This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Invoke an API using the Integrated API Console

Owned by Former user (Deleted)
Last updated: May 18, 2015
2 min read

  1. Log in to the API Store and click an API (e.g., PhoneVerification).

  2. Subscribe to the API (e.g., PhoneVerification 1.0.0) using the default application and an available tier.

  3. Go to the My Subscriptions page and generate a production key to the default application using which you subscribed to the API.

  4. Click the APIs menu in the API Store and then click on the API that you want to invoke. When the API opens, go to its API Console tab.

  5. Expand the GET method, provide the required parameters and click Try it Out. For example,

    PhoneNumberE.g., 18006785432
    LicenseKeyGive 0 for testing purpose
    AuthorizationThe API console is automatically populated by the access token that you generated in step 3 after subscribing to the API. 

    The token is prefixed by the string "Bearer" as per the OAuth bearer token profile. OAuth security is enforced on all published APIs. If the application key is invalid, you get a 401 Unauthorized response in return.

    Base URL

    Appears at the bottom of the console. Using the base URL and the parameters, the system creates the API URL in the form http://<host_name>:8280/<context>/<version>/<Resource, if any><backend service requirements included as parameters, if any>. For example, http://localhost:8280/phoneverify/1.0.0/CheckPhoneNumber. /phoneverify is the context, 1.0.0 is the version and CheckPhoneNumber is the resource.

    If you cannot invoke the API's HTTPS endpoint (causes the SSLPeerUnverified exception), it could be because the security certificate issued by the server is not trusted by your browser. To resolve this issue, access the HTTPS endpoint directly from your browser and accept the security certificate.

    Tip: If HTTP invocation is blocked in your corporate environment, you have to change the base path of the API to its HTTPS endpoint in the Swagger definition. This ensures that API invocations do not fail as a result of browsers blocking HTTP calls within HTTPS sessions.

    Tip: Your API's resource must have the OPTIONS method selected to allow subscribers to invoke the API using the API Console.

    For the resources that have methods requiring authentication (i.e., Auth Type is not NONE), you set None as the Auth type ofOPTIONS to support CORS (Cross Origin Resource Sharing) between the API Store and Gateway.

  6. Note the response for the API invocation. As we used a valid phone number in this example, the response is valid.

 You have invoked an API using the Swagger API console.