Cube framework allows the Mobile Cube APIs to be enhanced and extended.

Specifically, the framework allows the data structures exposed by the API to be enhanced to match the underlying data structures of the commerce solution, and to define new services to allow for custom functionality to be exposed in a consistent and coherent manner.

Mobile Cube Release 1 runs on ATG 10 and ATG 9.

More specifically, Mobile Cube runs on the Latest Point-Release version of the Latest Major Version of ATG (currently ATG 10.2) and the Latest Point-Release version of the Previous Major Version of ATG (currently, ATG 9.4).

Mobile Cube can also be ported to run on other versions of the ATG platform.

Please contact Delivery Cube on mobilecube@deliverycube.com for more information about customisation, enhancement and porting.

Licensing

[Back to Top]

Mobile Cube is licenced per Production Site.

This licence entitles you to perpetual use, and comes with a year’s worth of support - including bug fixes and new feature releases, as well as 10 days' on-site consulting.

The production license comes with free developer licenses and includes on-site developer training.

The year of included support for a production licence starts from the day the site goes live. i.e. the day that a normal customer can download and install an app on their phone that accesses your live site. We consider any time spent prior to that as development, and do not count that towards your one year of support.

A site in Mobile Cube corresponds roughly to a site as defined in ATG. We are not interested in counting servers, processors, web servers, or even domain names. To us, if any two URLs are functionally indistinguishable from one another, then we consider them to be one site.

For example, if example.com and example.co.uk both take the customer to the same site, with the same content and the same functionality, then we consider them to be the same site.

Or more pertinent to Mobile Cube - if a mobile application connecting to one URL gets an identical response as it would if it connected to another URL then we consider them as one site.

For more information on licensing, contact Delivery Cube on mobilecube@deliverycube.com.

Services

[Back to Top]

In Release 1, the Mobile Cube framework provides APIs for the following three function groups

Customer Account Management Services

The Customer Account Management APIs support applications that allow customers to;

Register new Customers and Authenticate existing Customers
View Account Information and to Modify Account Information
Manage Instant Order settings - Default Shipping Address, Default Shipping Method and Default Payment Method

For more information, please see the Mobile Cube Customer Account Management Services API documentation.

Product Catalogue Services

The Product Catalogue APIs support applications that allow customers to;

Browse the Product Catalogue - navigating through the Category Structure
View Product Details - including SKUs, Pricing, Availability and Associated Media
Search for Products

For more information, please see the Mobile Cube Product Catalogue Management Services API documentation.

Order Management Services

The Order Management APIs support applications that allow customers to;

Place a New Order
View Details of Orders already placed

For more information, please see the Mobile Cube Order Management Services API documentation.

Technology

[Back to Top]

The framework exposes the business functionality as Stateful REST Services using XML and JSON.

REST (Representational State Transfer)

The Mobile Cube REST API is resource-centric. All the data entities exposed by Mobile Cube are represented as resources identified by URIs. Client applications can access and modify these resources using the standard HTTP methods of GET, PUT, POST and DELETE.

The Mobile Cube REST APIs make use of standard HTTP status codes and HTTP headers to present responses correctly.

XML (Extensible Markup Language) and JSON (Javascript Object Notation)

The resources defined by the Mobile Cube API are designed to provide just the information that is needed for the desired functionality and no more.

These data structures are defined using XML Schema, and are highly structured and strongly typed, using the full expressiveness of XML.

The Mobile Cube framework allows you to override and extend the structure for each resource defined.

The Mobile Cube APIs are defined XML-first, but they are by no means XML-only. The very same schema drives the structure of JSON requests and responses.

This allows you to use the data transfer format most suited to you and your native applications. Regardless of which format you choose, the functionality of each service is the same.

Content Types

When using the REST API, resources can be represented using either XML or JSON as the data transfer format.

When sending data, client requests must specify the appropriate Content-Type header of application/xml or application/json.

The request must include the appropriate Accept header of application/xml or application/json to allow the Mobile Cube service to return responses in an acceptable format.

Stateful Services

Mobile Cube is a stateful system. All interaction with the service happens in the context of a server-side session. This minimises communication between the mobile application and the service and helps increase performance.

Being stateful also enables the framework to hook into the fundamental services and components in ATG that provide personalisation, pricing, promotions and basket services.

For those actions that require authentication, Mobile Cube uses the same customer profile database and the same authentication mechanism as the ATG website, allowing for a common customer experience across mobile apps and the website

Security and Session Management

[Back to Top]

Mobile Cube does not impose any particular security model above and beyond that supported by the underlying ATG platform.

Transport Security

In most respects, when using Mobile Cube, it is appropriate to consider the mobile client application to be similar to a browser, and so the same security and privacy considerations should apply.

It is recommended that all HTTP communication with Mobile Cube be over a secure transport channel (i.e. HTTPS). This is especially the case for authentication requests, since customer passwords are sent in the body of the request. It is also the case for customer account management functions and order placement functions in order to protect customer privacy.

Mobile Cube is a stateful system, and the framework requires a valid authenticated session for customer account management functions and order placement functions. Searching and viewing the product catalogue does not require an authenticated session, but can benefit from having one.

Authentication in Mobile Cube Release 1 is password-based, much as it is in the ATG Commerce Reference Store. Please see the Mobile Cube Customer Account Management API documentation for more information.

As with the ATG platform, other mechanisms can be supported, but will require customisation. Please contact Delivery Cube on mobilecube@deliverycube.com for more information.

Sessions and Cookies

Mobile Cube uses the underlying ATG platform, and hence the J2EE container to manage sessions. Mobile client applications should honour the use of Session Cookies (typically the JSESSIONID cookie) and are expected to behave in the same way as a web browser.

When a mobile client application makes an HTTP request to the server for the first time, it will be given a session cookie in the response. In order to tie subsequent HTTP requests from this client with the server session, the client application is expected to provide this cookie in all subsequent requests.

Please contact Delivery Cube on mobilecube@deliverycube.com to discuss implementation guidelines for Mobile Client Application Developers.