Invoking APIs
There is a number of utilities available for invoking APIs. Some of them are covered in the following topics:
Browser-based REST clients
WSO2 API Manager comes with a REST Client by default. It helps you to invoke and test an API through the API Store. WSO2 REST Client has a simple Web interface and facilitates a range of HTTP verbs from simple GET method to POST, PUT, DELETE, OPTIONS. It also includes capability to move data around in header and payload fields. The REST Client is a useful alternative to similar tools like cURL.
Follow the instructions below to invoke the REST Client.
- Open the API Store (
https:
//<YourHostName>:9443/store
) in a Web browser. - The REST Client menu appears under the Tools menu at the top of the screen. Clicking it opens the REST client on a global level.
 - For example, shown below is how to invoke Google API using the REST Client.
API URL
The API URL takes the form http://host:8280/<context>/<version>/<back end service requirements included as parameters>
. For example, http://localhost:8280/stock/1.0.0
.
Header
In the above request, the application key generated at the time a user subscribes to an API is passed with the authorization header, which is prefixed by the string "Bearer". This is because, WSO2 API Manager enforces OAuth security on all the published APIs. Any consumer that talks to the API Manager should send their credential (application key) as per the OAuth bearer token profile. If you don't send an application key or send a wrong key, you will receive a 401 Unauthorized response in return.
The number of API calls you can make depends on the throttling tier applied to the API. For example, if a Bronze tier is applied, the number of API calls is limited to 1 per minute. Another attempt to call the API during that time results in a throttling error.