Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated a link
Warning
The following Publisher APIs are deprecated and will be unsupported in a future release. They are provided below for reference by existing users. For a complete list of the currently supported Publisher APIs, go to https://docs.wso2.com/display/AM210/apidocs/publisher/.  

Table of Contents
maxLevel4
minLevel4
separatorpipe

...

DescriptionAdd a new API.
URIhttp://localhost:9763/publisher/site/blocks/item-add/ajax/add.jag
URI Parameters

Given below are the parameters that you can pass with an Add-API call. Mandatory ones are marked with a *.

Parameter nameSyntax
Action*action=addAPI
Name*name=xxx
Context*context=/xxx
Version*version=x.x.x
API visibility*

visibility=<public|private|restricted>

The default is public. If you select restricted , mention to which roles as follows: visibility=restricted&roles=role1,role2,role3.

You can read more about API visibility from here .

Thumbnail image
  • To add a thumbnail image as a file object, create the object and pass it with the apiThumb parameter. See sample in this getMultipartEntity() method.
  • To add a thumbnail image as a URL of the image, pass the URL with the thumbUrl parameter as thumbUrl=<URL of the image> 
Descriptiondescription=xxx
Tagstags=x,y,z
Resources*

resourceCount=0&resourceMethod-0=GET&resourceMethodAuthType-0=Application&resourceMethodThrottlingTier-0=Unlimited

  • resourceMethod  can take any one of the following values: GET, POST, DELETE, PUT, OPTIONS
  • resourceMethodAuthType  can take any one of the following values: Application, Application User, Application and Application User, None
  • resourceMethodThrottlingTier can take any one of the following default values: Unlimited, Gold, Silver, Bronze. You can change the default values or have additional tiers defined in the /_system/governance/apimgt/applicationdata/tiers.xml registry location.
Resources as Swagger

Instead of adding resources directly as above, you can add resources, including scopes, as a Swagger payload. Here's an example of adding an API with its Swagger definition:

Code Block
swagger={"paths" : {"/CheckPhoneNumber" : {"post" : {"x-auth-type" : "Application%20%26%20Application%20User", "x-scope" : "read_number", "x-throttling-tier" : "Unlimited", "responses" : {"200" : {}}}, "get" : {"x-auth-type" : "Application%20%26%20Application%20User", "x-throttling-tier" : "Unlimited", "responses" : {"200" : {}}, "parameters" : [{"name" : "PhoneNumber", "paramType" : "query", "required" : false, "type" : "string", "description" : "Phone Number", "in" : "query"}, {"name" : "LicenseKey", "paramType" : "query", "required" : false, "type" : "string", "description" : "License Key", "in" : "query"}]}}, "/" : {"put" : {"responses" : {"200" : {}}}, "get" : {"responses" : {"200" : {}}}}}, "swagger" : "2.0", "x-wso2-security" : {"apim" : {"x-wso2-scopes" : [{"description" : "", "name" : "read_number", "roles" : "admin", "key" : "read_number"}]}}, "info" : {"title" : "PhoneVerification", "version" : "1.0.0"}}

In the above code, note that you have one resource path defined with the URL pattern /CheckPhoneNumber under the paths object. This is followed by the HTTP methods of the resource (e.g., GET, POST, PUT etc.) You can have multiple similar resource paths to a single API and multiple HTTP methods to each resource path. For each HTTP method, you can define several parameters.

For more information of the Swagger objects used in this example, see the  Swagger 2.0 specification. Described below are the WSO2-specific ones.

  • x-wso2-scopes: The list of scope elements that you want to define. Each element has the below fields. See OAuth Scopes.
    • description: Scope description
    • roles: Allowed roles
    • name: Scope Name
    • key: Scope Key
  • x-auth-type: Authentication type of the method.
  • x-throttling-tier: Throttling tier of the method.
  • x-scope: OAuth scope of the method. This must be one of the list of element you define in x-wso2-scopes.

The following image shows the WSO2-specific parameters we describe here. Also see Resources under Key Concepts for more information.

Endpoints*

This example adds an HTTP production endpoint: endpoint_config={"production_endpoints":{"url":"<URL>","config": {"format":"leave-as- is","optimize":"leave-as-is"," actionSelect":"fault"," actionDuration":60000} },"endpoint_type":"http"}

To give advanced endpoint configurations, add the JSON implementation inside "config:{}." If you don't have any advanced configurations, set it to null as "config":null.

You add sandbox endpoints in the same way. The only difference is that instead of production_endpoints , you give sandbox_endpoints .

If you want to add other types of endpoints, follow the examples below. Note that the endpoint_type of of both HTTP and HTTPS endpoints should be HTTP.

  • For address endpoints:
    endpoint_config={"production_ endpoints":{"url":" http://service.endpoint.com ","config" :null},"endpoint_type":" address"}
  • For failover endpoints:
    endpoint_config={"production_ endpoints":{"url":" http://service.endpoint.com ","config" :null}, "production_failovers":{"url" :" http://failover1.endpoint.com ","config":null}, {"url":" http://failover2.endpoint.com ","config":null}], "sandbox_failovers":[]," endpoint_type":"failover"}
  • For load balanced endpoints:
    endpoint_config" {"production_endpoints":[{" url":" http://service.endpoint1.com ","config":null}, {"url":" http://service.endpoint2.com ","config":null}] , "algoCombo":"org.apache. synapse.endpoints.algorithms. RoundRobin","failOver":"True", "algoClassName":"org.apache. synapse.endpoints.algorithms. RoundRobin", "sessionManagement":" simpleClientSession"," sessionTimeOut":30,"endpoint_ type":"load_balance"}
Endpoint security scheme

endpointType=<secured|nonsecured>

The default is non-secured but if you select 'secured', you must pass the credentials as follows: endpointType=secured&endpointAuthType=<basicAuth|digestAuth>&epUsername=<your username>& epPassword=<the password>

Make default version

To mark this version of the API as the default version from a group of versions, give default_version_checked=default_version .

The Default Version option means that you make this version the default in a group of different versions of the API. A default API can be invoked without specifying the version number in the URL. For example, if you mark  http://host:port/youtube/2.0  as the default version when the API has 1.0 and 3.0 versions as well, requests made to http://host:port/youtube/ get automatically routed to version 2.0. 

If you mark any version of an API as the default, you get two API URLs in its Overview page in the API Store. One URL is with the version and the other is without. You can invoke a default version using both URLs.

If you mark an unpublished API as the default, the previous default, published API will still be used as the default until the new default API is published (or prototyped).

Tier Availability* tiersCollection=<Gold,Silver,Bronze,Unlimited>
Transports

http_checked=http&https_checked=https

Both are selected by default. If you want to set only the HTTP transport, leave the https_checked parameter empty as http_checked=http&https_checked=&.

Sequences

If you want to engage a custom sequence to the API, give inSequence=<sequence name>&outSequence=<sequence name> . This tutorial explains how to create sequences and add them to the registry.

Response caching

responseCache=<enabled|disabled>

 It is disabled by default but if you enable it, pass the response cache timeout as follows: responseCache=enabled& cacheTimeout=300

See Configuring Caching for more information.

Subscriptions

By default, subscription is allowed to the current tenant only.

Add the argument subscriptions=all_tenants to enable subscriptions to this API by all tenants. To enable subscription to selected tenants, use subscriptions=specific_tennats&tenants=<tenant name>. For example, &subscriptions=all_tenants.

See API visibility and subscription for more information.

Business information

Add a section like this: bizOwner=<name>&bizOwnerMail=<e-mail address>&techOwner=<name>&techOwnerMail=<e-mail address>

HTTP MethodsPOST
Example

curl -X POST -b cookies http://localhost:9763/publisher/site/blocks/item-add/ajax/add.jag -d "action=addAPI&name=PhoneVerification&context=/phoneverify&version=1.0.0&visibility=public&thumbUrl=&description=Verify a phone number&tags=phone,mobile,multimedia&endpointType=nonsecured&tiersCollection=Gold,Bronze&http_checked=http&https_checked=https&resourceCount=0&resourceMethod-0=GET&resourceMethodAuthType-0=Application&resourceMethodThrottlingTier-0=Unlimited&uriTemplate-0=/*&default_version_checked=default_version&bizOwner=xx&bizOwnerMail=xx@ee.com&techOwner=xx&techOwnerMail=ggg@ww.com" -d 'endpoint_config={"production_endpoints":{"url":" http://ws.cdyne.com/phoneverify/phoneverify.asmx","config":null},"endpoint_type":"http "}';

Add API with Path Parameter

DescriptionAdd a new API with path parameter
URI

http://localhost:9763/publisher/site/blocks/item-add/ajax/add.jag

URI Parameters

action=addAPI&name=xxx&context=/xxx&version=1.0.0&visibility=xxx&thumbUrl=&description=xxx&tags=xxx&endpointType=xxx&tiersCollection=xxx&http_checked=http&https_checked=https" -d 'swagger=xxx

HTTP MethodsPOST
Example

curl -X POST -b cookies http://localhost:9763/publisher/site/blocks/item-add/ajax/add.jag -d "action=addAPI&name=SampleApi&context=/sample&version=1.0.0&visibility=public&thumbUrl=&description=Verify a phone number&tags=phone,mobile,multimedia&endpointType=nonsecured&tiersCollection=Gold,Bronze&http_checked=http&https_checked=https" -d 'swagger={"paths" : {"/estimate/" : {"get" : {"x-auth-type" : "Application%20%26%20Application%20User", "x-throttling-tier" : "Unlimited", "responses" : {"200" : {}}, "parameters" : [{"name" : "id", "paramType" : "path", "required" : false, "type" : "string", "description" : "Phone Number", "in" : "path"}]}}}, "swagger" : "2.0", "x-wso2-security" : {"apim" : {"x-wso2-scopes" : [{"description" : "", "name" : "read_number", "roles" : "admin", "key" : "read_number"}]}}, "info" : {"title" : "SampleApi", "version" : "1.0.0"}}' -d 'endpoint_config={"production_endpoints":{"url":"http://ws.cdyne.com/phoneverify/phoneverify.asmx","config":null},"endpoint_type":"http"}'

Update API

DescriptionUpdate an existing API
URIhttp://localhost:9763/publisher/site/blocks/item-add/ajax/add.jag
URI Parameters

Parameters are same as in Add API except that action = updateAPI and you can only update the following parameters: visibility, t humbUrl, description, tags, endpointType, endpoint_config (can change the endpoint URL etc,) http_checked, https_checked, tiersCollection, swagger and can also add new resources. See example below.

HTTP MethodsPOST
Example

Update API : curl -X POST -b cookies http://localhost:9763/publisher/site/blocks/item-add/ajax/add.jag -d "action=updateAPI&name=PhoneVerification&provider=admin&version=1.0.0&visibility=public&description=Youtube Live Feeds&endpointType=nonsecured&http_checked=http&https_checked=https&tags=youtube,gdata,multimedia&tier=Silver&thumbUrl=http://www.10bigideas.com.au/www/573/files/pf-thumbnail-youtube_logo.jpg&context=/youtube&tiersCollection=Gold,silverSilver&resourceCount=0&resourceMethod-0=GET&resourceMethodAuthType-0=Application&resourceMethodThrottlingTier-0=Unlimited&uriTemplate-0=/*"  -d 'endpoint_config={"production_endpoints":{"url":"http://gdata.youtube.com/feeds/api/standardfeeds","config":null},"endpoint_type":"http"}';

Publishing an API to external Store

DescriptionPublish an API to external store
URI

http://localhost:9763/publisher/site/blocks/item-external/ajax/external.jag

URI Parameters

action=updateExternal&name=xxx&version=xxx&provider=xxx&externalAPIStores=<external-store-1>::<external-store-2>::<external-store-3>

Note

:: sign is used to seperate the list of API stores

HTTP MethodsPOST
Example

updateExternal : curl -X POST -b cookies http://localhost:9763/publisher/site/blocks/item-external/ajax/external.jag -d "action=updateExternal&name=PhoneVerification&version=1.0.0&provider=admin&externalAPIStores=exstore2::exstore3

Tip

This API can be used to unpublish an API from a given API store as well. If we remove the particular store ID and call the API once again, that API will get unpublished from the external stores which are not mentioned in the request.
For example, if you want to remove the API from exstore2 and keep it published in exstore3, the following is the cURL command you need to use.


curl -X POST -b cookies http://localhost:9763/publisher/site/blocks/item-external/ajax/external.jag -d 
"action=updateExternal&name=sampleAPI&version=v1&provider=admin@wso2.com&externalAPIStores=exstore3"

If you want to remove the API from all the stores, provide '::' as the externalAPIStores parameter value.

Get All APIs

DescriptionLists all the created APIs.
URIhttp://localhost:9763/publisher/site/blocks/listing/ajax/item-list.jag
URI Parameters?action=getAllAPIs
HTTP MethodsGET
Example

curl -b cookies   http://localhost:9763/publisher/site/blocks/listing/ajax/item-list .jag ?action=getAllAPIs

...

DescriptionChange the API's status.
URI http://localhost:9763/publisher/site/blocks/life-cycles/ajax/life-cycles .jag
URI Parameters

action=updateStatus&name=xxx&version=1.0.0&provider=apiCreateName&status=PUBLISHED&publishToGateway=true&requireResubscription=true

HTTP MethodsPOST
Example

curl -X POST -b cookies 'http://localhost:9763/publisher/site/blocks/life-cycles/ajax/life-cycles.jag' -d 'action=updateStatus&name=PhoneVerification&version=1.0.0&provider=admin&status=PUBLISHED&publishToGateway=true&requireResubscription=true'

...

DescriptionRemove an API document.
URI   http://localhost:9763/publisher/site/blocks/documentation/ajax/docs.jag
URI Parameters

action=removeDocumentation&provider=xxx&apiName=xxx&version=xxx&docName=xxx&docType=xxx

HTTP MethodsPOST
Example

curl -X POST -b cookies http://localhost:9763/publisher/site/blocks/documentation/ajax/docs.jag -d "action=removeDocumentation&provider=admin&apiName=PizzaShackAPI&version=1.0.0&docName=Sample&docType=HowTo"

...

DescriptionGet the list of all the API creators.
URI

http://localhost:9763/publisher/site/blocks/stats/api-usage-user/ajax/stats.jag

Request Headers

"Content-Type" -> "application/x-www-form-urlencoded"
“Cookie” -> “JSESSIONID=29FCD6CF81BED3701B2F0FD00A7D14B6574F6BF4AF4F4A4D3E6DA7CE1DB8AC82882E3CDBE32C2037AF6F6FCB926B0F649E5833EC2D7AA07FC3A56654883CB972C3F6910B6100C5C7DF5386D3CE2F20316B779550BDE58F40160C48BCC8E189EB0EDFAEF671B7787BBC4767E3FDCC8BFB80DC658578A1D157901F3FFF76858C7B; Path=/publisher/; Secure; HttpOnly”

HTTP MethodsPOST
Payload action=getAPIUsageByUser&currentLocation=/publisher/site/pages/all-statistics.jag&fromDate=2014-05-10 00:00:00&toDate=2016-12-16 13:41:13&apiFilter=allAPIs
Example

curl -v -b cookies -XPOST -H "Content-type: application/x-www-form-urlencoded" -d 'action=getAPIUsageByUser&currentLocation=/publisher/site/pages/all-statistics.jag&fromDate=2014-05-10 00:00:00&toDate=2016-12-16 13:41:13&apiFilter=allAPIs' ' http://localhost:9763/publisher/site/blocks/stats/api-usage-user/ajax/stats.jag '

Sample Response

< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 09 Jan 2017 05:13:07 GMT
< Content-Type: application/json;charset=UTF-8
< Content-Length: 239
< Connection: keep-alive
< Strict-Transport-Security: max-age=15768000
< X-Frame-Options: DENY
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
{"error" : false, "usage" : [{"apiName" : "buzzwordapi", "version" : "1.0.0", "userID" : "sabra.wso2.com@sabraorg", "count" : 14}, {"apiName" : "buzzwordapinew", "version" : "1.0.0", "userID" : "sabra.wso2.com@sabraorg", "count" : 1}]}

...