EngineEndpointsScript

Script v25.5+

Endpoint scripts are defined in the main descriptor bundle. When configured, Kubling creates a dedicated script context manager to prevent endpoints from exhausting system resources by limiting the number of parallel contexts (threads) allowed.

Let’s start with an example structure:

  • bundle-info.yaml

bundle-info.yaml

virtualDatabases:
  - 'vdb/EndpointsVDB.yaml'
 
endpointScripts:
  maxContexts: 20
  maxWaitMilliseconds: 5000
  endpoints:
    - endpointVersion: v1
      endpointName: "getIt"
      scriptFilePath: "endpoint/get_it.js"
    - endpointVersion: v1
      httpMethod: POST
      endpointName: "postIt"
      scriptFilePath: "endpoint/post_it.js"
      requiresAuthentication: true
    - endpointVersion: v1
      httpMethod: DELETE
      endpointName: "deleteIt"
      scriptFilePath: "endpoint/delete_it.js"
      requiresAuthentication: true
    - endpointVersion: v1
      httpMethod: PATCH
      endpointName: "patchIt"
      scriptFilePath: "endpoint/patch_it.js"
      requiresAuthentication: true
    - endpointVersion: v1
      httpMethod: PUT
      endpointName: "putIt"
      scriptFilePath: "endpoint/put_it.js"
      requiresAuthentication: true

Although the configuration is mostly self-explanatory, it’s important to note that if httpMethod is not specified, Kubling assumes it is GET.

Example: get_it.js

Endpoint scripts work similarly to other JavaScript-based components in Kubling (such as data sources or SQL functions), with the key difference being the set of contextual objects injected at runtime.

logger.info(httpRequest.method());
logger.info(httpRequest.body());
 
var result = DBEngine.executeQuery("MinimalVDB", "SELECT * FROM SYSMETRICS.METRICS");
httpResponse.text(result.inspect);

In this minimal example:

  • The script logs the HTTP method and request body.
  • It uses the internal DBEngine client to run a SQL query against the MinimalVDB.
  • The result is returned as plain text in the response body.

Endpoints are always exposed at the root level. However, Kubling requires versioning for every endpoint.
This means you must explicitly define the endpointVersion for each script, and it will become the URL prefix of your endpoint.

For example, with endpointVersion: v1 and endpointName: getIt, the resulting endpoint path will be:

/v1/getIt

See details of the request and response members in the script member reference page.

Authentication v26.2+

Endpoints can participate in the same RBAC mechanism used by the Engine by enabling the requiresAuthentication flag.

When authentication is enabled, the incoming HTTP request is associated with an authenticated session before the endpoint handler is executed. If an authentication delegation is configured, the authentication flow is resolved through the configured script delegate.

As a result, RBAC-aware script context members can operate using the authenticated user associated with the request. This is particularly relevant for DBEngine, which can execute queries and updates using the request-scoped security context.

⚠️

If requiresAuthentication is enabled but no authentication delegation is configured, Kubling associates the request with an internal privileged session.

In this scenario, operations executed through DBEngine using impersonated execution semantics behave equivalently to privileged execution.

QueriesProperties