SPARQL and Semantic SQL endpoint deployment

Ontopic Suite allows you to deploy development and production endpoints for querying your virtual knowledge graphs. You can perform:

• Single protocol deployments: SPARQL-only or semantic SQL-only
• Dual deployments: Combined SPARQL and SQL access to the same data

Endpoints can be deployed in different environments:

• Development: Temporary endpoints for testing and development, only accessible to project users
• Production: Stable, versioned endpoints for production use with configurable access policies

Development endpoints operate on the live design state (which may be unsaved), whereas production endpoints require saved snapshots to ensure versioning.

Access policy

When deploying production SPARQL and semantic SQL endpoints, you can choose between three different access policy types:

• Project policy: Inherits the same access policy as the parent project
• Public: Makes the endpoint publicly accessible. No authentication needed, except when using the PostgreSQL wire protocol
• Custom: Define an access policy for the endpoint using roles, groups, and user IDs

Development endpoints always use the project policy.

Custom access policies do not automatically grant access to system-wide administrators

If you want to grant access to administrators, add the ots-admin role to the access policy

Deployment using the User Interface

Creating a custom access policy

Before deploying endpoints with custom access policies, you need to create the policy:

1. Navigate to the Deploy > Access Policies page in your project
2. Click New access policy
3. Configure the policy:
   • Enter a descriptive name
   • Add a description explaining the policy's purpose
   • Specify users, groups, and roles that should have access
4. Save the access policy

Deploying a production endpoint

To deploy a new production endpoint:

1. Navigate to the Deploy page in your project
2. Click New deployment
3. Configure the endpoint:
   • Name: Enter a descriptive name for the endpoint
   • Mode: Choose the protocol type:
     • SPARQL/SQL for dual protocol access
     • SPARQL for SPARQL-only access
     • SQL for semantic SQL-only access
   • Snapshot: Select the design snapshot to deploy
   • Access policy: Choose the policy type:
     • Project to inherit the project's access policy
     • Public for unrestricted access
     • Selected to use a custom access policy (then select the specific policy)
4. Save the deployment configuration
5. Click Start endpoint to activate the endpoint

Deployment using the Web API

The Web API provides the same endpoint deployment capabilities as the user interface. For project-based deployments, refer to the following sections in the API description:

• "Project - SPARQL endpoints" - Deploy SPARQL-only endpoints for a project
• "Project - SQL endpoints" - Deploy semantic SQL-only endpoints for a project
• "Project - dual SPARQL/SQL endpoints" - Deploy dual protocol endpoints for a project

Deploying endpoints without projects

You can also deploy SPARQL and semantic SQL endpoints independently, without associating them with a project. This advanced feature requires specific permissions:

Required roles: Users must have one of these global roles:

• ots-full-deployer
• ots-admin

Required scopes: The following API scopes are needed:

• arbitrary-sql-deployment for standalone SQL endpoints
• arbitrary-sparql-deployment for standalone SPARQL endpoints

For detailed implementation guidance, see the "SPARQL endpoints" and "SQL endpoints" sections in the API description.