Store APIs

The following Store APIs are deprecated and will be unsupported in a future release. They are provided below for reference by existing users. For a complete list of the currently supported Store APIs, go to https://docs.wso2.com/display/AM250/apidocs/store/.

Note: When you access any API other than the login and logout APIs through an external REST client such as cURL, first invoke the login API to ensure that user is authenticated. When the login API is invoked, the system stores the generated session cookie in a file, which we use in the next API invocations.

The responses is a JSON message.

Description	Log in to API Store.
URI	http://localhost:9763/store/site/blocks/user/login/ajax/login.jag
URI Parameters	`action=login&username=<username>&password=<password>`
HTTP Methods	POST
Example	`curl -X POST -c cookies http://localhost:9763/store/site/blocks/user/login/ajax/login.jag -d 'action=login&username=admin&password=admin'`

Logout

Description	Log out from API Store.
URI	http://localhost:9763/store/site/blocks/user/login/ajax/login.jag?action=logout
URI Parameters	`?action=logout`
HTTP Methods	GET
Example	`curl -b cookies http://localhost:9763/store/site/blocks/user/login/ajax/login.jag?action=logout`

User Signup

Description	Add a new API Consumer.
URI	http://localhost:9763/store/site/blocks/user/sign-up/ajax/user-add.jag
URI Parameters	`action=addUser&username=<username>&password=<password>&allFieldsValues=<first_name>\|<last_name>\|<organization>\|<country>\|<email>\|<land>\|<mobile>\|<IM>\|<url>` The parameters listed above (e.g., <first_name>, <country>) are based on the claims that are enabled by default for the http://wso2.org/claims claim dilect and also based on the display orders of the claim. If you enable or add anymore claims, you need to add them as URI parameters based on the display order of the claim.
HTTP Methods	POST
Example	`curl 'http://localhost:9763/store/site/blocks/user/sign-up/ajax/user-add.jag' -H 'Accept: application/json' --data 'action=addUser&username=kimhill&password=kimhill1234&allFieldsValues=Kim\|Hill\|ABC Network\|USA\|kim@abcnetwork.com\|0016269934122\|0016269934134\|kimhill\|www.abcNsounds.org/'`

Search APIs

Description	Search for APIs using a given query.
URI	http://localhost:9763/store/site/blocks/search/api-search/ajax/search.jag
URI Parameters	`action=searchAPIs&query=<query>&start=<number>&end=<number>` The `start` and `end` parameters determine the range of APIs you want to retrieve. For example, if start=1 and end=3, the first 3 APIs that appear in the search results will be returned. Note that both 0 and 1 represent the first API in the search results, so start=0 and start=1 both means the same.
HTTP Methods	POST
Example	`curl -X POST -b cookies "http://localhost:9763/store/site/blocks/search/api-search/ajax/search.jag" -d "action=searchAPIs&query=test&start=0&end=3"`

Get all Paginated Published APIs

Description	Get a list of all published APIs in paginated form so that browsing is easier.
URI	http://localhost:9763/store/site/blocks/api/listing/ajax/list.jag
URI Parameters	action=getAllPaginatedPublishedAPIs, tenant, start, end, returnAPITags (optional) The `start` and `end` parameters determine the range of APIs you want to retrieve. For example, if start=1 and end=10, the first 10 APIs that appear in the API Store will be returned. The `returnAPITags` parameter is optional. If `returnAPITags=true`, the system makes a call to the registry and returns the tags of each API in the response.
HTTP Methods	GET
Example	To get the first 100 APIs in the API Store: `curl -b cookies "http://localhost:9763/store/site/blocks/api/listing/ajax/list.jag?action=getAllPaginatedPublishedAPIs&tenant=carbon.super&start=1&end=100"`

Please note that the getAllPublishedAPIs API is now deprecated. You can get the same functionality from getAllPaginatedPublishedAPIs.

Add an Application

Description	Add a new application.
URI	http://localhost:9763/store/site/blocks/application/application-add/ajax/application-add.jag
URI Parameters	`action=addApplication&application=xxx&tier=xxx&description=xxx`
HTTP Methods	POST
Example	`curl -X POST -b cookies http://localhost:9763/store/site/blocks/application/application-add/ajax/application-add.jag -d 'action=addApplication&application=NewApp1&tier=Unlimited&description='`

Update an Application

Description	Update an existing application.
URI	http://localhost:9763/store/site/blocks/application/application-update/ajax/application-update.jag
URI Parameters	`action=updateApplication&applicationOld=<application_name>&applicationNew=<application_name>&callbackUrlNew=xxx&descriptionNew=xxx&tier=<tier_name>`
HTTP Methods	POST
Example	`curl -X POST -b cookies http://localhost:9763/store/site/blocks/application/application-update/ajax/application-update.jag -d 'action=updateApplication&applicationOld=NewApp1&applicationNew=NewApp2&tier=Unlimited&descriptionNew=&callbackUrlNew'`

Get Applications

Description	Get list of applications.
URI	http://localhost:9763/store/site/blocks/application/application-list/ajax/application-list.jag
URI Parameters	`?action=getApplications`
HTTP Methods	GET
Example	`curl -b cookies http://localhost:9763/store/site/blocks/application/application-list/ajax/application-list.jag?action=getApplications`

Get an Application by Name

Description	Get details of a single application by name.
URI	http://localhost:9763/store/site/blocks/application/application-list/ajax/application-list.jag
URI Parameters	`?action=getApplicationByName&applicationName=$APP_NAME`
HTTP Methods	GET
Example	`curl -b cookies 'http://localhost:9763/store/site/blocks/application/application-list/ajax/application-list.jag?action=getApplicationByName&applicationName=$APP_NAME'`

Remove an Application

Description	Remove an existing application.
URI	http://localhost:9763/store/site/blocks/application/application-remove/ajax/application-remove.jag
URI Parameters	`action=removeApplication&application=<application_name>`
HTTP Methods	POST
Example	`curl -X POST -b cookies http://localhost:9763/store/site/blocks/application/application-remove/ajax/application-remove.jag -d "action=removeApplication&application=NewApp2"`

Generate an Application Key

Description	Generate the key and secret values for a new application.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters	`action=generateApplicationKey&application=<app_name>&keytype=<PRODUCTION\|SANDBOX>&callbackUrl=<URL>&authorizedDomains=<The domains from which requests are allowed to the APIs>&validityTime=<time duration in seconds>&tokenScope` `tokenScope` is given in the request when your API has Auth scopes defined. See OAuth scopes.
HTTP Methods	POST
Examples	`curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=generateApplicationKey&application=NewApp1&keytype=PRODUCTION&callbackUrl=&authorizedDomains=ALL&validityTime=360000'` `curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=generateApplicationKey&application=NewApp1&keytype=SANDBOX&callbackUrl=&authorizedDomains=ALL&validityTime=360000& tokenScope=scope1'`

Update an Application Key

Description	Update the key and secret values for an application.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters	action=updateClientApplication& application=<app_name>&keytype=<PRODUCTION\|SANDBOX> &callbackUrl=<URL>& authorizedDomains=<The domains from which requests are allowed to the APIs>& validityTime=<time duration in seconds>&tokenScope `tokenScope` is given in the request when your API has Auth scopes defined. See OAuth scopes.
HTTP Methods	POST
Examples	curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=updateClientApplication&application=NewApp1&keytype=PRODUCTION &callbackUrl=& authorizedDomains=ALL&validityTime=360000' curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=updateClientApplication&application=NewApp1&keytype=SANDBOX&callbackUrl=&authorizedDomains=ALL&validityTime=360000& tokenScope=scope1 '

Add a Subscription

Description	Add a new API subscription.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters	By application name: `action=addAPISubscription&name=xxx&version=xxx&provider=xxx&tier=xxx&applicationName=xxx` By application ID: `action=addSubscription&name=xxx&version=xxx&provider=xxx&tier=xxx&applicationId=xxx`
HTTP Methods	POST
Example	By application name: `curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=addAPISubscription&name=TestAPI&version=1.0.0&provider=admin&tier=Gold&applicationName=DefaultApplication'` By application ID: `curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=addSubscription&name=TestAPI&version=1.0.0&provider=admin&tier=Gold&applicationId=1'`

List Subscriptions

Description	List all applications with active subscriptions, along with the access key information of each application.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag
URI Parameters	action=getAllSubscriptions, selectedApp (optional) You can give an application's name in the s `electedApp` parameter. The API then returns the given application's s ubscribed APIs and access key information. If you do not specify this parameter, only the first application in the retrieved application list will contain subscribed API details, in addition to the access key information.
HTTP Methods	GET
Examples	`curl -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag?action=getAllSubscriptions` `curl -b cookies 'http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag?action=getAllSubscriptions &selectedApp=NewApp1'`

List Subscriptions by Application

Description	List all API subscriptions of a given application.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag
URI Parameters	`action=getSubscriptionByApplication&app=<application_name>`
HTTP Methods	GET
Example	`curl -b cookies 'http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag?action=getSubscriptionByApplication&app=DefaultApplication '`

List Subscriptions by API

Description	List all subscriptions of a given API.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag
URI Parameters	`action=getSubscriptionByAPI&apiName=xxx&apiVersion=xxx&provider=xxx`
HTTP Methods	GET
Example	`curl -b cookies 'http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag?action=getSubscriptionByAPI&apiName=MyAPI&apiVersion=1.0.0&provider=admin'`

Remove a Subscription

Description	Remove an API subscription.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-remove/ajax/subscription-remove.jag
URI Parameters	By application name: `action=removeSubscription&name=xxx&version=xxx&provider=xxx&applicationName=xxx` By application Id: `action=removeSubscription&name=xxx&version=xxx&provider=xxx&applicationId=xxx`
HTTP Methods	POST
Example	By application Name: `curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-remove/ajax/subscription-remove.jag -d 'action=removeSubscription&name=PhoneVerification&version=1.0.0&provider=admin&applicationName=DefaultApplication'` By application Id: `curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-remove/ajax/subscription-remove.jag -d 'action=removeSubscription&name=PhoneVerification&version=1.0.0&provider=admin&applicationId=1'`

Delete an OAuth Application

Description	Deletes an OAuth application in a third-party Authorization Server. If you delete it through the API Store UI, only the mapping that is maintained in the API Manager side will be deleted.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters	`action=deleteAuthApplication&consumerKey=<application_key>`
HTTP Methods	POST
Example	`curl -k -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=deleteAuthApplication&consumerKey=4lHddsxCtpFa2zJE1EbBpJy_NIQa'`

Provision an Out-of-Band OAuth Client

Description	Provisions an OAuth client that was created out-of-band.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters	`action=mapExistingOauthClient&application=<APPLICATION NAME>&keytype=PRODUCTION/SANDBOX&callbackUrl=<URL>&authorizedDomains=<authorized_domains>&` `validityTime=<time duration in seconds>&client_id=<client-ID>` `<authorized_domains>`= The domains from which requests are allowed to the APIs.
HTTP Methods	POST
Example	`curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=mapExistingOauthClient&application=NewApp1&keytype=PRODUCTION&callbackUrl=google.com&authorizedDomains=ALL&validityTime=3600&client_id=mPbgvinvpEk1QcSrw962TLICriUa& jsonParams={"username":"admin","key_type":"PRODUCTION","client_secret":"ynEI1ugq1_RCTJ9bM8jtD9RCsdoa","validityPeriod":"3600","client_id":"mPbgvinvpEk1QcSrw962TLICriUa"}'`

Clean Partially Created Keys

Description	Cleans any partially created keys from the API Manager database, before adding a new subscription. Partially created keys can remain in the API Manager databases when an OAuth application of a third-party authorization server gets deleted using the API Store UI. It only deletes the mapping that is maintained in the API Manager side.
URI	http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters	`action=cleanUpApplicationRegistration&applicationName=xxx&keyType=PRODUCTION/SANDBOX'`
HTTP Methods	POST
Example	`curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=cleanUpApplicationRegistration&applicationName=DefaultApplication&keyType=PRODUCTION'`

Get all Documentation

Description	Get all documents create for a given API
URI	http://localhost:9763 /store/site/blocks/api/listing/ajax/list.jag
URI Parameters	`action=getAllDocumentationOfApi&name=<API_name>&version=x.x.x&provider=<API_provider_name>"`
HTTP Methods	GET
Example	`curl -b cookies "http://localhost:9763/store/site/blocks/api/listing/ajax/list.jag?action=getAllDocumentationOfApi&name=PhoneVerification&version=1.0.0&provider=admin"`

Get the Contents of a File Document

Description	Get the contents of a file that is attached to API documentation of type 'File'
URI	http://localhost:9763/store/site/blocks/api/documentation/view/ajax/file-docs.jag
URI Parameters	`action=getFileDocumentByFilePath&filePath=<file_path> <file_path>`- Get the file path using`getAllDocumentationOfApi`
HTTP Methods	GET
Example	`curl -b cookies "http://localhost:9763/store/site/blocks/api/documentation/view/ajax/file-docs.jag?action=getFileDocumentByFilePath&filePath=/registry/resource/_system/governance/apimgt/applicationdata/provider/admin/host/1.0.0/documentation/files/test.txt''`

Add an API Comment

Description	Add a comment to an API.
URI	http://localhost:9763/store/site/blocks/comment/comment-add/ajax/comment-add.jag
URI Parameters	`action=addComment&name=xxx&version=xxx&provider=xxx&comment=xxx`
HTTP Methods	POST
Example	`curl -X POST -b cookies http://localhost:9763/store/site/blocks/comment/comment-add/ajax/comment-add.jag -d 'action=addComment&name=CalculatorAPI&version=1.0&provider=admin&comment=test comment'`

Get all Endpoint URLs

Description	Get all the endpoint URLs of the API Gateway environments configured for an API.
URI	http://localhost:9763/store/site/blocks/api/api-info/ajax/api-info.jag
URI Parameters	`action=getAPIEndpointURLs&name=xxx&version=x.x.x&provider=xxx`
HTTP Methods	POST
Example	`curl -X POST -b cookies http://localhost:9763/store/site/blocks/api/api-info/ajax/api-info.jag -d 'action=getAPIEndpointURLs&name=CalculatorAPI&version=1.0&provider=admin'`

Get all Available Tiers

Description	Get all the tiers available in the deployment.
URI	http://localhost:9763/store/site/blocks/item-add/ajax/add.jag
URI Parameters	`action=getTiers`
HTTP Methods	GET
Example	`curl -b cookies http://localhost:9763/store/site/blocks/item-add/ajax/add.jag?action=getTiers`

Update Grant Types

Description	Edit default grant types and add new grant types
URI	https://localhost:9443/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters	action=updateClientApplication&application=<Application_Name>&keytype=<Type of the key>&jsonParams=<URL encoded JSON>&callbackUrl=<callBackURL>
HTTP Methods	GET
Example	`curl 'https://localhost:9443/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag' -H 'Content-Type: application/x-www-form-urlencoded' -d 'action=updateClientApplication&application=DefaultApplication&keytype=PRODUCTION&jsonParams=%7B%22grant_types%22%3A%22refresh_token%2Curn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Asaml2-bearer%2Cpassword%2Ciwa%3Antlm%2Cclient_credentials%22%7D&callbackUrl=' -k -b cookies` To create a list of the grant types to be encoded Write a JSON string with the required grant types. {"grant_types":"refresh_token,urn:ietf:params:oauth:grant-type:saml2-bearer,password,iwa:ntlm,client_credentials"} Encode them with a URL encoder. Use the encoded value for the `jsonParams` parameter as shown in the sample cURL command given above.

You can also invoke these APIs using mutual SSL authentication. Follow the instructions below to enable this:

Go to <APIM_HOME>/repository/conf/tomcat/catalina-server.xml and set the clientAuth attribute to want.

<Connector  protocol="org.apache.coyote.http11.Http11NioProtocol"
    port="9443"
	...
    clientAuth="want"
    ...
/>

For each Store API, attach the X509Certificate and pass the MutualAuthUserName parameter in the header.
Ensure that both client and the server have each other's certificates in the trust store.