Versions Compared

Version Old Version 1 New Version Current
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Link to non authentic API invocation WSODOCINTERNAL-1183

...

  1. Sign in to the WSO2 API Publisher.
    https://<hostname>:9443/publisher
  2. In the APIS menu, click Add New API.
  3. Select I Have an Existing API. Click Swagger URL and give http://petstore.swagger.io/v2/swagger.json  as the URL. Click Start Creating.

  4. Edit the information as given below.

    FieldSample value
    NamePetstore
    Context/petstore
    Version1.0.0

  5. Notice that all the API resources are created automatically when the Swagger URL is specified.
  6. Click Edit Source to edit the Swagger file and remove security headers. This is required to invoke the API in the Store using the Swagger UI.

  7. Remove the security tag from the /pet POST resource given below. This is required to enable API invocation using the API (store) console.

    Code Block
    titleSwagger - Post resource
    //remove the following code snippet
security:
        - petstore_auth:
            - 'write:pets'
            - 'read:pets'

  8. Remove the security pet/{petId} GET resource given below:

    Code Block
    titleSwagger - Get resource
    //remove the following code snippet

security:
        - api_key: []
  9. After removing the security tags, click Apply Changes to save the changes.

    Then, click Next: Implement.

  10. Click the Managed API option. Enter the information shown below and click Next: Manage.

    FieldSample value
    Endpoint typeHTTP/REST endpoint
    Production endpoint
    http://petstore.swagger.io/v2/
    Sandbox endpointProviding only the production endpoint is sufficient.

  11. Select the options described in the table below.

    FieldSample valueDescription
    TransportsHTTP and HTTPSThe transport protocol on which the API is exposed.  Both HTTP and HTTPS transports are selected by default. If you want to limit API availability to only one transport (e.g., HTTPS), un-check the other transport.
    Subscription TiersGold, SilverThe API can be available at different levels of service. They allow you to limit the number of successful hits to an API during a given period of time.

    Note

    For more information on API authentication (e.g., non authentic API invocation), see HTTP methods.

  12. Click Save & Publish

Now you have successfully published an API using a Swagger defintion.

...