Catalina Technology Blog

Get programming samples for Catalina’s API for Dynamics SL, see demos of Catalina products, check out special projects in IOT, urban gardening, robotics, and much more.

How to Custom Call Stored Procedures with REST that have Customizable XML Parameters

Many of Catalina Technology’s stored procedures accept a field called @parms that is an XML field for configurable parameters to be passed. An example of this is below.

You can see that there is a parameter getting passed called “@parms”. In that is a XML string that contains one or more parameter. In this case, there is a single parameter called “ADDRID” and it is getting passed the value of “C%” so that it can return all addresses that start with a “C”

exec xct_spDSLGetAddresses @currentPageNumber=N'0',@pageSize=N'500',
    <key name="ADDRID" value="C%"/>

To call this RESTfully, you need to HTML escape the XML string so that things like double quotes (“) will not cause the JSON to break.

Below is an example of how we would call the custom stored procedure above, but call it through the Catalina RESTful API.

curl --location --request POST 'http://YOURSERVER/ctDynamicsSL/api/customSQL/xct_spDSLGetAddresses' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Basic YOURAUTH' \
--header 'SiteID: YOURSITEID' \
--header 'CpnyID: YOURCPNYID' \
--data-raw '{ 
        "name": "currentPageNumber", "value": "0"
        "name": "pageSize", "value": "0"
        "name": "parms", "value": "<nameValuePairs><key name=\"ADDRID\" value=\"C%\"/></nameValuePairs>"

Catalina XML Configuration File Editor: ctConfigEditor

ctConfigEditor is the stand-alone executable used to create and edit the custom XML documents used to configure our full line of web services. Our xml structure supports storing sql connection data and a range of name/value pairs. All data is easily encryptable for added security.

Step 1:

Choose whether you are editing an existing file or creating a new config file from scratch. If loading an existing config file, you will need to fill in your catalina software license key as well as your sitekey.

Step 2:

Either load an existing Site ID or create a new Site ID.
You can identify which Site ID you are editing on all screens at the top of the screen where it says, “Currently Editing: SiteID“. If this value is blank, it means you are creating a new SiteID entry.
Note: TO DEFAULT ALL KEYS: Load an existing Site ID, then enter a New Site ID and hit the “Create Site” button.

Step 3:

Set your Database connection strings. Both the .NET format and OLE String format.
For more information on sql connection strings and other options available, we recommend reading at:

Step 4:

Edit the config options available or create custom entries. Note: you can optionally encrypt any field by just checking the “encrypt” checkbox next to a key. We recommend only encrypting sensitive data.

Step 5:

On the “Finish” tab you will see the option to Preview the XML file or Save it to a file. Click the appropriate button.
You can optionally change your siteKey/encryptKey by filling in the new key in the SiteKey text field. Note: You will need to remember to update any client applications to use the new siteKey.

Catalina API Error Not Able to Load Assembly


When I try to access Catalina’s API for Dynamics SL, I am getting an error that looks like this. What is the problem, and how can I fix it?


Look at the web.config of your ctDynamicsSL web application and remove the section <system.codedom>. So looking below, just remove this total section from your web.config

      <compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:6 /nowarn:1659;1699;1701" />
      <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:14 /nowarn:41008 /define:_MYTYPE=\&quot;Web\&quot; /optionInfer+" />

Call Custom Stored Procedure via Catalina’s RESTful API for Dynamics SL

Catalina has had a way to call custom stored procedures from their SOAP based web services for Dynamics SL for years.  You can now do it using the RESTful API version.

Looking at the Swagger Documentation, you can now see a customSQL resource (If you don’t see this, contact Catalina Support to see about getting updated to the latest version of Catalina API for Dynamics SL)

Example using one of our procedures:


        "name": "ContactID", "value": "BJON"
        "name": "CustID", "value": "CT0100"
        "name": "Type", "value": "B"
    "checkSum": "3CB06C9A4A83BECCFC60684C271818EDEEAA5770" 

NOTE:  the checksum is a security feature that is turned on by default.  This allows the API to double check to make sure that you are who you say you are.  Use a SHA1 hash of the stored procedure name to generate the checksum.

The checksum requirement can be disabled in your DSLCONFIGFILE.xml  file.

You can generate the checksum using any SHA1 library, or you can use the library included in our service distribution: /ctDynamicsSL/bin/ctStandardLib.dll

var checksum = ctStandardLib.ctHelper.getHash(siteKey, storedProcedureName);

Problem with Special Characters in Catalina API Query String

I ran into an issue earlier where I was trying to retrieve a customer using the Catalina Technology API for Dynamics SL. But the problem was that the CustID had special characters in it. In this case, the CustID looked like this: “BB& 1 2

So, there was a prefix of “BB”, then there was an ampersand, and then there were two spaces, then the number 1, two more spaces, then the number 2.

First of all, I had to URL encode the CustID that was getting passed to my API so that the call looked like this:


You can see that & was replaced by %26 and a space was replaced by %20.

Now, that is fine, but then .NET was having problems with the & (even encoded) in that it had an error like this:

A potentially dangerous Request.Path value was detected from the client (&amp;).

This is remedied by looking at the web.config of your ctDynamicsSL application. Search for the keyword: httpRuntime. Once you found that, if you don’t already have an attribute requestPathInvalidCharacters in that key, add it. This is a good default one:

<httpRuntime requestPathInvalidCharacters="&lt;,&gt;,%,&amp;,:,\,?" />

Then from that remove the &amp; so that you will allow the & to go in. That way, your final httpRuntime should look similar to this:

<httpRuntime requestPathInvalidCharacters="&lt;,&gt;,%,:,\,?" />

As you can see above, I removed &amp;, from the invalid characters. Thus allowing the ampersand to be allowed.

NOTE: If your httpRuntime has other attributes like the .NET version, etc. Leave those alone. Just worry about the requestPathInvalidCharacters attribute and it’s value.

3D Print a House Key from a Photo

This is a video I did back in 2017 where I took a photo of a house key and 3D printed it and it actually worked. NOTE: This key wasn’t the strongest of keys. And only worked a few times. But it is only needed once to make it a bad day for a home owner. Beware when you post pictures that include your keys in them.