Jiwa

Hi,
I am building an integration between my website CMS and my clients JIWA installation that is on their office server.
What is the best way to connect to the API that is on the office server installation. Their office server is not currently public, and only needs to have a public connection for JIWA alone, nothing else.
Cheers

I don't understand what you mean by "connect", so I'll just talk about broadly what I think you'd best do given the topography you've outlined.

The Jiwa API can be run on any on-premise machine which has access to the SQL database. If you port forward a port through the firewall, then your external systems like a CMS can push and pull data in and out via the API.

You'd probably want to use API Key authentication, so your CMS would use that key with every request (bearer token in request header or as URL parameter).

Static IP's at both ends and the CMS would be recommended. You could then limit by IP address at the customer site to whitelist only requests from the IP of the CMS - plus you could add a CNAME or A Record DNS entry so your CMS need only ever know the FQDN and not be impacted if things move (for example create an A Record DNS entry api.customerdomain.com.au which points to the WAN IP of the customer, CMS uses api.customerdomain.com.au in all it's route requests).

Use SSL for your API - I use Let's Encrypt to obtain free certificates - a utility called WinAcme can be used to automatically renew the certificate every 3 months.

Consider implementing rate limits within the API if you can't IP filter to allow only traffic from the CMS to the API. There is a plugin in this topic for that.

Whilst agreeing with everything Mike has listed here the only other issue I would raise from having some experience in getting data to outside web sites, mainly in my case web stores, is speed depending on your clients link you may find that possibly you may need to approach this from a master collection of data say once a day that you store and then possibly using the Jiwa REST API's web hook mechanism to collect updates.

This could also be an issue if you are collecting the data live and the client's link goes down for any reason, obviously this would add more complexity but increase reliability.