Versions Compared

Version Old Version 1 New Version Current
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated step 10

You You subscribe to  to a published API before using it in your applications. Subscription enables you to receive access tokens and be authenticated to invoke the API.

Note

See the following topics for a description of the concepts that you need to know when subscribing to an API:

The examples here use the PhoneVerification REST API REST API, which is created in the section section Create and Publish an API.

  1. Sign in to the WSO2 API Store (https://<hostname>:9443/store) and click on an API (e.g., PhoneVerification 1.0.0) to open it.

    Tip

    In a multi-tenanted WSO2 API Manager setup, you can access any tenant's store using the URL http://<hostname>:<port>/store?tenant=<tenant_name>.

  2. Note the subscription options for the REST API.
    Image Removed Image Added

  3. Click the Applications menu  menu and click click Add Application to  to create a new application. 

  4. Enter the name as TestApp and select the per token quota as 50PerMin for the application and click click Add
  5. Click Click APIs and  and click the PhoneVerification API to view the API's subscription options.
  6. Select the application that you just created, a tier, and click Subscribe.

  7. Click the View Subscriptions button when prompted. 
    The The Subscriptions tab  tab opens.

  8. Anchor
    step8
    step8
    Click the Production Keys tab.

    Note

    If you have a supported callback URLthat sends a callback to a specific server or program soon after your application request is sent, you can specify it under the Callback URL field in the Production Keys tab.

    Anchor
    GenerateKey
    GenerateKey

  9. Click Click Generate Keys to  to create an application access token. You can use this token to invoke all APIs that you subscribe to using the same application. 

    Tip

    You can set a token validity period in the Access token validity period text box. By default, it is set to one hour. If you set a minus value (e.g., -1), the token never expires.

    Info

    By default, the Client Credentials grant type is used to generate the access token. Make sure the Client Credentials grant type is selected when generating keys from the UI. For more information on how to generate supported grant types of WSO2 API Manager, see Token API.

    Tip
    titleAccess Tokens with specific Scopes

    Access tokens can be generated for specific scopes. A scope acts as a limiting factor on what API resources can be accessed using a token. To generate an access token corresponding to a scope, use the drop down menu under Scopes and select the required scope parameter.

    Note

    If you are using WSO2 Identity Server 5.36.0 as the Key Manager for your API Manager deployment, generating keys will result in the creation of a Service Provider in the Identity Server.

  10. Install Install cURL if  if it is not already installed. 

    Info

    cURL comes by default in some operating systems. You can also use a REST client instead.


    1. Open the command line and execute the following cURL command:

      Localtabgroup
      Localtab
      activetrue
      titleFormat
      Code Block
      curl -k -H "Authorization: Bearer <access_token>" -v '<api_
    url><payload>'Be sure to replace the placeholders 
    1. url>'
      Localtab
      titleExample
      Code Block
      curl -k -H "Authorization :Bearer 3dfafa3a-b1e3-3550-8a25-88e4b4fe2fb3" 'https://localhost:8243/phoneverify/1.0.0/CheckPhoneNumber?PhoneNumber=18006785432&LicenseKey=0'

      In the above example, the placeholders mentioned in the cURL command format are replaced as follows:

        • <access token>: Give the test token generated in step 8. Click Applications, click on the respective application, which in this case is TestApp, click Production Key, and click copy button to copy the access token.

          Warning

          Make sure you have updated the flash plugin in your web browser in order to get the copy button working.

          Image Modified

     

        • <API URL>: Click the respective API, in this case, PhoneVerification - 1.0.0. When the API's Overview tab appears in the API Store, copy the production URL and append the

    payload

        • required query params to it.
          For example,

     
    Image Removed Localtab
    titleExample
    Code Blockcurl -k -H "Authorization :Bearer 3dfafa3a-b1e3-3550-8a25-88e4b4fe2fb3" 'https://localhost:8243/phoneverify/1.0.0/CheckPhoneNumber?PhoneNumber=18006785432&LicenseKey=0'


        • The above example is made up as follows:
          <API-endpoint>/<resource>?<query-parameter-1>=<query-parameter-1-value>&<query-parameter-2>=<query-parameter-2-value>

          Image Added

      Localtab
      titleOutput

      Note the result <Valid>true</Valid> that appears in the command line.

      Code Block
      <?xml version="1.0" encoding="utf-8"?>
<PhoneReturn xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://ws.cdyne.com/PhoneVerify/query">
  <Company>Toll Free</Company>
  <Valid>true</Valid>
  <Use>Assigned to a code holder for normal use.</Use>
  <State>TF</State>
  <RC />
  <OCN />
  <OriginalNumber>18006785432</OriginalNumber>
  <CleanNumber>8006785432</CleanNumber>
  <SwitchName />
  <SwitchType />
  <Country>United States</Country>
  <CLLI />
  <PrefixType>Landline</PrefixType>
  <LATA />
  <sms>Landline</sms>
  <Email />
  <AssignDate />
  <TelecomCity />
  <TelecomCounty />
  <TelecomState>TF</TelecomState>
  <TelecomZip />
  <TimeZone />
  <Lat />
  <Long />
  <Wireless>false</Wireless>
</PhoneReturn>
      Info
      titleTroubleshooting

      If you get an error that states "Invalid Credentials", carryout the following steps to overcome the error. This error is a result of the access token expiring. The default validity period of the access token is 1 hour.

      1. You can update the token validity period in the Access token validity period text box so that the access token is valid for a longer period, or you can even set a minus value (e.g., -1) so that the token never expires.

      2. Re-generate the access token.
        Click Applications, click the respective application (i.e., TestApp), click Production Keys, and click Re-generate. Thereafter, use the new access token when running the cURL commands.

  11. Similarly, invoke the POST method using the following cURL command:

    Localtabgroup
    Localtab
    activetrue
    titleFormat
    Code Block
    curl -k -H "Authorization :Bearer <access token>" --data "PhoneNumber=<phone_number>&LicenseKey=<license_key>" <api_url>
    Localtab
    titleExample
    Code Block
    curl -k -H "Authorization :Bearer 3dfafa3a-b1e3-3550-8a25-88e4b4fe2fb3" --data "PhoneNumber=18006785432&LicenseKey=0" https://localhost:8243/phoneverify/1.0.0/CheckPhoneNumber
    Localtab
    titleOutput
    Code Block
    <?xml version="1.0" encoding="utf-8"?>
<PhoneReturn xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://ws.cdyne.com/PhoneVerify/query">
  <Company>Toll Free</Company>
  <Valid>true</Valid>
  <Use>Assigned to a code holder for normal use.</Use>
  <State>TF</State>
  <RC />
  <OCN />
  <OriginalNumber>18006785432</OriginalNumber>
  <CleanNumber>8006785432</CleanNumber>
  <SwitchName />
  <SwitchType />
  <Country>United States</Country>
  <CLLI />
  <PrefixType>Landline</PrefixType>
  <LATA />
  <sms>Landline</sms>
  <Email />
  <AssignDate />
  <TelecomCity />
  <TelecomCounty />
  <TelecomState>TF</TelecomState>
  <TelecomZip />
  <TimeZone />
  <Lat />
  <Long />
  <Wireless>false</Wireless>
</PhoneReturn>

...