Invoke an API using the Integrated REST Client
You can use the default REST client in the API Store to invoke an API. It has a simple Web interface and facilitates a range of HTTP verbs (GET, POST, PUT, DELETE, OPTIONS), header and payload fields. Alternatively, you can use third-party tools like cURL or the Swagger API console.
See the following topics for a description of the concepts that you need to know when invoking an API:
The examples here use the PhoneVerification
API, which is created in section Create and Publish an API.
- Log in to the API Store.
- Click an API that you want to invoke (e.g.,
PhoneVerification
). - The API's Overview page opens. Select an application, the Bronze tier and subscribe to the API.
- Go to the My Subscriptions page and generate a production key to the default application using which you subscribed to the API.
- Copy the access token to the clipboard as you need it later to invoke the API.
- Click the RESTClient menu that appears under the Tools menu in the API Store.
The REST client opens. Select the GET method and provide the following information in the rest of the fields:
API URL To get the URL, go to the API's Overview tab in the API Store. The URL takes the form
http://<host_name>:8280/<context>/<version>/<Resource, if any><back end service requirements included as parameters, if any>.
For example,http://gateway.api.cloud.wso2.com:8280/t/yashiracom/phoneverify/1.0.0/CheckPhoneNumber
where/phoneverify
is the context, 1.0.0 is the version andCheckPhoneNumber
is the resource.As you are going to make an HTTP GET call in this tutorial, append the payload to the URL. For example,
http://gateway.api.cloud.wso2.com:8280/t/yashiracom/phoneverify/1.0.0/CheckPhoneNumber?PhoneNumber=18006785432&LicenseKey=0
.Header Authorization:Bearer <give the access token that you generated in step 4>
E.g, Authorization:Bearer U9znDo4OSYPfzoW16S2puHmKahgaOAuth security is enforced on all published APIs. Consumers must send the credentials (application access token) as per the OAuth bearer token profile. If not, you receive a 401 Unauthorized response in return.
Click the Send button to invoke the API. The response appears in the console.
As we used a valid phone number in this example, the response returns as valid.- Within a minute after the first API invocation, make another attempt to invoke the API.
- Note that you get a throttling error. This is because you applied a Bronze tier at the time you subscribed to the API and the Bronze tier only allows one API call per minute.
You have invoked an API using the REST client integrated in the API Store.