Unknown macro: {next_previous_links}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

WSO2 Application Server is shipped with a REST Client by default in order to invoke and test an API through the API Store. WSO2 REST Client has a simple Web interface and facilitates a range of HTTP verbs from simple GET method to POST, PUT, DELETE, OPTIONS. It also includes capability to move data around in header and payload fields. The REST Client is a useful alternative to similar tools like cURL.

Follow the instructions below to invoke the REST Client.

1. Open the API Store (https://<YourHostName>:9443/store) in a Web browser.

2. The "REST Client" menu appears under the "Tools" menu.

3. The REST Client application will open on a global level.


4. For example, shown below is how the "TwitterSearch" API created in sample Access Twitter's Search Using an API can be invoked using the REST Client.

API Key

The <API Key> is generated when subscribing to an API and is passed in the Authorization header as a value of "Bearer". For example, if the the <API Key> generated by the API Manager is "wU62DjlyDBnq87GlBwplfqvmAbAa", the Authorization header looks as shown below:

Authorization: Bearer wU62DjlyDBnq87GlBwplfqvmAbAa

The API key is passed in the Authorization header of the message, prefixed by the string "Bearer". This is because, WSO2 API Manager enforces OAuth security on all the published APIs. Any consumer that talks to the API Manager should send their credential (application key) as per the OAuth bearer token profile. If you don't send an application key or send a wrong key, you will receive a 401 Unauthorized response in return.

API URL

The API URL takes the form http://host:8280/<context>/<version>/<back end service requirements included as parameters>. For example,

http://host:8280/phoneverify/1.0.1/CheckPhoneNumber?PhoneNumber=XXXX&LicenseKey=0
Request Limit

Each tier that is selected when subscribing to an API, allows only a limited number of requests. For example, if a consumer subscribed to an API using the "Gold" tier which only allows 20 requests per minute, after 20 requests, the throttling policy will kick in and the user will start receiving 503 responses.


  • No labels
Unknown macro: {next_previous_links2}