Setting Extended Attributes REST

Is there an example of how to add extended attributes when creating a thread with the rest api?

According to the documentation the type is RestExtendedAttribute but I can't find any example of how this would be sent. 

  • This isn't documented well because ExtendedAttributes are somewhat of a legacy feature due to its fragility and lack of security. However, you can add/update Extended Attributes using the syntax:

    __ExtendedAttributes_<FieldName> = "<FieldValue>"

    you can set <FieldValue> to an empty string to delete the ExtendedAttribute.

    Edit: there should be two underscores at the beginning.

  • I will make a note to update our documentation to include this information.

    To clarify a few points above:

    What i mean by lack of security is that there should be no expectation of security for any information stored in ExtendedAttributes. They come back in all List and Get calls for any content that supports them, so no personally identifiable or sensitive information should be stored there.

    Second, we have no plans to deprecate/obsolete ExtendedAttributes, and they are perfectly upgrade safe in terms of storage/retrieval. We would still recommend that any robust functionality implementation (eg, anything that requires filtering or searching) that relies on ExtendedAttributes should consider using a custom data store instead.

  • For custom data stores is there a way to access information in them via a rest api? Without standing up custom endpoints?

  • Any custom data stores would need some custom method to access.

  • So if ExtendedAttributes are somewhat of a 'legacy feature', are 'fragile' and 'lack security', are there any plans to provide a new incarnation of ExtendedAttributes which is built into the platform & doesn't have these issues? Maybe in Telligent 12? Fingers crossed

    I'd really rather not have to create something from scratch which uses a custom data store & prop up APIs (etc). All I'm after is a place to store some private user data which is only available to the user themselves, a sys admin, or the system account.

  • We do not have any plans at this time.  I'd recommend logging an idea here:

  • I also think there is a miscommunication or misunderstanding here as well.   They aren't fragile, not legacy and lack security is not entirely accurate.  They are just a key/value store, it is not meant to do anything but store simple values.  They are secure in the sense they are governed by the content data they belong to, so if you have access to view users, you can view the attributes.

    If you want custom security, querying, etc, then you will have to create your own data methods and structures because your requirement exceeds the intent of the feature.