diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConsumerImpl.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConsumerImpl.java index 0e07ebdcfddc..43a06d16ea42 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConsumerImpl.java +++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConsumerImpl.java @@ -766,14 +766,8 @@ public Set getScopesForApplicationSubscription(String username, int appli throws APIManagementException { Subscriber subscriber = new Subscriber(username); - Set> scopeKeySet = apiMgtDAO.getScopesForApplicationSubscription(subscriber, applicationId, - organization); - Map scopeToKeyMap = new HashMap<>(); - for (Pair scopeEntry : scopeKeySet) { - Scope scope = APIUtil.getScopeByName(scopeEntry.getRight(), scopeEntry.getLeft()); - scopeToKeyMap.put(scopeEntry.getRight(), scope); - } - return new LinkedHashSet<>(scopeToKeyMap.values()); + Set scopeKeySet = apiMgtDAO.getScopesForApplicationSubscription(subscriber, applicationId); + return new LinkedHashSet<>(APIUtil.getScopes(scopeKeySet, organization).values()); } public Integer getSubscriptionCount(Subscriber subscriber, String applicationName, String groupingId) diff --git a/components/apimgt/org.wso2.carbon.apimgt.internal.service/src/gen/java/org/wso2/carbon/apimgt/internal/service/dto/APIDTO.java b/components/apimgt/org.wso2.carbon.apimgt.internal.service/src/gen/java/org/wso2/carbon/apimgt/internal/service/dto/APIDTO.java index c7bc69bb9a47..bec911562e90 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.internal.service/src/gen/java/org/wso2/carbon/apimgt/internal/service/dto/APIDTO.java +++ b/components/apimgt/org.wso2.carbon.apimgt.internal.service/src/gen/java/org/wso2/carbon/apimgt/internal/service/dto/APIDTO.java @@ -305,9 +305,9 @@ public boolean equals(java.lang.Object o) { Objects.equals(status, API.status) && Objects.equals(organization, API.organization) && Objects.equals(isDefaultVersion, API.isDefaultVersion) && - Objects.equals(securityScheme, API.securityScheme) && Objects.equals(apiPolicies, API.apiPolicies) && - Objects.equals(urlMappings, API.urlMappings); + Objects.equals(urlMappings, API.urlMappings) && + Objects.equals(securityScheme, API.securityScheme); } @Override diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/ApisApi.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/ApisApi.java new file mode 100644 index 000000000000..213bb090ff89 --- /dev/null +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/ApisApi.java @@ -0,0 +1,74 @@ +package org.wso2.carbon.apimgt.rest.api.admin.v1; + +import org.wso2.carbon.apimgt.rest.api.admin.v1.dto.ErrorDTO; +import org.wso2.carbon.apimgt.rest.api.admin.v1.dto.SearchResultListDTO; +import org.wso2.carbon.apimgt.rest.api.admin.v1.ApisApiService; +import org.wso2.carbon.apimgt.rest.api.admin.v1.impl.ApisApiServiceImpl; +import org.wso2.carbon.apimgt.api.APIManagementException; + +import javax.ws.rs.*; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.SecurityContext; +import javax.inject.Inject; + +import io.swagger.annotations.*; +import java.io.InputStream; + +import org.apache.cxf.jaxrs.ext.MessageContext; +import org.apache.cxf.jaxrs.ext.multipart.Attachment; +import org.apache.cxf.jaxrs.ext.multipart.Multipart; + +import java.util.Map; +import java.util.List; +import javax.validation.constraints.*; +@Path("/apis") + +@Api(description = "the apis API") + + + + +public class ApisApi { + + @Context MessageContext securityContext; + +ApisApiService delegate = new ApisApiServiceImpl(); + + + @GET + + + @Produces({ "application/json" }) + @ApiOperation(value = "Retrieve/Search APIs ", notes = "This operation provides you a list of available APIs qualifying under a given search condition. Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. ", response = SearchResultListDTO.class, authorizations = { + @Authorization(value = "OAuth2Security", scopes = { + @AuthorizationScope(scope = "apim:admin", description = "Manage all admin operations"), + @AuthorizationScope(scope = "apim:api_provider_change", description = "Retrieve and manage applications") + }) + }, tags={ "APIs", }) + @ApiResponses(value = { + @ApiResponse(code = 200, message = "OK. List of qualifying APIs is returned. ", response = SearchResultListDTO.class), + @ApiResponse(code = 304, message = "Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). ", response = Void.class), + @ApiResponse(code = 406, message = "Not Acceptable. The requested media type is not supported.", response = ErrorDTO.class) }) + public Response getAllAPIs( @ApiParam(value = "Maximum size of resource array to return. ", defaultValue="25") @DefaultValue("25") @QueryParam("limit") Integer limit, @ApiParam(value = "Starting point within the complete list of items qualified. ", defaultValue="0") @DefaultValue("0") @QueryParam("offset") Integer offset, @ApiParam(value = "**Search and get all apis in admin portal**. You can search by proving a keyword. ") @QueryParam("query") String query, @ApiParam(value = "Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource. " )@HeaderParam("If-None-Match") String ifNoneMatch) throws APIManagementException{ + return delegate.getAllAPIs(limit, offset, query, ifNoneMatch, securityContext); + } + + @POST + @Path("/{apiId}/change-provider") + + @Produces({ "application/json" }) + @ApiOperation(value = "Update the api provider", notes = "Update the api provider ", response = Void.class, authorizations = { + @Authorization(value = "OAuth2Security", scopes = { + @AuthorizationScope(scope = "apim:admin", description = "Manage all admin operations"), + @AuthorizationScope(scope = "apim:api_provider_change", description = "Retrieve and manage applications") + }) + }, tags={ "Api Provider Change" }) + @ApiResponses(value = { + @ApiResponse(code = 200, message = "OK. Api Provider updated. ", response = Void.class), + @ApiResponse(code = 400, message = "Bad Request. Invalid request or validation error.", response = ErrorDTO.class), + @ApiResponse(code = 404, message = "Not Found. The specified resource does not exist.", response = ErrorDTO.class) }) + public Response providerNamePost( @NotNull @ApiParam(value = "",required=true) @QueryParam("provider") String provider, @ApiParam(value = "**API ID** consisting of the **UUID** of the API. ",required=true) @PathParam("apiId") String apiId) throws APIManagementException{ + return delegate.providerNamePost(provider, apiId, securityContext); + } +} diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/ApisApiService.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/ApisApiService.java new file mode 100644 index 000000000000..a5596cf115e3 --- /dev/null +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/ApisApiService.java @@ -0,0 +1,26 @@ +package org.wso2.carbon.apimgt.rest.api.admin.v1; + +import org.wso2.carbon.apimgt.rest.api.admin.v1.*; +import org.wso2.carbon.apimgt.rest.api.admin.v1.dto.*; + +import org.apache.cxf.jaxrs.ext.MessageContext; +import org.apache.cxf.jaxrs.ext.multipart.Attachment; +import org.apache.cxf.jaxrs.ext.multipart.Multipart; + +import org.wso2.carbon.apimgt.api.APIManagementException; + +import org.wso2.carbon.apimgt.rest.api.admin.v1.dto.ErrorDTO; +import org.wso2.carbon.apimgt.rest.api.admin.v1.dto.SearchResultListDTO; + +import java.util.List; + +import java.io.InputStream; + +import javax.ws.rs.core.Response; +import javax.ws.rs.core.SecurityContext; + + +public interface ApisApiService { + public Response getAllAPIs(Integer limit, Integer offset, String query, String ifNoneMatch, MessageContext messageContext) throws APIManagementException; + public Response providerNamePost(String provider, String apiId, MessageContext messageContext) throws APIManagementException; +} diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/GlobalKeyManagersApi.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/GlobalKeyManagersApi.java index 46e71112bca5..9d80aaab3db2 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/GlobalKeyManagersApi.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/GlobalKeyManagersApi.java @@ -60,7 +60,8 @@ public Response globalKeyManagersGet() throws APIManagementException{ @ApiOperation(value = "Delete a Global Key Manager", notes = "Delete a Global Key Manager by keyManager id ", response = Void.class, authorizations = { @Authorization(value = "OAuth2Security", scopes = { @AuthorizationScope(scope = "apim:admin", description = "Manage all admin operations"), - @AuthorizationScope(scope = "apim:admin_operations", description = "Manage API categories and Key Managers related operations") + @AuthorizationScope(scope = "apim:admin_operations", description = "Manage API categories and Key Managers related operations"), + @AuthorizationScope(scope = "apim:keymanagers_manage", description = "Manage Key Managers") }) }, tags={ "Global Key Manager (Individual)", }) @ApiResponses(value = { diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/KeyManagersApi.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/KeyManagersApi.java index 84256f6fd20e..9a4d43b1c698 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/KeyManagersApi.java +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/KeyManagersApi.java @@ -79,8 +79,7 @@ public Response keyManagersGet() throws APIManagementException{ @ApiOperation(value = "Delete a Key Manager", notes = "Delete a Key Manager by keyManager id ", response = Void.class, authorizations = { @Authorization(value = "OAuth2Security", scopes = { @AuthorizationScope(scope = "apim:admin", description = "Manage all admin operations"), - @AuthorizationScope(scope = "apim:admin_operations", description = "Manage API categories and Key Managers related operations"), - @AuthorizationScope(scope = "apim:keymanagers_manage", description = "Manage Key Managers") + @AuthorizationScope(scope = "apim:admin_operations", description = "Manage API categories and Key Managers related operations") }) }, tags={ "Key Manager (Individual)", }) @ApiResponses(value = { diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/ApiResultDTO.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/ApiResultDTO.java new file mode 100644 index 000000000000..1e23439fc642 --- /dev/null +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/ApiResultDTO.java @@ -0,0 +1,141 @@ +package org.wso2.carbon.apimgt.rest.api.admin.v1.dto; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonCreator; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import javax.validation.constraints.*; + + +import io.swagger.annotations.*; +import java.util.Objects; + +import javax.xml.bind.annotation.*; +import org.wso2.carbon.apimgt.rest.api.common.annotations.Scope; +import com.fasterxml.jackson.annotation.JsonCreator; + +import javax.validation.Valid; + + + +public class ApiResultDTO { + + private String provider = null; + private String name = null; + private String version = null; + private String id = null; + + /** + **/ + public ApiResultDTO provider(String provider) { + this.provider = provider; + return this; + } + + + @ApiModelProperty(value = "") + @JsonProperty("provider") + public String getProvider() { + return provider; + } + public void setProvider(String provider) { + this.provider = provider; + } + + /** + **/ + public ApiResultDTO name(String name) { + this.name = name; + return this; + } + + + @ApiModelProperty(value = "") + @JsonProperty("name") + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + + /** + **/ + public ApiResultDTO version(String version) { + this.version = version; + return this; + } + + + @ApiModelProperty(value = "") + @JsonProperty("version") + public String getVersion() { + return version; + } + public void setVersion(String version) { + this.version = version; + } + + /** + **/ + public ApiResultDTO id(String id) { + this.id = id; + return this; + } + + + @ApiModelProperty(value = "") + @JsonProperty("id") + public String getId() { + return id; + } + public void setId(String id) { + this.id = id; + } + + + @Override + public boolean equals(java.lang.Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ApiResultDTO apiResult = (ApiResultDTO) o; + return Objects.equals(provider, apiResult.provider) && + Objects.equals(name, apiResult.name) && + Objects.equals(version, apiResult.version) && + Objects.equals(id, apiResult.id); + } + + @Override + public int hashCode() { + return Objects.hash(provider, name, version, id); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class ApiResultDTO {\n"); + + sb.append(" provider: ").append(toIndentedString(provider)).append("\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" version: ").append(toIndentedString(version)).append("\n"); + sb.append(" id: ").append(toIndentedString(id)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} + diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/PaginationApisDTO.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/PaginationApisDTO.java new file mode 100644 index 000000000000..821e52e43245 --- /dev/null +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/PaginationApisDTO.java @@ -0,0 +1,163 @@ +package org.wso2.carbon.apimgt.rest.api.admin.v1.dto; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonCreator; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import javax.validation.constraints.*; + + +import io.swagger.annotations.*; +import java.util.Objects; + +import javax.xml.bind.annotation.*; +import org.wso2.carbon.apimgt.rest.api.common.annotations.Scope; +import com.fasterxml.jackson.annotation.JsonCreator; + +import javax.validation.Valid; + + + +public class PaginationApisDTO { + + private Integer offset = null; + private Integer limit = null; + private Integer total = null; + private String next = null; + private String previous = null; + + /** + **/ + public PaginationApisDTO offset(Integer offset) { + this.offset = offset; + return this; + } + + + @ApiModelProperty(example = "0", value = "") + @JsonProperty("offset") + public Integer getOffset() { + return offset; + } + public void setOffset(Integer offset) { + this.offset = offset; + } + + /** + **/ + public PaginationApisDTO limit(Integer limit) { + this.limit = limit; + return this; + } + + + @ApiModelProperty(example = "1", value = "") + @JsonProperty("limit") + public Integer getLimit() { + return limit; + } + public void setLimit(Integer limit) { + this.limit = limit; + } + + /** + **/ + public PaginationApisDTO total(Integer total) { + this.total = total; + return this; + } + + + @ApiModelProperty(example = "10", value = "") + @JsonProperty("total") + public Integer getTotal() { + return total; + } + public void setTotal(Integer total) { + this.total = total; + } + + /** + * Link to the next subset of resources qualified. Empty if no more resources are to be returned. + **/ + public PaginationApisDTO next(String next) { + this.next = next; + return this; + } + + + @ApiModelProperty(value = "Link to the next subset of resources qualified. Empty if no more resources are to be returned. ") + @JsonProperty("next") + public String getNext() { + return next; + } + public void setNext(String next) { + this.next = next; + } + + /** + * Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. + **/ + public PaginationApisDTO previous(String previous) { + this.previous = previous; + return this; + } + + + @ApiModelProperty(value = "Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. ") + @JsonProperty("previous") + public String getPrevious() { + return previous; + } + public void setPrevious(String previous) { + this.previous = previous; + } + + + @Override + public boolean equals(java.lang.Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + PaginationApisDTO paginationApis = (PaginationApisDTO) o; + return Objects.equals(offset, paginationApis.offset) && + Objects.equals(limit, paginationApis.limit) && + Objects.equals(total, paginationApis.total) && + Objects.equals(next, paginationApis.next) && + Objects.equals(previous, paginationApis.previous); + } + + @Override + public int hashCode() { + return Objects.hash(offset, limit, total, next, previous); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class PaginationApisDTO {\n"); + + sb.append(" offset: ").append(toIndentedString(offset)).append("\n"); + sb.append(" limit: ").append(toIndentedString(limit)).append("\n"); + sb.append(" total: ").append(toIndentedString(total)).append("\n"); + sb.append(" next: ").append(toIndentedString(next)).append("\n"); + sb.append(" previous: ").append(toIndentedString(previous)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} + diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/SearchResultListDTO.java b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/SearchResultListDTO.java new file mode 100644 index 000000000000..93daede87a32 --- /dev/null +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/gen/java/org/wso2/carbon/apimgt/rest/api/admin/v1/dto/SearchResultListDTO.java @@ -0,0 +1,128 @@ +package org.wso2.carbon.apimgt.rest.api.admin.v1.dto; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonCreator; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.util.ArrayList; +import java.util.List; +import org.wso2.carbon.apimgt.rest.api.admin.v1.dto.ApiResultDTO; +import org.wso2.carbon.apimgt.rest.api.admin.v1.dto.PaginationDTO; +import javax.validation.constraints.*; + + +import io.swagger.annotations.*; +import java.util.Objects; + +import javax.xml.bind.annotation.*; +import org.wso2.carbon.apimgt.rest.api.common.annotations.Scope; +import com.fasterxml.jackson.annotation.JsonCreator; + +import javax.validation.Valid; + + + +public class SearchResultListDTO { + + private List apis = new ArrayList(); + private Integer count = null; + private PaginationDTO pagination = null; + + /** + **/ + public SearchResultListDTO apis(List apis) { + this.apis = apis; + return this; + } + + + @ApiModelProperty(value = "") + @Valid + @JsonProperty("apis") + public List getApis() { + return apis; + } + public void setApis(List apis) { + this.apis = apis; + } + + /** + * Number of results returned. + **/ + public SearchResultListDTO count(Integer count) { + this.count = count; + return this; + } + + + @ApiModelProperty(example = "1", value = "Number of results returned. ") + @JsonProperty("count") + public Integer getCount() { + return count; + } + public void setCount(Integer count) { + this.count = count; + } + + /** + **/ + public SearchResultListDTO pagination(PaginationDTO pagination) { + this.pagination = pagination; + return this; + } + + + @ApiModelProperty(value = "") + @Valid + @JsonProperty("pagination") + public PaginationDTO getPagination() { + return pagination; + } + public void setPagination(PaginationDTO pagination) { + this.pagination = pagination; + } + + + @Override + public boolean equals(java.lang.Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + SearchResultListDTO searchResultList = (SearchResultListDTO) o; + return Objects.equals(apis, searchResultList.apis) && + Objects.equals(count, searchResultList.count) && + Objects.equals(pagination, searchResultList.pagination); + } + + @Override + public int hashCode() { + return Objects.hash(apis, count, pagination); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class SearchResultListDTO {\n"); + + sb.append(" apis: ").append(toIndentedString(apis)).append("\n"); + sb.append(" count: ").append(toIndentedString(count)).append("\n"); + sb.append(" pagination: ").append(toIndentedString(pagination)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} + diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/admin-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/admin-api.yaml index 3f12d6a91f16..1f376756ec44 100644 --- a/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/admin-api.yaml +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.common/src/main/resources/admin-api.yaml @@ -3169,6 +3169,173 @@ paths: Delete a Key Manager by keyManager id parameters: - $ref: '#/components/parameters/keyManagerId' + responses: + 200: + description: | + OK. + Key Manager successfully deleted. + content: { } + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + ###################################################### + # The "Global Key Manager Collection" resource API + ###################################################### + /global-key-managers: + get: + tags: + - Global Key Manager (Collection) + summary: Get all Global Key managers + description: | + Get all Global Key managers + responses: + 200: + description: | + OK. + KeyManagers returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerList' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' + + post: + tags: + - Global Key Manager (Collection) + summary: Add a new Global Key Manager + description: | + Add a new Global Key Manager + requestBody: + description: | + Key Manager object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' + + ###################################################### + # The "Global Individual KeyManager" resource APIs + ###################################################### + /global-key-managers/{keyManagerId}: + get: + tags: + - Global Key Manager (Individual) + summary: Get a Global Key Manager Configuration + description: | + Retrieve a single Global Key Manager Configuration. We should provide the Id of the KeyManager as a path + parameter. + parameters: + - $ref: '#/components/parameters/keyManagerId' + responses: + 200: + description: | + OK. + KeyManager Configuration returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + put: + tags: + - Global Key Manager (Individual) + summary: Update a Global Key Manager + description: | + Update a Global Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' + requestBody: + description: | + Key Manager object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + required: true + responses: + 200: + description: | + OK. + Label updated. + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + delete: + tags: + - Global Key Manager (Individual) + summary: Delete a Global Key Manager + description: | + Delete a Global Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | @@ -3226,6 +3393,106 @@ paths: source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F "type=WSO2-IS" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/discover"' + ###################################################### + # The "API Collection" resource APIs + ###################################################### + /apis: + get: + tags: + - APIs + summary: | + Retrieve/Search APIs + description: | + This operation provides you a list of available APIs qualifying under a given search condition. + Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - name: query + in: query + description: | + **Search and get all apis in admin portal**. + + You can search by proving a keyword. + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of qualifying APIs is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SearchResultList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:api_provider_change + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v4/apis"' + operationId: getAllAPIs + ###################################################### + # Change Api Provider + ###################################################### + /apis/{apiId}/change-provider: + post: + tags: + - Api Provider Change + summary: Update the api provider + description: | + Update the api provider + operationId: providerNamePost + parameters: + - name: provider + in: query + required: true + schema: + type: string + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Api Provider updated. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:api_provider_change + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" "https://127.0.0.1:9443/api/am/admin/v4/provider/admin/apis/33662a62-8db1-4d75-af08-afd63c6bd0b4"' components: schemas: Error: @@ -4540,6 +4807,9 @@ components: enabled: type: boolean example: true + global: + type: boolean + example: true additionalProperties: type: object properties: {} @@ -4609,6 +4879,9 @@ components: enabled: type: boolean example: true + isGlobal: + type: boolean + example: true tokenType: type: string description: The type of the tokens to be used (exchanged or without exchanged). @@ -4960,6 +5233,55 @@ components: Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. example: "" + PaginationApis: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 1 + total: + type: integer + example: 10 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + SearchResultList: + title: Unified Search Result List + type: object + properties: + apis: + type: array + items: + $ref: '#/components/schemas/ApiResult' + count: + type: integer + description: | + Number of results returned. + example: 1 + pagination: + $ref: '#/components/schemas/Pagination' + ApiResult: + type: object + properties: + provider: + type: string + name: + type: string + version: + type: string + id: + type: string responses: BadRequest: description: Bad Request. Invalid request or validation error. @@ -5259,6 +5581,14 @@ components: required: true schema: type: string + apiId: + name: apiId + in: path + description: | + **API ID** consisting of the **UUID** of the API. + required: true + schema: + type: string securitySchemes: OAuth2Security: type: oauth2 @@ -5299,4 +5629,5 @@ components: apim:scope_manage: Manage system scopes apim:role_manage: Manage system roles apim:admin_application_view: View Applications - apim:keymanagers_manage: Manage Key Managers \ No newline at end of file + apim:keymanagers_manage: Manage Key Managers + apim:api_provider_change: Retrieve and manage applications \ No newline at end of file diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/resources/admin-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/resources/admin-api.yaml new file mode 100644 index 000000000000..3e13e22d2a3a --- /dev/null +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/resources/admin-api.yaml @@ -0,0 +1,5091 @@ +# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################################ +openapi: 3.0.1 +info: + title: WSO2 API Manager - Admin + description: | + This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. + Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. + + # Authentication + The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking + the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps + that you will need to follow to obtain an access token. + First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types + in the payload. A sample payload is shown below. + ``` + { + "callbackUrl":"www.example.com", + "clientName":"rest_api_admin", + "owner":"admin", + "grantType":"client_credentials password refresh_token", + "saasApp":true + } + ``` + Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the + base64 encoded admin username and password. + **Format of the request** + ``` + curl -X POST -H "Authorization: Basic Base64(admin_username:admin_password)" -H "Content-Type: application/json" + \ -d @payload.json https://:/client-registration/v0.17/register + ``` + **Sample request** + ``` + curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" + \ -d @payload.json https://localhost:9443/client-registration/v0.17/register + ``` + Following is a sample response after invoking the above curl. + ``` + { + "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", + "clientName": "rest_api_admin", + "callBackURL": "www.example.com", + "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", + "isSaasApplication": true, + "appOwner": "admin", + "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.example.com\",\"client_name\":\"rest_api_admin\"}", + "jsonAppAttribute": "{}", + "tokenType": null + } + ``` + Next you must use the above client id and secret to obtain the access token. + We will be using the password grant type for this, you can use any grant type you desire. + You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section + of this document and scope for each resource is given in **authorizations** section of resource documentation. + Following is the format of the request if you are using the password grant type. + ``` + curl -k -d "grant_type=password&username=&password=&scope=" + \ -H "Authorization: Basic base64(cliet_id:client_secret)" + \ https://:/token + ``` + **Sample request** + ``` + curl https://localhost:8243/token -k \ + -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ + -d "grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view" + ``` + Shown below is a sample response to the above request. + ``` + { + "access_token": "e79bda48-3406-3178-acce-f6e4dbdcbb12", + "refresh_token": "a757795d-e69f-38b8-bd85-9aded677a97c", + "scope": "apim:admin apim:tier_view", + "token_type": "Bearer", + "expires_in": 3600 + } + ``` + Now you have a valid access token, which you can use to invoke an API. + Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. + If you use a different authentication mechanism, this process may change. + + # Try out in Postman + If you want to try-out the embedded postman collection with "Run in Postman" option, please follow the guidelines listed below. + * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. + * Make sure you have an API Manager instance up and running. + * Update the `basepath` parameter to match the hostname and port of the APIM instance. + + [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + contact: + name: WSO2 + url: http://wso2.com/products/api-manager/ + email: architecture@wso2.com + license: + name: Apache 2.0 + url: http://www.apache.org/licenses/LICENSE-2.0.html + version: v3 +servers: + - url: https://apis.wso2.com/api/am/admin/v3 +paths: + ###################################################### + # The "Application Throttling Policy Collection" resource API + ###################################################### + /throttling/policies/application: + get: + tags: + - Application Policy (Collection) + summary: Get all Application Throttling Policies + description: | + Retrieves all existing application throttling policies. + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Policies returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationThrottlePolicyList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tier_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/application"' + + post: + tags: + - Application Policy (Collection) + summary: Add an Application Throttling Policy + description: | + This operation can be used to add a new application level throttling policy. + parameters: + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Application level policy object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationThrottlePolicy' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + Location of the newly created Policy object. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationThrottlePolicy' + example: + policyId: e0fd4a15-969e-4056-94c8-8a7b56f8103f + policyName: 20PerMin + displayName: 20PerMin + description: Allows 20 request per minute + isDeployed: true + type: ApplicationThrottlePolicy + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 20 + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/application"' + + ###################################################### + # The "Individual Application Throttling Policy" resource API + ###################################################### + /throttling/policies/application/{policyId}: + get: + tags: + - Application Policy (Individual) + summary: Get an Application Throttling Policy + description: | + Retrieves an application throttling policy. + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Policy returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationThrottlePolicy' + example: + policyId: e0fd4a15-969e-4056-94c8-8a7b56f8103f + policyName: 20PerMin + displayName: 20PerMin + description: Allows 20 request per minute + isDeployed: true + type: ApplicationThrottlePolicy + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 20 + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tier_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' + + put: + tags: + - Application Policy (Individual) + summary: Update an Application Throttling policy + description: | + Updates an existing application level throttling policy. Upon a succesfull update, you will receive the updated application policy as the response. + parameters: + - $ref: '#/components/parameters/policyId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Policy object that needs to be modified + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationThrottlePolicy' + required: true + responses: + 200: + description: | + OK. + Policy updated. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationThrottlePolicy' + example: + policyId: e0fd4a15-969e-4056-94c8-8a7b56f8103f + policyName: 20PerMin + displayName: 20PerMin + description: Allows 20 request per minute + isDeployed: true + type: ApplicationThrottlePolicy + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 20 + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' + + delete: + tags: + - Application Policy (Individual) + summary: Delete an Application Throttling policy + description: | + Deletes an application level throttling policy. + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' + + + ###################################################### + # The "Subscription Throttling Policy Collection" resource API + ###################################################### + /throttling/policies/subscription: + get: + tags: + - Subscription Policy (Collection) + summary: Get all Subscription Throttling Policies + description: | + This operation can be used to retrieve all Subscription level throttling policies. + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Policies returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionThrottlePolicyList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tier_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/subscription"' + + post: + tags: + - Subscription Policy (Collection) + summary: Add a Subscription Throttling Policy + description: | + This operation can be used to add a Subscription level throttling policy specifying the details of the policy in the payload. + parameters: + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Subscripion level policy object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + Location of the newly created Policy object. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + graphQLMaxComplexity: 0 + graphQLMaxDepth: 0 + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/subscription"' + + ###################################################### + # The "Individual Subscription Throttling Policy" resource API + ###################################################### + /throttling/policies/subscription/{policyId}: + get: + tags: + - Subscription Policy (Individual) + summary: Get a Subscription Policy + description: | + This operation can be used to retrieves subscription level throttling policy by specifying the Id of the policy as a path paramter + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Policy returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + graphQLMaxComplexity: 0 + graphQLMaxDepth: 0 + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tier_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + + put: + tags: + - Subscription Policy (Individual) + summary: Update a Subscription Policy + description: | + Updates an existing subscription level throttling policy. + parameters: + - $ref: '#/components/parameters/policyId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Policy object that needs to be modified + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + required: true + responses: + 200: + description: | + OK. + Policy updated. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + graphQLMaxComplexity: 0 + graphQLMaxDepth: 0 + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + + delete: + tags: + - Subscription Policy (Individual) + summary: Delete a Subscription Policy + description: | + This operation can be used to delete a subscription level throttling policy by specifying the Id of the policy as a path paramter. + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + + ###################################################### + # The "Custom Rules Collection" resource API + ###################################################### + /throttling/policies/custom: + get: + tags: + - Custom Rules (Collection) + summary: Get all Custom Rules + description: | + Retrieves all custom rules. + + **NOTE:** + * Only super tenant users are allowed for this operation. + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Policies returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CustomRuleList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tier_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/custom"' + + post: + tags: + - Custom Rules (Collection) + summary: Add a Custom Rule + description: | + Adds a new custom rule. + + **NOTE:** + * Only super tenant users are allowed for this operation. + parameters: + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Custom Rule object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/CustomRule' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + Location of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CustomRule' + example: + policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 + policyName: custom + description: Allow 10 requests per minute for admin user + isDeployed: true + siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ + \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ + INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ + \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ + \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ + \ ResultStream;" + keyTemplate: $userId + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/custom"' + + ###################################################### + # The "Individual Custom Rule" resource API + ###################################################### + /throttling/policies/custom/{ruleId}: + get: + tags: + - Custom Rules (Individual) + summary: Get a Custom Rule + description: | + Retrieves a custom rule. We need to provide the policy Id as a path parameter. + + **NOTE:** + * Only super tenant users are allowed for this operation. + parameters: + - $ref: '#/components/parameters/ruleId' + responses: + 200: + description: | + OK. + Policy returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CustomRule' + example: + policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 + policyName: custom + description: Allow 10 requests per minute for admin user + isDeployed: true + siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ + \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ + INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ + \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ + \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ + \ ResultStream;" + keyTemplate: $userId + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tier_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + + put: + tags: + - Custom Rules (Individual) + summary: Update a Custom Rule + description: | + Updates an existing custom rule. + + **NOTE:** + * Only super tenant users are allowed for this operation. + parameters: + - $ref: '#/components/parameters/ruleId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Policy object that needs to be modified + content: + application/json: + schema: + $ref: '#/components/schemas/CustomRule' + required: true + responses: + 200: + description: | + OK. + Policy updated. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CustomRule' + example: + policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 + policyName: custom + description: Allow 10 requests per minute for admin user + isDeployed: true + siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ + \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ + INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ + \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ + \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ + \ ResultStream;" + keyTemplate: $userId + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + + delete: + tags: + - Custom Rules (Individual) + summary: Delete a Custom Rule + description: | + Delete a custom rule. We need to provide the Id of the policy as a path parameter. + + **NOTE:** + * Only super tenant users are allowed for this operation. + parameters: + - $ref: '#/components/parameters/ruleId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + + ###################################################### + # The "Advanced Throttling Policy Collection" resource API + ###################################################### + /throttling/policies/advanced: + get: + tags: + - Advanced Policy (Collection) + summary: Get all Advanced Throttling Policies + description: | + Retrieves all existing advanced throttling policies. + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Policies returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicyList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tier_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced"' + + post: + tags: + - Advanced Policy (Collection) + summary: Add an Advanced Throttling Policy + description: | + Add a new advanced throttling policy. + parameters: + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Advanced level policy object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + Location of the newly created Advanced Throttling Policy. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + example: + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced"' + + ###################################################### + # The "Individual Advanced Throttling Policy" resource API + ###################################################### + /throttling/policies/advanced/{policyId}: + get: + tags: + - Advanced Policy (Individual) + summary: Get an Advanced Throttling Policy + description: | + Retrieves an advanced throttling policy. + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Policy returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + example: + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tier_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + + put: + tags: + - Advanced Policy (Individual) + summary: Update an Advanced Throttling Policy + description: | + Updates an existing Advanced throttling policy. + parameters: + - $ref: '#/components/parameters/policyId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Policy object that needs to be modified + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + required: true + responses: + 200: + description: | + OK. + Policy updated. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + example: + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + + delete: + tags: + - Advanced Policy (Individual) + summary: Delete an Advanced Throttling Policy + description: | + Deletes an advanced throttling policy. + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + + ###################################################### + # The "Deny Policy Collection" resource API + ###################################################### + /throttling/deny-policies: + get: + tags: + - Deny Policies (Collection) + summary: Get all Deny Policies + description: | + Retrieves all existing deny policies. + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Deny Policies returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingConditionList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:bl_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/deny-policies"' + + post: + tags: + - Deny Policies (Collection) + summary: Add a deny policy + description: | + Adds a new deny policy + parameters: + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Blocking condition object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + Location of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:admin + - apim:bl_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/deny-policies"' + + ###################################################### + # The "Individual Deny Policy" resource API + ###################################################### + /throttling/deny-policy/{conditionId}: + get: + tags: + - Deny Policy (Individual) + summary: Get a Deny Policy + description: | + Retrieves a Deny policy providing the condition Id + parameters: + - $ref: '#/components/parameters/conditionId' + responses: + 200: + description: | + OK. + Condition returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:bl_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + + delete: + tags: + - Deny Policy (Individual) + summary: Delete a Deny Policy + description: | + Deletes an existing deny policy + parameters: + - $ref: '#/components/parameters/conditionId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:bl_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + + patch: + tags: + - Deny Policy (Individual) + summary: Update a Deny Policy + description: | + Update a deny policy by Id + parameters: + - $ref: '#/components/parameters/conditionId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Blocking condition with updated status + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingConditionStatus' + required: true + responses: + 200: + description: | + OK. + Resource successfully updated. + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:bl_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X PATCH -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + + ###################################################### + # The "Application Collection" resource APIs + ###################################################### + /applications: + get: + tags: + - Application (Collection) + summary: | + Retrieve/Search Applications + description: | + This operation can be used to retrieve list of applications owned by the given user, If no user + is provided, the applications owned by the user associated with the provided access token will be returned. + parameters: + - $ref: '#/components/parameters/user' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/Accept' + - name: name + in: query + description: | + Application Name + schema: + type: string + - name: tenantDomain + in: query + description: | + Tenant domain of the applications to get. This has to be specified only if it is required to get applications of + a tenant other than the requester's tenant. So, if not specified, the default will be set as the + requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin + users **only at a migration process**. + schema: + type: string + - name: sortBy + in: query + schema: + type: string + enum: + - name + - owner + default: name + - name: sortOrder + in: query + schema: + type: string + enum: + - asc + - desc + default: asc + responses: + 200: + description: | + OK. + Application list returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationList' + 400: + $ref: '#/components/responses/BadRequest' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:app_owner_change + - apim:app_import_export + - apim:admin_application_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/applications"' + + ###################################################### + # The "Individual Application" resource APIs + ###################################################### + /applications/{applicationId}: + get: + tags: + - Applications + summary: | + Get the details of an Application + description: | + This operation can be used to get the details of an application by specifying its id. + parameters: + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Application details returned. + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:app_import_export + - apim:admin_application_view + x-code-samples: + - lang: Shell + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + + delete: + tags: + - Applications + summary: | + Delete an Application + description: | + This operation can be used to delete an application by specifying its id. + parameters: + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the existing Application. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:app_import_export + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + + /applications/{applicationId}/change-owner: + post: + tags: + - Application + summary: Change Application Owner + description: | + This operation is used to change the owner of an Application. + In order to change the owner of an application, we need to pass the new application owner as a query parameter + parameters: + - name: owner + in: query + required: true + schema: + type: string + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Application owner changed successfully. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:app_owner_change + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b/change-owner?owner=admin"' + + ###################################################### + # The "Environment" resource API + ###################################################### + /environments: + get: + tags: + - Environments + summary: Get all registered Environments + description: | + Get all Registered Environments + responses: + 200: + description: | + OK. + Environments returned + content: + application/json: + schema: + $ref: '#/components/schemas/EnvironmentList' + security: + - OAuth2Security: + - apim:admin + - apim:environment_read + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/environments"' + + post: + tags: + - Environments + summary: Add an Environment + description: | + Add a new geteway environment + requestBody: + description: | + Environment object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created environment as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apim:admin + - apim:environment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/environments"' + + ###################################################### + # The "Individual Environment" resource APIs + ###################################################### + /environments/{environmentId}: + put: + tags: + - Environments + summary: Update an Environment + description: | + Update a gateway Environment by environment Id + parameters: + - $ref: '#/components/parameters/environmentId' + requestBody: + description: | + Environment object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + required: true + responses: + 200: + description: | + OK. + Environment updated. + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:environment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' + + delete: + tags: + - Environments + summary: Delete an Environment + description: | + Delete a Environment by Environment Id + parameters: + - $ref: '#/components/parameters/environmentId' + responses: + 200: + description: | + OK. + Environment successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:environment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' + + ###################################################### + # The Bot Detection Data API resources + ###################################################### + /bot-detection-data: + get: + tags: + - Bot Detection Data + summary: | + Get all Bot Detected Data + description: | + Get all bot detected data + operationId: getBotDetectionData + responses: + 200: + description: | + OK. + Bot detected data returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BotDetectionDataList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:bot_data + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/bot-detection-data"' + + ###################################################### + # The "Monetization" resource APIs + ###################################################### + /monetization/publish-usage: + post: + tags: + - Monetization (Collection) + summary: Publish Usage Records + description: | + Publish usage records of monetized APIs + responses: + 200: + description: Usage records successfully published. + content: + application/json: + schema: + $ref: '#/components/schemas/PublishStatus' + 202: + description: Request is sucessfully accepted for processing. + content: + application/json: + schema: + $ref: '#/components/schemas/PublishStatus' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:monetization_usage_publish + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/monetization/publish-usage"' + + /monetization/publish-usage/status: + get: + tags: + - Monetization (Collection) + summary: Get the Status of Monetization Usage Publisher + description: | + Get the status of monetization usage publisher + responses: + 200: + description: | + OK. + Status returned + content: + application/json: + schema: + $ref: '#/components/schemas/MonetizationUsagePublishInfo' + security: + - OAuth2Security: + - apim:admin + - apim:monetization_usage_publish + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/monetization/publish-usage/status"' + + ###################################################### + # The "Workflow Collection" resource APIs + ###################################################### + /workflows: + get: + tags: + - Workflow (Collection) + summary: | + Retrieve All Pending Workflow Processes + description: | + This operation can be used to retrieve list of workflow pending processes. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/Accept' + - name: workflowType + in: query + description: | + We need to show the values of each workflow process separately .for that we use workflow type. + Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX. + schema: + type: string + enum: + - AM_APPLICATION_CREATION + - AM_SUBSCRIPTION_CREATION + - AM_USER_SIGNUP + - AM_APPLICATION_REGISTRATION_PRODUCTION + - AM_APPLICATION_REGISTRATION_SANDBOX + - AM_SUBSCRIPTION_DELETION + - AM_APPLICATION_DELETION + - AM_API_STATE + - AM_API_PRODUCT_STATE + responses: + 200: + description: | + OK. + Workflow pendding process list returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowList' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:api_workflow_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/workflows"' + + /workflows/{externalWorkflowRef}: + get: + tags: + - Workflows (Individual) + summary: | + Get Pending Workflow Details by External Workflow Reference + description: | + Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. + parameters: + - name: externalWorkflowRef + in: path + description: | + from the externel workflow reference we decide what is the the pending request that the are requesting. + required: true + schema: + type: string + responses: + 200: + description: | + OK. + Requested Workflow Pending is returned + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowInfo' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:api_workflow_view + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/workflows/c43a325c-260b-4302-81cb-768eafaa3aed"' + + /workflows/update-workflow-status: + post: + tags: + - Workflows (Individual) + summary: Update Workflow Status + description: | + This operation can be used to approve or reject a workflow task. + parameters: + - $ref: '#/components/parameters/workflowReferenceId-Q' + requestBody: + description: | + Workflow event that need to be updated + content: + application/json: + schema: + $ref: '#/components/schemas/Workflow' + required: true + responses: + 200: + description: | + OK. + Workflow request information is returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Workflow' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:api_workflow_approve + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/workflows/update-workflow-status?workflowReferenceId=56e3a170-a7a7-45f8-b051-7e43a58a67e1"' + + ###################################################### + # The Tenant Info resource API + ###################################################### + /tenant-info/{username}: + get: + tags: + - Tenants + summary: | + Get Tenant Id of User + description: | + This operation is to get tenant id of the provided user + operationId: getTenantInfoByUsername + parameters: + - name: username + in: path + description: | + The state represents the current state of the tenant. Supported states are [ active, inactive] + required: true + schema: + type: string + default: john + responses: + 200: + description: | + OK. + Tenant id of the user retrieved. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TenantInfo' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tenantInfo + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-info/john"' + + ###################################################### + # The Custom URL Info resource API + ###################################################### + /custom-urls/{tenantDomain}: + get: + tags: + - Tenants + summary: | + Get Custom URL Info of a Tenant Domain + description: | + This operation is to get custom-url information of the provided tenant-domain + operationId: getCustomUrlInfoByTenantDomain + parameters: + - name: tenantDomain + in: path + description: | + The tenant domain name. + required: true + schema: + type: string + responses: + 200: + description: | + OK. + Custom url info of the tenant is retrieved. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CustomUrlInfo' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:tenantInfo + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/custom-urls/wso2.com"' + + ###################################################### + # The "Category Collection" resource API + ###################################################### + /api-categories: + get: + tags: + - API Category (Collection) + summary: Get all API Categories + description: | + Get all API categories + responses: + 200: + description: | + OK. + Categories returned + content: + application/json: + schema: + $ref: '#/components/schemas/APICategoryList' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/api-categories"' + + post: + tags: + - API Category (Individual) + summary: Add API Category + description: | + Add a new API category + requestBody: + description: | + API Category object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/APICategory' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/APICategory' + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/api-categories"' + + ###################################################### + # The "Individual Category" resource APIs + ###################################################### + /api-categories/{apiCategoryId}: + put: + tags: + - API Category (Individual) + summary: Update an API Category + description: | + Update an API Category by category Id + parameters: + - $ref: '#/components/parameters/apiCategoryId' + requestBody: + description: | + API Category object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/APICategory' + required: true + responses: + 200: + description: | + OK. + Label updated. + content: + application/json: + schema: + $ref: '#/components/schemas/APICategory' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' + + delete: + tags: + - API Category (Individual) + summary: Delete an API Category + description: | + Delete an API Category by API Category Id + parameters: + - $ref: '#/components/parameters/apiCategoryId' + responses: + 200: + description: | + OK. + API Category successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' + + ###################################################### + # The Admin settings List + ###################################################### + /settings: + get: + tags: + - Settings + summary: Retreive Admin Settings + description: | + Retreive admin settings + responses: + 200: + description: | + OK. + Settings returned + content: + application/json: + schema: + $ref: '#/components/schemas/Settings' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:admin_settings + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/settings"' + + #################################################### + # The Admin alert management resources + #################################################### + /alert-types: + get: + tags: + - Alerts + summary: | + Get all Admin Alert Types + description: | + This operation is used to get the list of supportd alert types for the apim admin dashboard + operationId: getAdminAlertTypes + responses: + 200: + description: | + OK. + The list of admin alert types are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AlertTypesList' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:admin_alert_manage + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/alert-types"' + + /alert-subscriptions: + get: + tags: + - Alert Subscriptions + summary: | + Get Subscribed Alert Types + description: | + This operation is used to get the list of subscribed alert types by the user. + operationId: getSubscribedAlertTypes + responses: + 200: + description: | + OK. + The list of subscribed alert types are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AlertsSubscription' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:admin_alert_manage + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/alert-subscriptions"' + + put: + tags: + - Alert Subscriptions + summary: | + Subscribe to an Admin Alert + description: | + This operation is used to subscribe to admin alerts + operationId: subscribeToAlerts + requestBody: + description: The alerts list and the email list to subscribe. + content: + application/json: + schema: + $ref: '#/components/schemas/AlertsSubscription' + required: true + responses: + 200: + description: | + OK. + Successful response with the newly subscribed alerts. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AlertsSubscription' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:admin_alert_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/alert-subscriptions"' + + delete: + tags: + - Alert Subscriptions + summary: | + Unsubscribe User from all Admin Alerts + description: | + This operation is used to unsubscribe the respective user from all the admin alert types. + operationId: unsubscribeAllAlerts + responses: + 200: + description: | + OK. + The user is unsubscribed from the alerts successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:admin_alert_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/alert-subscriptions"' + + /alert-subscriptions/bot-detection: + get: + tags: + - Bot Detection Alert Subscriptions + summary: | + Get Subscriptions for Bot Detection + description: | + Get the list of subscriptions which are subscribed to receive email alerts for bot detection + operationId: getBotDetectionAlertSubscriptions + responses: + 200: + description: | + OK. + The list of bot detection alert subscriptions are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BotDetectionAlertSubscriptionList' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:admin_alert_manage + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/alert-subscriptions/bot-detection"' + + post: + tags: + - Bot Detection Alert Subscriptions + summary: Subscribe for Bot Detection Alerts + description: | + Register a subscription for bot detection alerts + operationId: subscribeForBotDetectionAlerts + requestBody: + description: | + The email to register to receive bot detection alerts + content: + application/json: + schema: + $ref: '#/components/schemas/BotDetectionAlertSubscription' + required: true + responses: + 200: + description: | + OK. + Bot detection alert subscription is registered successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BotDetectionAlertSubscription' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:admin_alert_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/alert-subscriptions/bot-detection"' + + /alert-subscriptions/bot-detection/{uuid}: + delete: + tags: + - Bot Detection Alert Subscriptions + summary: Unsubscribe from bot detection alerts. + description: | + Delete a Bot Detection Alert Subscription + operationId: unsubscribeFromBotDetectionAlerts + parameters: + - name: uuid + in: path + description: uuid of the subscription + required: true + schema: + type: string + responses: + 200: + description: | + OK. + Bot detection alert subscription is deleted successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:admin_alert_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/alert-subscriptions/bot-detection"' + + ###################################################### + # System scopes resource API + ###################################################### + /system-scopes/{scopeName}: + get: + tags: + - System Scopes + summary: Retrieve Scopes for a Particular User + description: | + This operation will return the scope list of particular user + In order to get it, we need to pass the userId as a query parameter + operationId: systemScopesScopeNameGet + parameters: + - name: username + in: query + schema: + type: string + - $ref: '#/components/parameters/scopeName' + responses: + 200: + description: | + OK. + Particular scope exists for the given user. + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeSettings' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:scope_manage + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/system-scopes/YXBpbTpzdWJzY3JpYmU?username=john"' + + /system-scopes: + get: + tags: + - System Scopes + summary: | + Get Role Scope Mappings + description: | + This operation is used to get the list of role scope mapping from tenant-conf for the apim admin dashboard + operationId: systemScopesGet + responses: + 200: + description: | + OK. + The list of role scope mappings are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeList' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:scope_manage + - apim:admin + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/system-scopes"' + + put: + tags: + - System Scopes + summary: | + Update Roles For Scope + description: | + This operation is used to update the roles for all scopes + operationId: updateRolesForScope + requestBody: + description: | + Scope list object with updated scope to role mappings + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeList' + required: true + responses: + 200: + description: | + OK. + Successful response with the newly added roles. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeList' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:scope_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/system-scopes"' + + /system-scopes/role-aliases: + get: + tags: + - System Scopes + summary: Retrieve Role Alias Mappings + description: | + This operation can be used to retreive role alias mapping + responses: + 200: + description: | + OK. + The list of role mappings are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/RoleAliasList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:scope_manage + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/system-scopes/role-aliases"' + + put: + tags: + - System Scopes + summary: Add a New Role Alias + description: | + This operation can be used to add a new role alias mapping for system scope roles + requestBody: + description: role-alias mapping + content: + application/json: + schema: + $ref: '#/components/schemas/RoleAliasList' + required: true + responses: + 200: + description: | + OK. + Role mapping alias returned + content: + application/json: + schema: + $ref: '#/components/schemas/RoleAliasList' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:scope_manage + - apim:admin + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/system-scopes/role-aliases"' + + ###################################################### + # Roles resource APIs + ###################################################### + /roles/{roleId}: + head: + tags: + - Roles + summary: Check Whether Given Role Name already Exist + description: | + Using this operation, user can check a given role name exists or not. + operationId: validateSystemRole + parameters: + - $ref: '#/components/parameters/roleId' + responses: + 200: + description: OK. Requested role name exists. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:role_manage + x-code-samples: + - lang: Curl + source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/roles/SW50ZXJuYWwvcHVibGlzaGVyCQ"' + + ###################################################### + # The Tenant Theme resource APIs + ###################################################### + /tenant-theme: + get: + tags: + - Tenant Theme + summary: Export a DevPortal Tenant Theme + description: | + This operation can be used to export a DevPortal tenant theme as a zip file. + operationId: exportTenantTheme + responses: + 200: + description: | + OK. + Tenant Theme Exported Successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/zip: + schema: + type: string + format: binary + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:tenant_theme_manage + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-theme" > theme.zip' + + put: + tags: + - Tenant Theme + summary: Import a DevPortal Tenant Theme + description: | + This operation can be used to import a DevPortal tenant theme. + operationId: importTenantTheme + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: | + Zip archive consisting of tenant theme configuration + format: binary + required: true + responses: + 200: + description: | + Ok. + Tenant Theme Imported Successfully. + content: {} + 403: + $ref: '#/components/responses/Forbidden' + 413: + $ref: '#/components/responses/PayloadTooLarge' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:tenant_theme_manage + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@theme.zip "https://127.0.0.1:9443/api/am/admin/v3/tenant-theme"' + + ###################################################### + # The Tenant config resource APIs + ###################################################### + /tenant-config: + get: + tags: + - Tenant Config + summary: Export a tenant-Config. + description: | + This operation can be used to export a tenant-config.json used in deployment. + operationId: exportTenantConfig + responses: + 200: + description: | + OK. + Tenant config Exported Successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-config" > tenant-config.json' + put: + tags: + - Tenant Config + summary: Update a tenant-config. + description: | + This operation can be used to update tenant-config. + operationId: updateTenantConfig + requestBody: + description: tenant-config + content: + application/json: + schema: + type: string + required: true + responses: + 200: + description: | + OK. + Role mapping alias returned + content: + application/json: + schema: + type: object + 403: + $ref: '#/components/responses/Forbidden' + 413: + $ref: '#/components/responses/PayloadTooLarge' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-config"' + + ###################################################### + # The Tenant config schema resource APIs + ###################################################### + /tenant-config-schema: + get: + tags: + - Tenant Config Schema + summary: Export a tenant-Config-Schema. + description: | + This operation can be used to export a tenant-config-schema.json used in deployment. + operationId: exportTenantConfigSchema + responses: + 200: + description: | + OK. + Tenant config schema exported successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-config-schema" > tenant-config-schema.json' + + ###################################################### + # The "Key Manager Collection" resource API + ###################################################### + /key-managers: + get: + tags: + - Key Manager (Collection) + summary: Get all Key managers + description: | + Get all Key managers + responses: + 200: + description: | + OK. + KeyManagers returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerList' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/key-managers"' + + post: + tags: + - Key Manager (Collection) + summary: Add a new API Key Manager + description: | + Add a new API Key Manager + requestBody: + description: | + Key Manager object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/key-managers"' + + ###################################################### + # The "Individual KeyManager" resource APIs + ###################################################### + /key-managers/{keyManagerId}: + get: + tags: + - Key Manager (Individual) + summary: Get a Key Manager Configuration + description: | + Retrieve a single Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. + parameters: + - $ref: '#/components/parameters/keyManagerId' + responses: + 200: + description: | + OK. + KeyManager Configuration returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + put: + tags: + - Key Manager (Individual) + summary: Update a Key Manager + description: | + Update a Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' + requestBody: + description: | + Key Manager object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + required: true + responses: + 200: + description: | + OK. + Label updated. + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + delete: + tags: + - Key Manager (Individual) + summary: Delete a Key Manager + description: | + Delete a Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' + responses: + 200: + description: | + OK. + Key Manager successfully deleted. + content: { } + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + ###################################################### + # The "Global Key Manager Collection" resource API + ###################################################### + /global-key-managers: + get: + tags: + - Global Key Manager (Collection) + summary: Get all Global Key managers + description: | + Get all Global Key managers + responses: + 200: + description: | + OK. + KeyManagers returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerList' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' + + post: + tags: + - Global Key Manager (Collection) + summary: Add a new Global Key Manager + description: | + Add a new Global Key Manager + requestBody: + description: | + Key Manager object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' + + ###################################################### + # The "Global Individual KeyManager" resource APIs + ###################################################### + /global-key-managers/{keyManagerId}: + get: + tags: + - Global Key Manager (Individual) + summary: Get a Global Key Manager Configuration + description: | + Retrieve a single Global Key Manager Configuration. We should provide the Id of the KeyManager as a path + parameter. + parameters: + - $ref: '#/components/parameters/keyManagerId' + responses: + 200: + description: | + OK. + KeyManager Configuration returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + put: + tags: + - Global Key Manager (Individual) + summary: Update a Global Key Manager + description: | + Update a Global Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' + requestBody: + description: | + Key Manager object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + required: true + responses: + 200: + description: | + OK. + Label updated. + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + delete: + tags: + - Global Key Manager (Individual) + summary: Delete a Global Key Manager + description: | + Delete a Global Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' + responses: + 200: + description: | + OK. + Key Manager successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + /key-managers/discover: + post: + tags: + - Key Manager (Collection) + summary: Retrieve Well-known information from Key Manager Well-known Endpoint + description: | + Retrieve well-known information from key manager's well-known endpoint + requestBody: + content: + multipart/form-data: + schema: + properties: + url: + type: string + description: Well-Known Endpoint + type: + type: string + description: | + Key Manager Type + default: "false" + responses: + 200: + description: | + OK. + KeyManagers returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerWellKnownResponse' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F "type=WSO2-IS" "https://127.0.0.1:9443/api/am/admin/v3/key-managers/discover"' + +components: + schemas: + Error: + title: Error object returned with 4XX HTTP status + required: + - code + - message + type: object + properties: + code: + type: integer + description: Error code + format: int64 + message: + type: string + description: Error message. + description: + type: string + description: | + A detail description about the error message. + moreInfo: + type: string + description: | + Preferably an url with more details about the error. + error: + type: array + description: | + If there are more than one error list them out. + For example, list out validation errors by each field. + items: + $ref: '#/components/schemas/ErrorListItem' + ErrorListItem: + title: Description of individual errors that may have occurred during a request. + required: + - code + - message + type: object + properties: + code: + type: string + description: Error code + message: + type: string + description: | + Description about individual errors occurred + ThrottlePolicy: + title: Generic Throttling Policy + required: + - policyName + type: object + properties: + policyId: + type: string + description: Id of policy + readOnly: true + example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 + policyName: + maxLength: 60 + minLength: 1 + type: string + description: Name of policy + example: 30PerMin + displayName: + type: string + description: Display name of the policy + example: 30PerMin + maxLength: 512 + description: + maxLength: 1024 + type: string + description: Description of the policy + example: Allows 30 request per minute + isDeployed: + type: boolean + description: Indicates whether the policy is deployed successfully or not. + default: false + type: + type: string + description: Indicates the type of throttle policy + discriminator: + propertyName: type + AdvancedThrottlePolicyInfo: + title: Advanced Throttling Policy + allOf: + - $ref: '#/components/schemas/ThrottlePolicy' + - type: object + properties: + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + AdvancedThrottlePolicy: + title: Advanced Throttling Policy + allOf: + - $ref: '#/components/schemas/ThrottlePolicy' + - required: + - defaultLimit + type: object + properties: + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + conditionalGroups: + type: array + description: | + Group of conditions which allow adding different parameter conditions to the throttling limit. + items: + $ref: '#/components/schemas/ConditionalGroup' + AdvancedThrottlePolicyList: + title: Advanced Throttling Policy List + type: object + properties: + count: + type: integer + description: | + Number of Advanced Throttling Policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/AdvancedThrottlePolicyInfo' + ApplicationThrottlePolicy: + title: Application Throttling Policy + allOf: + - $ref: '#/components/schemas/ThrottlePolicy' + - required: + - defaultLimit + type: object + properties: + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + ApplicationThrottlePolicyList: + title: Application Level Throttling Policy List + type: object + properties: + count: + type: integer + description: | + Number of Application Throttling Policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationThrottlePolicy' + SubscriptionThrottlePolicy: + title: Subscription Throttling Policy + allOf: + - $ref: '#/components/schemas/ThrottlePolicy' + - $ref: '#/components/schemas/GraphQLQuery' + - required: + - defaultLimit + type: object + properties: + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + monetization: + $ref: '#/components/schemas/MonetizationInfo' + rateLimitCount: + type: integer + description: Burst control request count + example: 10 + rateLimitTimeUnit: + type: string + description: Burst control time unit + example: min + subscriberCount: + type: integer + description: Number of subscriptions allowed + example: 10 + customAttributes: + type: array + description: | + Custom attributes added to the Subscription Throttling Policy + example: [] + items: + $ref: '#/components/schemas/CustomAttribute' + stopOnQuotaReach: + type: boolean + description: | + This indicates the action to be taken when a user goes beyond the allocated quota. If checked, the user's requests will be dropped. If unchecked, the requests will be allowed to pass through. + default: false + billingPlan: + type: string + description: | + define whether this is Paid or a Free plan. Allowed values are FREE or COMMERCIAL. + example: FREE + permissions: + $ref: '#/components/schemas/SubscriptionThrottlePolicyPermission' + SubscriptionThrottlePolicyPermission: + title: SubscriptionThrottlePolicyPermission + required: + - permissionType + - roles + type: object + properties: + permissionType: + type: string + example: deny + enum: + - ALLOW + - DENY + roles: + type: array + example: + - Internal/everyone + items: + type: string + GraphQLQuery: + title: GraphQL Query + type: object + properties: + graphQLMaxComplexity: + type: integer + description: Maximum Complexity of the GraphQL query + example: 400 + graphQLMaxDepth: + type: integer + description: Maximum Depth of the GraphQL query + example: 10 + SubscriptionThrottlePolicyList: + title: Subscription Level Throttling Policy List + type: object + properties: + count: + type: integer + description: | + Number of Subscription Throttling Policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + CustomRule: + title: Custom Rule + allOf: + - $ref: '#/components/schemas/ThrottlePolicy' + - required: + - keyTemplate + - siddhiQuery + type: object + properties: + siddhiQuery: + type: string + description: Siddhi query which represents the custom throttling policy + example: | + FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super' ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\nINSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1 min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled, expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into ResultStream; + keyTemplate: + type: string + description: The specific combination of attributes that are checked in + the policy. + example: $userId + CustomRuleList: + title: Custom Rule List + type: object + properties: + count: + type: integer + description: | + Number of Custom Rules returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/CustomRule' + ConditionalGroup: + title: Conditional Groups for Throttling + required: + - conditions + - limit + type: object + properties: + description: + type: string + description: Description of the Conditional Group + conditions: + type: array + description: | + Individual throttling conditions. They can be defined as either HeaderCondition, IPCondition, JWTClaimsCondition, QueryParameterCondition + Please see schemas of each of those throttling condition in Definitions section. + example: | + [ + { + "type": "HEADERCONDITION", + "invertCondition": false, + "headerCondition": + { + "headerName": "Host", + "headerValue": "10.100.7.77" + } + }, + { + "type": "IPCONDITION", + "invertCondition": false, + "ipCondition": + { + "ipConditionType": "IPSPECIFIC", + "specificIP": "10.100.1.22", + "startingIP": null, + "endingIP": null + } + }, + { + "type": "QUERYPARAMETERCONDITION", + "invertCondition": false, + "queryParameterCondition": + { + "parameterName": "name", + "parameterValue": "admin" + } + }, + { + "type": "JWTCLAIMSCONDITION", + "invertCondition": true, + "jwtClaimsCondition": + { + "claimUrl": "claimUrl0", + "attribute": "claimAttr0" + } + } + ] + items: + $ref: '#/components/schemas/ThrottleCondition' + limit: + $ref: '#/components/schemas/ThrottleLimit' + ThrottleCondition: + title: Throttling Conditions + required: + - type + type: object + properties: + type: + type: string + description: | + Type of the throttling condition. Allowed values are "HEADERCONDITION", "IPCONDITION", "JWTCLAIMSCONDITION" + and "QUERYPARAMETERCONDITION". + enum: + - HEADERCONDITION + - IPCONDITION + - JWTCLAIMSCONDITION + - QUERYPARAMETERCONDITION + invertCondition: + type: boolean + description: | + Specifies whether inversion of the condition to be matched against the request. + + **Note:** When you add conditional groups for advanced throttling policies, this paramater should have the + same value ('true' or 'false') for the same type of conditional group. + default: false + headerCondition: + $ref: '#/components/schemas/HeaderCondition' + ipCondition: + $ref: '#/components/schemas/IPCondition' + jwtClaimsCondition: + $ref: '#/components/schemas/JWTClaimsCondition' + queryParameterCondition: + $ref: '#/components/schemas/QueryParameterCondition' + description: Conditions used for Throttling + HeaderCondition: + title: HTTP Header based throttling condition + required: + - headerName + - headerValue + type: object + properties: + headerName: + type: string + description: Name of the header + headerValue: + type: string + description: Value of the header + IPCondition: + title: IP based throttling condition + type: object + properties: + ipConditionType: + type: string + description: Type of the IP condition. Allowed values are "IPRANGE" and + "IPSPECIFIC" + enum: + - IPRANGE + - IPSPECIFIC + specificIP: + type: string + description: Specific IP when "IPSPECIFIC" is used as the ipConditionType + startingIP: + type: string + description: Staring IP when "IPRANGE" is used as the ipConditionType + endingIP: + type: string + description: Ending IP when "IPRANGE" is used as the ipConditionType + JWTClaimsCondition: + title: JWT claim attibute based throttling condition + required: + - attribute + - claimUrl + type: object + properties: + claimUrl: + type: string + description: JWT claim URL + attribute: + type: string + description: Attribute to be matched + QueryParameterCondition: + title: Query parameter based throttling condition + required: + - parameterName + - parameterValue + type: object + properties: + parameterName: + type: string + description: Name of the query parameter + parameterValue: + type: string + description: Value of the query parameter to be matched + ThrottleLimitBase: + title: Throttle Limit Base + required: + - timeUnit + - unitTime + type: object + properties: + timeUnit: + type: string + description: Unit of the time. Allowed values are "sec", "min", "hour", + "day" + example: min + unitTime: + type: integer + description: Time limit that the throttling limit applies. + example: 10 + ThrottleLimit: + title: Throttle Limit + required: + - type + type: object + properties: + type: + type: string + description: | + Type of the throttling limit. Allowed values are "REQUESTCOUNTLIMIT" and "BANDWIDTHLIMIT". + Please see schemas of "RequestCountLimit" and "BandwidthLimit" throttling limit types in + Definitions section. + example: REQUESTCOUNTLIMIT + enum: + - REQUESTCOUNTLIMIT + - BANDWIDTHLIMIT + - EVENTCOUNTLIMIT + requestCount: + $ref: '#/components/schemas/RequestCountLimit' + bandwidth: + $ref: '#/components/schemas/BandwidthLimit' + eventCount: + $ref: '#/components/schemas/EventCountLimit' + MonetizationInfo: + title: API monetization details object + required: + - properties + type: object + properties: + monetizationPlan: + type: string + description: Flag to indicate the monetization plan + example: FixedRate + enum: + - FIXEDRATE + - DYNAMICRATE + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to each monetization plan + BandwidthLimit: + title: Bandwidth Limit object + allOf: + - $ref: '#/components/schemas/ThrottleLimitBase' + - required: + - dataAmount + - dataUnit + type: object + properties: + dataAmount: + type: integer + description: Amount of data allowed to be transfered + format: int64 + example: 1000 + dataUnit: + type: string + description: Unit of data allowed to be transfered. Allowed values are + "KB", "MB" and "GB" + example: KB + RequestCountLimit: + title: Request Count Limit object + allOf: + - $ref: '#/components/schemas/ThrottleLimitBase' + - required: + - requestCount + type: object + properties: + requestCount: + type: integer + description: Maximum number of requests allowed + format: int64 + example: 30 + EventCountLimit: + title: Event Count Limit object + allOf: + - $ref: '#/components/schemas/ThrottleLimitBase' + - required: + - eventCount + type: object + properties: + eventCount: + type: integer + description: Maximum number of events allowed + format: int64 + example: 3000 + BlockingCondition: + title: Blocking Conditions + required: + - conditionType + - conditionValue + type: object + properties: + conditionId: + type: string + description: Id of the blocking condition + example: b513eb68-69e8-4c32-92cf-852c101363cf + conditionType: + type: string + description: Type of the blocking condition + example: IP + enum: + - API + - APPLICATION + - IP + - IPRANGE + - USER + conditionValue: + type: object + properties: {} + description: Value of the blocking condition + example: + fixedIp: 192.168.1.1 + invert: false + conditionStatus: + type: boolean + description: Status of the blocking condition + example: true + description: Blocking Conditions + BlockingConditionList: + title: Blocking Conditions List + type: object + properties: + count: + type: integer + description: | + Number of Blocking Conditions returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/BlockingCondition' + BlockingConditionStatus: + title: Blocking Conditions Status + required: + - conditionStatus + type: object + properties: + conditionId: + type: string + description: Id of the blocking condition + example: b513eb68-69e8-4c32-92cf-852c101363cf + conditionStatus: + type: boolean + description: Status of the blocking condition + example: true + description: Blocking Conditions Status + CustomAttribute: + title: Name-Value pair + required: + - name + - value + type: object + properties: + name: + type: string + description: Name of the custom attribute + example: customAttr1 + value: + type: string + description: Value of the custom attribute + example: value1 + ApplicationList: + title: Application List + type: object + properties: + count: + type: integer + description: | + Number of applications returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationInfo' + pagination: + $ref: '#/components/schemas/Pagination' + ApplicationInfo: + title: Application info object with basic application details + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + owner: + type: string + example: admin + status: + type: string + example: APPROVED + groupId: + type: string + example: "" + Application: + title: Application object with all the application details + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + throttlingPolicy: + type: string + example: Unlimited + description: + type: string + example: Sample calculator application + tokenType: + type: string + enum: + - OAUTH + - JWT + description: | + Type of the access token generated for this application. + **OAUTH:** A UUID based access token which is issued by default. + **JWT:** A self-contained, signed JWT based access token. **Note:** This can be only used in Microgateway environments. + default: JWT + example: JWT + status: + type: string + example: APPROVED + default: "" + groups: + type: array + items: + type: string + example: "" + subscriptionCount: + type: integer + attributes: + type: object + additionalProperties: + type: string + example: External Reference ID, Billing Tier + subscriptionScopes: + type: array + items: + $ref: '#/components/schemas/ScopeInfo' + owner: + description: | + Application created user + type: string + example: admin + ScopeInfo: + title: API Scope info object with scope details + type: object + properties: + key: + type: string + example: admin_scope + name: + type: string + example: admin scope + roles: + type: array + items: + type: string + description: Allowed roles for the scope + example: ["manager","developer"] + description: + type: string + description: Description of the scope + APIInfoList: + title: API Info List + type: object + properties: + count: + type: integer + description: | + Number of API Info objects returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIInfo' + APIInfo: + title: API info object with basic API details + type: object + properties: + name: + type: string + description: The name of the API. + example: PizzaShackAPI + version: + type: string + description: The version of the API + example: 1.0.0 + provider: + type: string + description: The provider of the API + example: admin + Environment: + title: Environment + required: + - name + - vhosts + type: object + properties: + id: + type: string + readOnly: true + example: ece92bdc-e1e6-325c-b6f4-656208a041e9 + name: + maxLength: 255 + minLength: 1 + pattern: '^[a-zA-Z0-9_-]+$' + type: string + example: us-region + displayName: + maxLength: 255 + minLength: 1 + type: string + example: US Region + provider: + type: string + example: wso2 + description: + maxLength: 1023 + type: string + example: Gateway environment in US Region + isReadOnly: + type: boolean + readOnly: true + example: false + vhosts: + type: array + minItems: 1 + items: + $ref: '#/components/schemas/VHost' + endpointURIs: + type: array + items: + $ref: '#/components/schemas/GatewayEnvironmentProtocolURI' + additionalProperties: + type: array + items: + $ref: '#/components/schemas/AdditionalProperty' + EnvironmentList: + title: Environment List + type: object + properties: + count: + type: integer + description: | + Number of Environments returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Environment' + VHost: + title: Virtual Host + required: + - host + type: object + properties: + host: + maxLength: 255 + minLength: 1 + # hostname regex as per RFC 1123 (http://tools.ietf.org/html/rfc1123) and appended * + pattern: '^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$' + type: string + example: mg.wso2.com + httpContext: + maxLength: 255 + minLength: 0 + # TODO (renuka) check this regex: not allowed: (_ .) and allowed: (- /) + pattern: '^\/?([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])*$' + type: string + example: pets + httpPort: + type: integer + example: 80 + httpsPort: + type: integer + example: 443 + wsPort: + type: integer + example: 9099 + wsHost: + type: string + example: mg.wso2.com + wssPort: + type: integer + example: 8099 + wssHost: + type: string + example: mg.wso2.com + AdditionalProperty: + title: Additional Gateway Properties + type: object + properties: + key: + type: string + example: Organization + value: + type: string + example: wso2 + GatewayEnvironmentProtocolURI: + title: Gateway Environment protocols and URIs + required: + - protocol + - endpointURI + type: object + properties: + protocol: + type: string + example: default + endpointURI: + type: string + example: default + PublishStatus: + title: Usage publish status + type: object + properties: + status: + type: string + description: Status of the usage publish request + example: successfull + message: + type: string + description: detailed message of the status + example: Records published successfully + MonetizationUsagePublishInfo: + title: Usage publish status + type: object + properties: + state: + type: string + description: State of usage publish job + example: RUNNING + status: + type: string + description: Status of usage publish job + example: SUCCESSFULL + startedTime: + type: string + description: Timestamp of the started time of the Job + example: "1599196134000" + lastPublsihedTime: + type: string + description: Timestamp of the last published time + example: "1599196134000" + Workflow: + title: workflow + required: + - status + type: object + properties: + status: + type: string + description: | + This attribute declares whether this workflow task is approved or rejected. + example: APPROVED + enum: + - APPROVED + - REJECTED + attributes: + type: object + additionalProperties: + type: string + description: | + Custom attributes to complete the workflow task + example: {} + description: + type: string + example: Approve workflow request. + TenantInfo: + title: Tenant information + type: object + properties: + username: + type: string + example: john + tenantDomain: + type: string + example: carbon.super + tenantId: + type: integer + example: -1234 + description: The tenant information of the user + CustomUrlInfo: + title: Custom url information + type: object + properties: + tenantDomain: + type: string + example: carbon.super + tenantAdminUsername: + type: string + example: john@foo.com + enabled: + type: boolean + example: true + devPortal: + type: object + properties: + url: + type: string + example: http://example.com + description: The custom url information of the tenant domain + APICategory: + title: API Category + required: + - name + type: object + properties: + id: + type: string + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 255 + minLength: 1 + type: string + example: Finance + description: + maxLength: 1024 + type: string + example: Finance related APIs + numberOfAPIs: + type: integer + readOnly: true + example: 1 + APICategoryList: + title: API Category List + type: object + properties: + count: + type: integer + description: | + Number of API categories returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APICategory' + FileInfo: + title: File Information including meta data + type: object + properties: + relativePath: + type: string + description: relative location of the file (excluding the base context and + host of the Admin API) + example: api-categories/01234567-0123-0123-0123-012345678901/thumbnail + mediaType: + type: string + description: media-type of the file + example: image/jpeg + Settings: + title: Settings + type: object + properties: + scopes: + type: array + items: + type: string + keyManagerConfiguration: + type: array + items: + type: object + properties: + type: + type: string + example: default + displayName: + type: string + example: default + defaultConsumerKeyClaim: + type: string + example: azp + defaultScopesClaim: + type: string + example: scope + configurations: + type: array + items: + $ref: '#/components/schemas/KeyManagerConfiguration' + endpointConfigurations: + type: array + items: + $ref: '#/components/schemas/KeyManagerConfiguration' + analyticsEnabled: + type: boolean + description: To determine whether analytics is enabled or not + example: false + ScopeList: + title: Scope Role Mapping List + type: object + properties: + count: + type: integer + description: | + Number of scopes available for tenant. + readOnly: true + example: 60 + list: + type: array + items: + $ref: '#/components/schemas/Scope' + Scope: + title: Scope Role + type: object + properties: + tag: + type: string + description: | + Portal name. + example: publisher + name: + type: string + description: | + Scope name. + example: apim:api_publish + description: + type: string + description: | + About scope. + example: Publish API + roles: + type: array + description: | + Roles for the particular scope. + example: + - admin + - Internal/publisher + items: + type: string + KeyManagerWellKnownResponse: + title: Key Manager Well-Known Response. + type: object + properties: + valid: + type: boolean + example: true + default: false + value: + $ref: '#/components/schemas/KeyManager' + KeyManager: + title: Key Manager + required: + - name + - type + type: object + properties: + id: + type: string + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 100 + minLength: 1 + type: string + example: WSO2 Identity Server + displayName: + maxLength: 100 + type: string + description: | + display name of Key Manager to show in UI + example: WSO2 Identity Server + type: + maxLength: 45 + minLength: 1 + type: string + example: WSO2-IS + description: + maxLength: 256 + type: string + example: This is a key manager for Developers + wellKnownEndpoint: + type: string + description: | + Well-Known Endpoint of Identity Provider. + example: "" + introspectionEndpoint: + type: string + example: https://localhost:9444/oauth2/introspect + deprecated: true + clientRegistrationEndpoint: + type: string + example: https://localhost:9444/keymanager-operations/dcr/register + deprecated: true + tokenEndpoint: + type: string + example: https://localhost:9444/oauth2/token + deprecated: true + displayTokenEndpoint: + type: string + example: https://localhost:9444/oauth2/token + deprecated: true + revokeEndpoint: + type: string + example: https://localhost:9444/oauth2/revoke + deprecated: true + displayRevokeEndpoint: + type: string + example: https://localhost:9444/oauth2/revoke + deprecated: true + userInfoEndpoint: + type: string + example: https://localhost:9444/oauth2/userinfo?schema=openid + deprecated: true + authorizeEndpoint: + type: string + example: https://localhost:9444/oauth2/authorize + deprecated: true + endpoints: + type: array + items: + $ref: '#/components/schemas/KeyManagerEndpoint' + certificates: + type: object + properties: + type: + type: string + enum: + - JWKS + - PEM + value: + type: string + issuer: + type: string + example: https://localhost:9444/services + alias: + type: string + description: | + The alias of Identity Provider. + If the tokenType is EXCHANGED, the alias value should be inclusive in the audience values of the JWT token + example: https://localhost:9443/oauth2/token + scopeManagementEndpoint: + type: string + example: https://wso2is.com:9444/api/identity/oauth2/v1.0/scopes + deprecated: true + availableGrantTypes: + type: array + items: + type: string + example: client_credentials + enableTokenGeneration: + type: boolean + example: true + enableTokenEncryption: + type: boolean + example: false + default: false + enableTokenHashing: + type: boolean + example: false + default: false + enableMapOAuthConsumerApps: + type: boolean + example: false + default: false + enableOAuthAppCreation: + type: boolean + example: false + default: false + enableSelfValidationJWT: + type: boolean + example: true + default: true + claimMapping: + type: array + items: + $ref: '#/components/schemas/ClaimMappingEntry' + consumerKeyClaim: + type: string + example: azp + scopesClaim: + type: string + example: scp + tokenValidation: + type: array + items: + $ref: '#/components/schemas/TokenValidation' + enabled: + type: boolean + example: true + global: + type: boolean + example: true + additionalProperties: + type: object + properties: {} + example: + self_validate_jwt: true + Username: admin + Password: admin + tokenType: + type: string + description: The type of the tokens to be used (exchanged or without exchanged). + Accepted values are EXCHANGED, DIRECT and BOTH. + example: EXCHANGED + default: DIRECT + enum: + - EXCHANGED + - DIRECT + - BOTH + + KeyManagerEndpoint: + title: Key Manager Endpoint. + required: + - name + - value + type: object + properties: + name: + type: string + example: 'token_endpoint' + value: + type: string + example: 'https://localhost:9443/oauth2/token' + KeyManagerInfo: + title: Key Manager Info + required: + - name + - type + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: WSO2 IS + type: + type: string + example: IS + description: + type: string + example: This is a key manager for Developers + enabled: + type: boolean + example: true + isGlobal: + type: boolean + example: true + tokenType: + type: string + description: The type of the tokens to be used (exchanged or without exchanged). + Accepted values are EXCHANGED, DIRECT and BOTH. + example: EXCHANGED + default: DIRECT + enum: + - EXCHANGED + - DIRECT + - BOTH + KeyManagerConfiguration: + title: Key Manager Configuration + type: object + properties: + name: + type: string + example: consumer_key + label: + type: string + example: Consumer Key + type: + type: string + example: select + required: + type: boolean + example: true + mask: + type: boolean + example: true + multiple: + type: boolean + example: true + tooltip: + type: string + example: Entet username to connect to key manager + default: + type: object + properties: {} + example: admin + values: + type: array + items: + type: object + properties: {} + KeyManagerList: + title: Key Manager List + type: object + properties: + count: + type: integer + description: | + Number of Key managers returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/KeyManagerInfo' + ClaimMappingEntry: + title: Claim Mapping Configuration + type: object + properties: + remoteClaim: + type: string + example: http://idp.org/username + localClaim: + type: string + example: http://wso2.org/username + TokenValidation: + title: Token handling Configuration + type: object + properties: + id: + type: integer + enable: + type: boolean + example: false + default: true + type: + type: string + enum: + - REFERENCE + - JWT + - CUSTOM + value: + type: object + properties: {} + ScopeSettings: + title: Settings + type: object + properties: + name: + type: string + example: apim:subscribe + AlertTypesList: + title: Alert Types List + type: object + properties: + count: + type: integer + description: The number of alerts + example: 3 + alerts: + type: array + items: + $ref: '#/components/schemas/AlertType' + AlertType: + title: Alert Type + type: object + properties: + id: + type: string + description: The alert Id + example: "1" + name: + type: string + description: The name of the alert. + example: AbnormalResponseTime + AlertsSubscription: + title: Alerts Subscription + type: object + properties: + alerts: + type: array + items: + $ref: '#/components/schemas/AlertType' + emailList: + type: array + items: + type: string + format: email + example: admin@wso2.com + BotDetectionAlertSubscriptionList: + title: Bot Detection Alert Subscription List + type: object + properties: + count: + type: integer + description: | + Number of Bot Detection Alert Subscriptions returned. + example: 3 + list: + type: array + items: + $ref: '#/components/schemas/BotDetectionAlertSubscription' + BotDetectionAlertSubscription: + title: Bot Detection Alert Subscription + required: + - email + type: object + properties: + uuid: + type: string + description: UUID of the subscription + example: urn:uuid:1ed6d2de-29df-4fed-a96a-46d2329dce65 + email: + type: string + description: email + example: abc@gmail.com + WorkflowList: + title: WorkflowList + type: object + properties: + count: + type: integer + description: | + Number of workflow processes returned. + example: 1 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + example: /workflows?limit=1&offset=2&user= + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + example: /workflows?limit=1&offset=0&user= + list: + type: array + items: + $ref: '#/components/schemas/WorkflowInfo' + WorkflowInfo: + title: Workflow info object with basic workflow details + type: object + properties: + workflowType: + type: string + description: | + Type of the Workflow Request. It shows which type of request is it. + example: APPLICATION_CREATION + enum: + - APPLICATION_CREATION + - SUBSCRIPTION_CREATION + - USER_SIGNUP + - APPLICATION_REGISTRATION_PRODUCTION + - APPLICATION_REGISTRATION_SANDBOX + - APPLICATION_DELETION + - API_STATE + - API_PRODUCT_STATE + - SUBSCRIPTION_DELETION + - SUBSCRIPTION_UPDATE + workflowStatus: + type: string + description: | + Show the Status of the the workflow request whether it is approved or created. + example: APPROVED + enum: + - APPROVED + - CREATED + createdTime: + type: string + description: | + Time of the the workflow request created. + example: 2020-02-10 10:10:19.704 + updatedTime: + type: string + description: | + Time of the the workflow request updated. + example: 2020-02-10 10:10:19.704 + referenceId: + type: string + description: | + Workflow external reference is used to identify the workflow requests uniquely. + example: 5871244b-d6f3-466e-8995-8accd1e64303 + properties: + type: object + properties: {} + description: + type: string + description: | + description is a message with basic details about the workflow request. + example: Approve application [APP1] creation request from application creator + - admin with throttling tier - 10MinPer + WorkflowResponse: + title: workflow Response + required: + - workflowStatus + type: object + properties: + workflowStatus: + type: string + description: | + This attribute declares whether this workflow task is approved or rejected. + example: APPROVED + enum: + - CREATED + - APPROVED + - REJECTED + - REGISTERED + jsonPayload: + type: string + description: | + Attributes that returned after the workflow execution + BotDetectionDataList: + title: Bot Detection Data List + type: object + properties: + count: + type: integer + description: | + Number of Bot Detection Data returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/BotDetectionData' + BotDetectionData: + title: Bot Detection Data + type: object + properties: + recordedTime: + type: integer + description: The time of detection + format: int64 + example: 1591734138413 + messageID: + type: string + description: The message ID + example: urn:uuid:1ed6d2de-29df-4fed-a96a-46d2329dce65 + apiMethod: + type: string + description: The api method + example: GET + headerSet: + type: string + description: The header set + example: '[Accept=*/*, Host=localhost:8243, User-Agent=curl/7.58.0]' + messageBody: + type: string + description: The content of the message body + example: + clientIp: + type: string + description: The IP of the client + example: 127.0.0.1 + RoleAliasList: + title: Role alias list + type: object + properties: + count: + type: integer + description: The number of role aliases + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/RoleAlias' + RoleAlias: + title: Role alias + type: object + properties: + role: + type: string + description: The original role + example: Internal/subscriber + aliases: + type: array + description: The role mapping for role alias + example: + - Subscriber + - Internal/subscriber + items: + type: string + Pagination: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 1 + total: + type: integer + example: 10 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + example: "" + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + example: "" + responses: + BadRequest: + description: Bad Request. Invalid request or validation error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + Conflict: + description: Conflict. Specified resource already exists. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 409 + message: Conflict + description: Specified resource already exists + moreInfo: "" + error: [] + Forbidden: + description: Forbidden. The request must be conditional but no condition has + been specified. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has been + specified + moreInfo: "" + error: [] + InternalServerError: + description: Internal Server Error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + NotAcceptable: + description: Not Acceptable. The requested media type is not supported. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + NotFound: + description: Not Found. The specified resource does not exist. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + PayloadTooLarge: + description: Payload Too Large. Request entity is larger than limits defined + by server. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 413 + message: Payload Too Large + description: Request entity is larger than limits defined by server + moreInfo: "" + error: [] + PreconditionFailed: + description: Precondition Failed. The request has not been performed because + one of the preconditions is not met. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 412 + message: Precondition Failed + description: The request has not been performed because one of the preconditions + is not met + moreInfo: "" + error: [] + Unauthorized: + description: Unauthorized. The user is not authorized. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 401 + message: Unauthorized + description: The user is not authorized + moreInfo: "" + error: [] + UnsupportedMediaType: + description: Unsupported Media Type. The entity of the request was not in a + supported format. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 415 + message: Unsupported media type + description: The entity of the request was not in a supported format + moreInfo: "" + error: [] + parameters: + username: + name: username + in: query + description: | + username of the new application owner + required: true + schema: + type: string + scopeName: + name: scopeName + in: path + description: | + scope name to be validated + required: true + schema: + type: string + environmentId: + name: environmentId + in: path + description: | + Environment UUID (or Environment name defined in config) + required: true + schema: + type: string + policyId: + name: policyId + in: path + description: | + Thorttle policy UUID + required: true + schema: + type: string + ruleId: + name: ruleId + in: path + description: | + Custom rule UUID + required: true + schema: + type: string + applicationId: + name: applicationId + in: path + description: | + Application UUID + required: true + schema: + type: string + conditionId: + name: conditionId + in: path + description: | + Blocking condition identifier + required: true + schema: + type: string + Accept: + name: Accept + in: header + description: | + Media types acceptable for the response. Default is application/json. + schema: + type: string + default: application/json + Content-Type: + name: Content-Type + in: header + description: | + Media type of the entity in the body. Default is application/json. + required: true + schema: + type: string + default: application/json + limit: + name: limit + in: query + description: | + Maximum size of resource array to return. + schema: + type: integer + default: 25 + offset: + name: offset + in: query + description: | + Starting point within the complete list of items qualified. + schema: + type: integer + default: 0 + user: + name: user + in: query + description: | + username of the application creator + schema: + type: string + workflowReferenceId-Q: + name: workflowReferenceId + in: query + description: | + Workflow reference id + required: true + schema: + type: string + apiCategoryId: + name: apiCategoryId + in: path + description: | + API Category UUID + required: true + schema: + type: string + keyManagerId: + name: keyManagerId + in: path + description: | + Key Manager UUID + required: true + schema: + type: string + roleId: + name: roleId + in: path + description: | + The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be + derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be + derived as Base64URLEncode({user-store-name}/{role-name}). + required: true + schema: + type: string + securitySchemes: + OAuth2Security: + type: oauth2 + flows: + password: + tokenUrl: https://localhost:9443/oauth2/token + scopes: + openid: Authorize access to user details + apim:admin: Manage all admin operations + apim:tier_view: View throttling policies + apim:tier_manage: Update and delete throttling policies + apim:bl_view: View deny policies + apim:bl_manage: Update and delete deny policies + apim:mediation_policy_view: View mediation policies + apim:mediation_policy_create: Create and update mediation policies + apim:app_owner_change: Retrieve and manage applications + apim:app_import_export: Import and export applications related operations + apim:api_import_export: Import and export APIs related operations + apim:api_product_import_export: Import and export API Products related + operations + apim:environment_manage: Manage gateway environments + apim:environment_read: Retrieve gateway environments + apim:monetization_usage_publish: Retrieve and publish Monetization related + usage records + apim:api_workflow_approve: Manage workflows + apim:bot_data: Retrieve bot detection data + apim:tenantInfo: Retrieve tenant related information + apim:tenant_theme_manage: Manage tenant themes + apim:admin_operations: Manage API categories and Key Managers related + operations + apim:admin_settings: Retrieve admin settings + apim:admin_alert_manage: Manage admin alerts + apim:api_workflow_view: Retrive workflow requests + apim:scope_manage: Manage system scopes + apim:role_manage: Manage system roles + apim:admin_application_view: View Applications diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/resources/devportal-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/resources/devportal-api.yaml new file mode 100644 index 000000000000..321b62fff472 --- /dev/null +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/resources/devportal-api.yaml @@ -0,0 +1,5787 @@ +# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################################ +openapi: 3.0.1 +info: + title: WSO2 API Manager - Developer Portal + description: | + This document specifies a **RESTful API** for WSO2 **API Manager** - **Developer Portal**. + Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. + + # Authentication + The Developer Portal REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking + the API, you need to obtain an access token with the required scopes. This guide will walk you through the steps + that you will need to follow to obtain an access token. + First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types + in the payload. A Sample payload is shown below. + ``` + { + "callbackUrl":"www.google.lk", + "clientName":"rest_api_devportal", + "owner":"admin", + "grantType":"client_credentials password refresh_token", + "saasApp":true + } + ``` + Create a file (payload.json) with the above sample payload, and use the cURL shown below to invoke the DCR endpoint. Authorization header of this should contain the + base64 encoded admin username and password. + **Format of the request** + ``` + curl -X POST -H "Authorization: Basic Base64(admin_username:admin_password)" -H "Content-Type: application/json" + \ -d @payload.json https://:/client-registration/v0.17/register + ``` + **Sample request** + ``` + curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" + \ -d @payload.json https://localhost:9443/client-registration/v0.17/register + ``` + Following is a sample response after invoking the above curl. + ``` + { + "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", + "clientName": "rest_api_devportal", + "callBackURL": "www.google.lk", + "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", + "isSaasApplication": true, + "appOwner": "admin", + "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.google.lk\",\"client_name\":\"rest_api_devportal\"}", + "jsonAppAttribute": "{}", + "tokenType": null + } + ``` + Next you must use the above client id and secret to obtain the access token. + We will be using the password grant type for this, you can use any grant type you desire. + You also need to add the proper **scope** when getting the access token. All possible scopes for devportal REST API can be viewed in **OAuth2 Security** section + of this document and scope for each resource is given in **authorization** section of resource documentation. + Following is the format of the request if you are using the password grant type. + ``` + curl -k -d "grant_type=password&username=&password=&scope=" + \ -H "Authorization: Basic base64(cliet_id:client_secret)" + \ https://:/oauth2/token + ``` + **Sample request** + ``` + curl https://localhost:9443/oauth2/token -k \ + -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ + -d "grant_type=password&username=admin&password=admin&scope=apim:subscribe apim:api_key" + ``` + Shown below is a sample response to the above request. + ``` + { + "access_token": "e79bda48-3406-3178-acce-f6e4dbdcbb12", + "refresh_token": "a757795d-e69f-38b8-bd85-9aded677a97c", + "scope": "apim:subscribe apim:api_key", + "token_type": "Bearer", + "expires_in": 3600 + } + ``` + Now you have a valid access token, which you can use to invoke an API. + Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. + If you use a different authentication mechanism, this process may change. + + # Try out in Postman + If you want to try-out the embedded postman collection with "Run in Postman" option, please follow the guidelines listed below. + * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. + * Make sure you have an API Manager instance up and running. + * Update the `basepath` parameter to match the hostname and port of the APIM instance. + + [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/5bc0161b8aa7e701d7bf) + contact: + name: WSO2 + url: http://wso2.com/products/api-manager/ + email: architecture@wso2.com + license: + name: Apache 2.0 + url: http://www.apache.org/licenses/LICENSE-2.0.html + version: v2.1 +servers: + - url: https://apis.wso2.com/api/am/devportal/v2 +###################################################### +# The "API Collection" resource APIs +###################################################### +paths: + /apis: + get: + tags: + - APIs + summary: | + Retrieve/Search APIs + description: | + This operation provides you a list of available APIs qualifying under a given search condition. + + Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. + + This operation supports retrieving APIs of other tenants. The required tenant domain need to be specified as a header `X-WSO2-Tenant`. If not specified super tenant's APIs will be retrieved. If you used an Authorization header, the user's tenant associated with the access token will be used. + + **NOTE:** + * By default, this operation retrieves Published APIs. In order to retrieve Prototyped APIs, you need to use **query** parameter and specify **status:PROTOTYPED**. + * This operation does not require an Authorization header by default. But if it is provided, it will be validated and checked for permissions of the user, hence you may be able to see APIs which are restricted for special permissions/roles. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + - name: query + in: query + description: | + **Search condition**. + + You can search in attributes by using an **":"** modifier. + + Eg. + "provider:wso2" will match an API if the provider of the API is exactly "wso2". + + Additionally you can use wildcards. + + Eg. + "provider:wso2*" will match an API if the provider of the API starts with "wso2". + + Supported attribute modifiers are [**version, context, status, + description, doc, provider, tag**] + + If no advanced attribute modifier has been specified, search will match the + given query string against API Name. + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of qualifying APIs is returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis" + x-examples: + $ref: docs/examples/apis/apis.yaml#/get + + /apis/{apiId}: + get: + tags: + - APIs + summary: | + Get Details of an API + description: | + Using this operation, you can retrieve complete details of a single API. You need to provide the Id of the API to retrive it. + + `X-WSO2-Tenant` header can be used to retrieve an API of a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + + **NOTE:** + * This operation does not require an Authorization header by default. But if it is provided, it will be validated and checked for permissions of the user, hence you may be able to see APIs which are restricted for special permissions/roles. \n + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed" + + /apis/{apiId}/swagger: + get: + tags: + - APIs + summary: | + Get Swagger Definition + description: | + You can use this operation to retrieve the swagger definition of an API. + + `X-WSO2-Tenant` header can be used to retrieve the swagger definition an API of a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's swagger definition, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/environmentName' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Requested swagger document of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + type: string + example: '{ "swagger" : "2.0", "info" : { "version" : "1.0", "title" + : "PhoneVerification" }, "host" : "localhost:8243", "basePath" : + "/phoneverify/1.0", "schemes" : [ "https", "http" ], "security" + : [ { "default" : [ ] } ], "paths" : { "/*" : { "post" : { "consumes" + : [ "text/xml", "application/soap+xml" ], "parameters" : [ { "in" + : "body", "name" : "SOAP Request", "description" : "SOAP request.", + "required" : true, "schema" : { "type" : "string" } }, { "name" + : "SOAPAction", "in" : "header", "description" : "SOAPAction header + for soap 1.1", "required" : false, "type" : "string" } ], "responses" + : { "200" : { "description" : "OK" } }, "security" : [ { "default" + : [ ] } ], "x-auth-type" : "Application & Application User", "x-throttling-tier" + : "Unlimited" } } }, "securityDefinitions" : { "default" : { "type" + : "oauth2", "authorizationUrl" : "https://localhost:8243/authorize", + "flow" : "implicit" } } }' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/swagger" + + /apis/{apiId}/graphql-schema: + get: + tags: + - APIs + summary: | + Get GraphQL Definition + description: | + You can use this operation to retrieve the swagger definition of an API. + + `X-WSO2-Tenant` header can be used to retrieve the swagger definition an API of a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's swagger definition, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Requested swagger document of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/graphql-schema" + + /apis/{apiId}/sdks/{language}: + get: + tags: + - SDKs + summary: | + Generate a SDK for an API + description: | + This operation can be used to generate SDKs (System Development Kits), for the APIs available in the API Developer Portal, for a requested development language. + parameters: + - $ref: '#/components/parameters/apiId' + - name: language + in: path + description: | + Programming language of the SDK that is required. + required: true + schema: + type: string + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + SDK generated successfully. + content: + application/zip: + schema: + type: string + format: byte + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/sdks/java" + > Swagger Petstore_java_1.0.0.zip + + /apis/{apiId}/wsdl: + get: + tags: + - APIs + summary: Get API WSDL definition + description: | + This operation can be used to retrieve the swagger definition of an API. + operationId: getWSDLOfAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/environmentName' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Requested WSDL document of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/wsdl" + x-examples: + $ref: docs/examples/apis/wsdl/apiId_wsdl_get.yaml + + ###################################################### + # The "Document Collection" resource APIs + ###################################################### + /apis/{apiId}/documents: + get: + tags: + - API Documents + summary: | + Get a List of Documents of an API + description: | + This operation can be used to retrive a list of documents belonging to an API by providing the id of the API. + + `X-WSO2-Tenant` header can be used to retrive documents of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's documents, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document list is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/DocumentList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents" + + ###################################################### + # The "Individual Document" resource APIs + ###################################################### + /apis/{apiId}/documents/{documentId}: + get: + tags: + - API Documents + summary: | + Get a Document of an API + description: | + This operation can be used to retrieve a particular document's metadata associated with an API. + + `X-WSO2-Tenant` header can be used to retrive a document of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's document, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents/850a4f34-db2c-4d23-9d85-3f95fbfb082c" + + /apis/{apiId}/documents/{documentId}/content: + get: + tags: + - API Documents + summary: | + Get the Content of an API Document + description: | + This operation can be used to retrive the content of an API's document. + + The document can be of 3 types. In each cases responses are different. + + 1. **Inline type**: + The content of the document will be retrieved in `text/plain` content type + 2. **FILE type**: + The file will be downloaded with the related content type (eg. `application/pdf`) + 3. **URL type**: + The client will recieve the URL of the document as the Location header with the response with - `303 See Other` + + `X-WSO2-Tenant` header can be used to retrive the content of a document of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's document content, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + File or inline content returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: {} + 303: + description: | + See Other. + Source can be retrived from the URL specified at the Location header. + headers: + Location: + description: | + The Source URL of the document. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content" + + /apis/{apiId}/thumbnail: + get: + tags: + - APIs + summary: Get Thumbnail Image + description: | + This operation can be used to download a thumbnail image of an API. + + `X-WSO2-Tenant` header can be used to retrive a thumbnail of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's thumbnail, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Thumbnail image returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/thumbnail" + + /apis/{apiId}/ratings: + get: + tags: + - Ratings + summary: Retrieve API Ratings + description: | + This operation can be used to retrieve the list of ratings of an API. + + `X-WSO2-Tenant` header can be used to retrieve ratings of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Rating list returned. + content: + application/json: + schema: + $ref: '#/components/schemas/RatingList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/ratings" + x-examples: + $ref: docs/examples/apis/apis_id_ratings_get.yaml + + /apis/{apiId}/user-rating: + get: + tags: + - Ratings + summary: Retrieve API Rating of User + description: | + This operation can be used to get the user rating of an API. + + `X-WSO2-Tenant` header can be used to retrieve the logged in user rating of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Rating returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Rating' + 304: + description: | + Not Modified. + Empty body because the client already has the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/user-rating" + x-examples: + $ref: docs/examples/apis/apis_id_user-rating.yaml#/get + + put: + tags: + - Ratings + summary: Add or Update Logged in User's Rating for an API + description: | + This operation can be used to add or update an API rating. + + `X-WSO2-Tenant` header can be used to add or update the logged in user rating of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Rating object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Rating' + required: true + responses: + 200: + description: | + OK. + Successful response with the newly created or updated object as entity in the body. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Rating' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/user-rating"' + x-examples: + $ref: docs/examples/apis/apis_id_user-rating.yaml#/put + + delete: + tags: + - Ratings + summary: Delete User API Rating + description: | + This operation can be used to delete logged in user API rating. + + `X-WSO2-Tenant` header can be used to delete the logged in user rating of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/user-rating" + x-examples: + $ref: docs/examples/apis/apis_id_user-rating.yaml#/delete + + /apis/{apiId}/comments: + get: + tags: + - Comments + summary: Retrieve API Comments + description: | + Get a list of Comments that are already added to APIs + operationId: getAllCommentsOfAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/includeCommenterInfo' + responses: + 200: + description: | + OK. + Comments list is returned. + content: + application/json: + schema: + $ref: '#/components/schemas/CommentList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments" + x-examples: + $ref: docs/examples/apis/comments.yaml#/get + + post: + tags: + - Comments + summary: Add an API Comment + operationId: addCommentToAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/parentCommentID' + requestBody: + description: | + Comment object that should to be added + content: + application/json: + schema: + title: Post request body + type: object + properties: + content: + type: string + maxLength: 512 + description: | + Content of the comment + example: This is a comment + category: + type: string + description: | + Category of the comment + example: general + required: + - content + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created Comment. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments"' + x-examples: + $ref: docs/examples/apis/comments.yaml#/post + + /apis/{apiId}/comments/{commentId}: + get: + tags: + - Comments + summary: Get Details of an API Comment + description: | + Get the individual comment given by a username for a certain API. + operationId: getCommentOfAPI + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/includeCommenterInfo' + - $ref: '#/components/parameters/replyLimit' + - $ref: '#/components/parameters/replyOffset' + responses: + 200: + description: | + OK. + Comment returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" + x-examples: + $ref: docs/examples/apis/comment_id-comments.yaml#/get + + patch: + tags: + - Comments + summary: Edit a comment + description: | + Edit the individual comment + operationId: editCommentOfAPI + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + requestBody: + description: | + Comment object that should to be updated + content: + application/json: + schema: + title: Patch request body + type: object + properties: + content: + type: string + maxLength: 512 + description: | + Content of the comment + example: This is a comment + category: + type: string + description: | + Category of the comment + example: general + required: true + responses: + 200: + description: | + OK. + Comment updated. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created Comment. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 403: + description: | + Forbidden. + The request must be conditional but no condition has been specified. + 404: + $ref: '#/components/responses/NotFound' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -X PATCH -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/store/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' + x-examples: + $ref: docs/examples/apis/comments.yaml#/post + + delete: + tags: + - Comments + summary: Delete an API Comment + description: | + Remove a Comment + operationId: deleteComment + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 401: + $ref: '#/components/responses/Unauthorized' + 403: + description: | + Forbidden. + The request must be conditional but no condition has been specified. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 405: + description: | + MethodNotAllowed. + Request method is known by the server but is not supported by the target resource. + content: {} + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:subscribe + - apim:admin # special scope added to moderate comments + x-code-samples: + - lang: Curl + source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" + x-examples: + $ref: docs/examples/apis/comment_id-comments.yaml#/delete + + /apis/{apiId}/comments/{commentId}/replies: + get: + tags: + - Comments + summary: Get replies of a comment + description: | + Get replies of a comment + operationId: getRepliesOfComment + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/includeCommenterInfo' + responses: + 200: + description: | + OK. + Comment returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CommentList' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/store/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4/replies" + x-examples: + $ref: docs/examples/apis/comment_id-comments.yaml#/get + + /apis/{apiId}/topics: + get: + tags: + - Topics + summary: | + Get a list of available topics for a given async API + description: | + This operation will provide a list of topics available for a given Async API, based on the provided API ID. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Topic list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TopicList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/store/v1/topics/5b65808c-cdf2-43e1-a695-de63e3ad0ae9" + + /apis/{apiId}/subscription-policies: + get: + tags: + - APIs + summary: | + Get Details of the Subscription Throttling Policies of an API + description: | + This operation can be used to retrieve details of the subscription throttling policy of an API by specifying the API Id. + + `X-WSO2-Tenant` header can be used to retrive API subscription throttling policies that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Throttling Policy returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ThrottlingPolicy' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/268c9e55-3dc1-4f47-82e7-977e5343d077/subscription-policies" + + ###################################################### + # The "Application Collection" resource APIs + ###################################################### + /applications: + get: + tags: + - Applications + summary: | + Retrieve/Search Applications + description: | + This operation can be used to retrieve list of applications that is belonged to the user associated with the provided access token. + parameters: + - $ref: '#/components/parameters/groupId' + - name: query + in: query + description: | + **Search condition**. + + You can search for an application by specifying the name as "query" attribute. + + Eg. + "app1" will match an application if the name is exactly "app1". + + Currently this does not support wildcards. Given name must exactly match the application name. + schema: + type: string + - name: sortBy + in: query + schema: + type: string + enum: + - name + - throttlingPolicy + - status + - name: sortOrder + in: query + schema: + type: string + enum: + - asc + - desc + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Application list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + - apim:app_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/applications"' + + post: + tags: + - Applications + summary: | + Create a New Application + description: | + This operation can be used to create a new application specifying the details of the application in the payload. + requestBody: + description: | + Application object that is to be created. + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request + schema: + type: string + Location: + description: | + Location of the newly created Application. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the newly created Application. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 400: + $ref: '#/components/responses/BadRequest' + 409: + $ref: '#/components/responses/Conflict' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications"' + + ###################################################### + # The "Individual Application" resource APIs + ###################################################### + /applications/{applicationId}: + get: + tags: + - Applications + summary: | + Get Details of an Application + description: | + This operation can be used to retrieve details of an individual application specifying the application id in the URI. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Application returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015"' + + put: + tags: + - Applications + summary: | + Update an Application + description: | + This operation can be used to update an application. Upon succesfull you will retrieve the updated application as the response. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + Application object that needs to be updated + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + required: true + responses: + 200: + description: | + OK. + Application updated. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015"' + + delete: + tags: + - Applications + summary: | + Remove an Application + description: | + This operation can be used to remove an application specifying its id. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the existing Application. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + - apim:app_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -X DELETE "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015"' + + /applications/{applicationId}/generate-keys: + post: + tags: + - Application Keys + summary: Generate Application Keys + description: | + Generate keys (Consumer key/secret) for application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Application key generation request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyGenerateRequest' + required: true + responses: + 200: + description: | + OK. + Keys are generated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/generate-keys"' + + /applications/{applicationId}/map-keys: + post: + tags: + - Application Keys + summary: Map Application Keys + description: | + Map keys (Consumer key/secret) to an application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Application key mapping request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyMappingRequest' + required: true + responses: + 200: + description: | + OK. + Keys are mapped. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/map-keys"' + + /applications/{applicationId}/keys: + get: + tags: + - Application Keys + summary: Retrieve All Application Keys + description: | + Retrieve keys (Consumer key/secret) of application + parameters: + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Keys are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyList' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys"' + + /applications/{applicationId}/keys/{keyType}: + get: + tags: + - Application Keys + summary: | + Get Key Details of a Given Type + description: | + This operation can be used to retrieve key details of an individual application specifying the key type in the URI. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/groupId' + responses: + 200: + description: | + OK. + Keys of given type are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION"' + + put: + tags: + - Application Keys + summary: | + Update Grant Types and Callback Url of an Application + description: | + This operation can be used to update grant types and callback url of an application. (Consumer Key and Consumer Secret are ignored) Upon succesfull you will retrieve the updated key details as the response. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + requestBody: + description: | + Grant types/Callback URL update request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + required: true + responses: + 200: + description: | + Ok. + Grant types or/and callback url is/are updated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION"' + + /applications/{applicationId}/keys/{keyType}/regenerate-secret: + post: + tags: + - Application Keys + summary: | + Re-Generate Consumer Secret + description: | + This operation can be used to re generate consumer secret for an application for the give key type + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + responses: + 200: + description: | + OK. + Keys are re generated. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future).‚ + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyReGenerateResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION/regenerate-secret"' + + /applications/{applicationId}/keys/{keyType}/clean-up: + post: + tags: + - Application Keys + summary: Clean-Up Application Keys + description: | + Clean up keys after failed key generation of an application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Clean up is performed + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION/clean-up"' + + /applications/{applicationId}/keys/{keyType}/generate-token: + post: + tags: + - Application Tokens + summary: Generate Application Token + description: | + Generate an access token for application by client_credentials grant type + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + Application token generation request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationTokenGenerateRequest' + required: true + responses: + 200: + description: | + OK. + Token is generated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationToken' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/keys/PRODUCTION/generate-token"' + + /applications/{applicationId}/oauth-keys: + get: + tags: + - Application Keys + summary: Retrieve All Application Keys + description: | + Retrieve keys (Consumer key/secret) of application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Keys are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyList' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys"' + + /applications/{applicationId}/oauth-keys/{keyMappingId}: + get: + tags: + - Application Keys + summary: | + Get Key Details of a Given Type + description: | + This operation can be used to retrieve key details of an individual application specifying the key type in the URI. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + - $ref: '#/components/parameters/groupId' + responses: + 200: + description: | + OK. + Keys of given type are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584"' + + put: + tags: + - Application Keys + summary: | + Update Grant Types and Callback URL of an Application + description: | + This operation can be used to update grant types and callback url of an application. (Consumer Key and Consumer Secret are ignored) Upon succesfull you will retrieve the updated key details as the response. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + requestBody: + description: | + Grant types/Callback URL update request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + required: true + responses: + 200: + description: | + Ok. + Grant types or/and callback url is/are updated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584"' + + /applications/{applicationId}/oauth-keys/{keyMappingId}/regenerate-secret: + post: + tags: + - Application Keys + summary: | + Re-Generate Consumer Secret + description: | + This operation can be used to re generate consumer secret for an application for the give key type + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + responses: + 200: + description: | + OK. + Keys are re generated. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future).‚ + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyReGenerateResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584/regenerate-secret"' + + /applications/{applicationId}/oauth-keys/{keyMappingId}/clean-up: + post: + tags: + - Application Keys + summary: Clean-Up Application Keys + description: | + Clean up keys after failed key generation of an application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Clean up is performed + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584/clean-up"' + + /applications/{applicationId}/oauth-keys/{keyMappingId}/generate-token: + post: + tags: + - Application Tokens + summary: Generate Application Token + description: | + Generate an access token for application by client_credentials grant type + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + Application token generation request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationTokenGenerateRequest' + required: true + responses: + 200: + description: | + OK. + Token is generated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationToken' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/{keyMappingId}/generate-token"' + + /applications/{applicationId}/api-keys/{keyType}/generate: + post: + tags: + - API Keys + summary: Generate API Key + description: | + Generate a self contained API Key for the application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + API Key generation request object + content: + application/json: + schema: + $ref: '#/components/schemas/APIKeyGenerateRequest' + required: false + responses: + 200: + description: | + OK. + apikey generated. + content: + application/json: + schema: + $ref: '#/components/schemas/APIKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + - apim:api_key + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/api-keys/PRODUCTION/generate"' + + /applications/{applicationId}/api-keys/{keyType}/revoke: + post: + tags: + - API Keys + summary: Revoke API Key + description: | + Revoke a self contained API Key for the application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + API Key revoke request object + content: + application/json: + schema: + $ref: '#/components/schemas/APIKeyRevokeRequest' + required: false + responses: + 200: + description: | + OK. + apikey revoked successfully. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:app_manage + - apim:api_key + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/api-keys/PRODUCTION/revoke"' + + /applications/export: + get: + tags: + - Import Export + summary: Export an Application + description: | + This operation can be used to export the details of a particular application as a zip file. + parameters: + - name: appName + in: query + description: | + Application Name + required: true + schema: + type: string + - name: appOwner + in: query + description: | + Owner of the Application + required: true + schema: + type: string + - name: withKeys + in: query + description: | + Export application keys + schema: + type: boolean + - name: format + in: query + description: | + Format of output documents. Can be YAML or JSON. + schema: + type: string + enum: + - JSON + - YAML + responses: + 200: + description: | + OK. + Export Successful. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/zip: + schema: + type: string + format: binary + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:app_import_export + x-code-samples: + - lang: Shell + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/devportal/v2/applications/import?appName=sampleApp&appOwner=admin&withKeys=true" + > exportedApplication.zip' + + /applications/import: + post: + tags: + - Application (Individual) + summary: Import an Application + description: | + This operation can be used to import an application. + parameters: + - name: preserveOwner + in: query + description: | + Preserve Original Creator of the Application + schema: + type: boolean + - name: skipSubscriptions + in: query + description: | + Skip importing Subscriptions of the Application + schema: + type: boolean + - name: appOwner + in: query + description: | + Expected Owner of the Application in the Import Environment + schema: + type: string + - name: skipApplicationKeys + in: query + description: | + Skip importing Keys of the Application + schema: + type: boolean + - name: update + in: query + description: | + Update if application exists + schema: + type: boolean + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: | + Zip archive consisting of exported Application Configuration. + format: binary + required: true + responses: + 200: + description: | + OK. + Successful response with the updated object information as entity in the body. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationInfo' + 207: + description: | + Multi Status. + Partially successful response with skipped APIs information object as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/APIInfoList' + 400: + $ref: '#/components/responses/BadRequest' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:app_import_export + x-code-samples: + - lang: Shell + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@exportedApplication.zip "https://127.0.0.1:9443/api/am/devportal/v2/applications/import?preserveOwner=true&skipSubscriptions=false&appOwner=admin&skipApplicationKeys=false&update=true"' + + ###################################################### + # The "Subscription Collection" resource APIs + ###################################################### + /subscriptions: + get: + tags: + - Subscriptions + summary: | + Get All Subscriptions + description: | + This operation can be used to retrieve a list of subscriptions of the user associated with the provided access token. This operation is capable of + + 1. Retrieving applications which are subscibed to a specific API. + `GET https://localhost:9443/api/am/devportal/v2/subscriptions?apiId=c43a325c-260b-4302-81cb-768eafaa3aed` + + 2. Retrieving APIs which are subscribed by a specific application. + `GET https://localhost:9443/api/am/devportal/v2/subscriptions?applicationId=c43a325c-260b-4302-81cb-768eafaa3aed` + + **IMPORTANT:** + * It is mandatory to provide either **apiId** or **applicationId**. + parameters: + - $ref: '#/components/parameters/apiId-Q' + - $ref: '#/components/parameters/applicationId-Q' + - $ref: '#/components/parameters/groupId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Subscription list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:subscribe + - apim:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/subscriptions?apiId=02e658e7-71c7-4b1d-a623-be145b789340"' + + post: + tags: + - Subscriptions + summary: | + Add a New Subscription + description: | + This operation can be used to add a new subscription providing the id of the API and the application. + parameters: + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Subscription object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the newly created subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:subscribe + - apim:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/subscriptions"' + + /subscriptions/multiple: + post: + tags: + - Subscriptions + summary: | + Add New Subscriptions + description: | + This operation can be used to add a new subscriptions providing the ids of the APIs and the applications. + parameters: + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Subscription objects that should to be added + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Subscription' + required: true + responses: + 200: + description: | + OK. + Successful response with the newly created objects as entity in the body. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Subscription' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:subscribe + - apim:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/subscriptions/multiple"' + + ###################################################### + # The "Subscriptions related to API" resource API + ###################################################### + /subscriptions/{apiId}/additionalInfo: + get: + tags: + - Subscriptions + summary: Get Additional Information of subscriptions attached to an API. + description: | + This operation can be used to retrieve all additional Information of subscriptions attached to an API by providing the API id. + operationId: getAdditionalInfoOfAPISubscriptions + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/groupId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Types and fields returned successfully. + headers: + Content-Type: + description: | + The content of the body. + schema: + type: string + default: application/json + content: + application/json: + schema: + $ref: '#/components/schemas/AdditionalSubscriptionInfoList' + 404: + description: | + Not Found. + Retrieving types and fields failed. + content: {} + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/subscriptions/e93fb282-b456-48fc-8981-003fb89086ae/additionalInfo" + + ###################################################### + # The "Individual Subscription" resource APIs + ###################################################### + /subscriptions/{subscriptionId}: + get: + tags: + - Subscriptions + summary: | + Get Details of a Subscription + description: | + This operation can be used to get details of a single subscription. + parameters: + - $ref: '#/components/parameters/subscriptionId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Subscription returned + headers: + ETag: + description: Entity Tag of the response resource. Used by caches, or + in conditional requests. + schema: + type: string + Last-Modified: + description: Date and time the resource has been modifed the last time. + Used by caches, or in conditional reuquests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:subscribe + - apim:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9"' + + put: + tags: + - Subscriptions + summary: | + Update Existing Subscription + description: | + This operation can be used to update a subscription providing the subscription id, api id, application Id, status and updated throttling policy tier. + parameters: + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/subscriptionId' + requestBody: + description: | + Subscription object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + required: true + responses: + 200: + description: | + Subscription Updated. + Successful response with the updated object as entity in the body. + Location header contains URL of newly updates entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the updated subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the updated subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + description: | + Not Found. + Requested Subscription does not exist. + content: {} + 415: + description: | + Unsupported media type. + The entity of the request was in a not supported format. + content: {} + security: + - OAuth2Security: + - apim:subscribe + - apim:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/v2/subscriptions/80369180-7d90-4ee8-99a1-19fa68512aa5"' + + delete: + tags: + - Subscriptions + summary: | + Remove a Subscription + description: | + This operation can be used to remove a subscription. + parameters: + - $ref: '#/components/parameters/subscriptionId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the existing subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscribe + - apim:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X DELETE "https://localhost:9443/api/am/devportal/v2/subscriptions/80369180-7d90-4ee8-99a1-19fa68512aa5"' + x-wso2-curl: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -X DELETE "https://localhost:9443/api/am/devportal/v2/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9"' + x-wso2-request: | + DELETE https://localhost:9443/api/am/devportal/v2/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9 + x-wso2-response: HTTP/1.1 200 OK + + /subscriptions/{subscriptionId}/usage: + get: + tags: + - API Monetization + summary: Get Details of a Pending Invoice for a Monetized Subscription with + Metered Billing. + description: | + This operation can be used to get details of a pending invoice for a monetized subscription with metered billing. + parameters: + - $ref: '#/components/parameters/subscriptionId' + responses: + 200: + description: | + OK. + Details of a pending invoice returned. + headers: + ETag: + description: Entity Tag of the response resource. Used by caches, or + in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIMonetizationUsage' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:subscribe + - apim:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9/usage"' + + ###################################################### + # The "Throttling Policy Collection" resource APIs + ###################################################### + /throttling-policies/{policyLevel}: + get: + tags: + - Throttling Policies + summary: Get All Available Throttling Policies + description: | + Get available Throttling Policies + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/policyLevel' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + List of throttling policies returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ThrottlingPolicyList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/throttling-policies/application" + + ###################################################### + # The "Individual Throttling Policy" resource APIs + ###################################################### + /throttling-policies/{policyLevel}/{policyId}: + get: + tags: + - Throttling Policies + summary: | + Get Details of a Throttling Policy + description: | + This operation can be used to retrieve details of a single throttling policy by specifying the policy level and policy name. + + `X-WSO2-Tenant` header can be used to retrive throttling policy that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + parameters: + - $ref: '#/components/parameters/policyId' + - $ref: '#/components/parameters/policyLevel' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Throttling Policy returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ThrottlingPolicy' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/throttling-policies/application/10PerMin" + + ###################################################### + # The "Tag Collection" resource API + ###################################################### + /tags: + get: + tags: + - Tags + summary: | + Get All Tags + description: | + This operation can be used to retrieve a list of tags that are already added to APIs. + + `X-WSO2-Tenant` header can be used to retrive tags that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's tags, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Tag list is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TagList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/tags" + + ###################################################### + # The "Content Search Results" resource APIs + ###################################################### + /search: + get: + tags: + - Unified Search + summary: | + Retrieve/Search APIs and API Documents by Content + description: | + This operation provides you a list of available APIs and API Documents qualifying the given keyword match. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + - name: query + in: query + description: | + **Search**. + + You can search by using providing the search term in the query parameters. + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of qualifying APIs and docs is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SearchResultList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/search?query=PizzaShackAPI" + + ###################################################### + # The "SDK Generation Languages" list resource APIs + ###################################################### + /sdk-gen/languages: + get: + tags: + - SDKs + summary: | + Get a List of Supported SDK Languages + description: | + This operation will provide a list of programming languages that are supported by the swagger codegen library for generating System Development Kits (SDKs) for APIs available in the API Manager Developer Portal + responses: + 200: + description: | + OK. + List of supported languages for generating SDKs. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/sdk-gen/languages" + + ###################################################### + # The Web hook API topic details + ###################################################### + /webhooks/subscriptions: + get: + tags: + - Webhooks + summary: | + Get available web hook subscriptions for a given application. + description: | + This operation will provide a list of web hook topic subscriptions for a given application. If the api id is provided + results will be filtered by the api Id. + parameters: + - $ref: '#/components/parameters/applicationId-Q' + - $ref: '#/components/parameters/apiId-Q' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Topic list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WebhookSubscriptionList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/store/v1/webhooks/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9" + + ###################################################### + # The Developer Portal settings List + ###################################################### + /settings: + get: + tags: + - Settings + summary: Retreive Developer Portal settings + description: | + Retreive Developer Portal Settings + parameters: + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Settings returned + content: + application/json: + schema: + $ref: '#/components/schemas/Settings' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:store_settings + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/settings"' + + /settings/application-attributes: + get: + tags: + - Settings + summary: | + Get All Application Attributes from Configuration + description: | + This operation can be used to retrieve the application attributes from configuration. It will not return hidden attributes. + parameters: + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Application attributes returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationAttributeList' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/settings/application-attributes"' + + ###################################################### + # The tenant resource APIs + ###################################################### + /tenants: + get: + tags: + - Tenants + summary: | + Get Tenants by State + description: | + This operation is to get tenants by state + parameters: + - name: state + in: query + description: | + The state represents the current state of the tenant + + Supported states are [ active, inactive] + schema: + type: string + default: active + enum: + - active + - inactive + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + responses: + 200: + description: | + OK. + Tenant names returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TenantList' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/tenants" + x-examples: + $ref: docs/examples/tenants/tenants.yam + + ###################################################### + # The "Recommendations" resource API + ###################################################### + /recommendations: + get: + tags: + - Recommendations + summary: Give API Recommendations for a User + description: This API can be used to get recommended APIs for a user who logs + into the API Developer Portal + responses: + 200: + description: | + OK. + Requested recommendations are returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Recommendations' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/recommendations"' + + ###################################################### + # The "Category Collection" resource API + ###################################################### + /api-categories: + get: + tags: + - API Category (Collection) + summary: Get All API Categories + description: | + Get all API categories + parameters: + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Categories returned + content: + application/json: + schema: + $ref: '#/components/schemas/APICategoryList' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/api-categories" + + ###################################################### + # The "Key Manager Collection" resource API + ###################################################### + /key-managers: + get: + tags: + - Key Managers (Collection) + summary: Get All Key Managers + description: | + Get all Key managers + parameters: + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Categories returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerList' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/v2/key-managers"' + + ###################################################### + # GraphQL "Query Complexity" resource APIs + ###################################################### + /apis/{apiId}/graphql-policies/complexity: + get: + tags: + - GraphQL Policies + summary: Get the Complexity Related Details of an API + description: | + This operation can be used to retrieve complexity related details belonging to an API by providing the API id. + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Requested complexity details returned. + headers: + Content-Type: + description: | + The content of the body. + schema: + type: string + default: application/json + content: + application/json: + schema: + $ref: '#/components/schemas/GraphQLQueryComplexityInfo' + 404: + description: | + Not Found. + Requested API does not contain any complexity details. + content: {} + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/graphql-policies/complexity" + + /apis/{apiId}/graphql-policies/complexity/types: + get: + tags: + - GraphQL Policies + summary: Retrieve Types and Fields of a GraphQL Schema + description: | + This operation can be used to retrieve all types and fields of the GraphQL Schema by providing the API id. + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Types and fields returned successfully. + headers: + Content-Type: + description: | + The content of the body. + schema: + type: string + default: application/json + content: + application/json: + schema: + $ref: '#/components/schemas/GraphQLSchemaTypeList' + 404: + description: | + Not Found. + Retrieving types and fields failed. + content: {} + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/graphql-policies/complexity/types" + + ###################################################### + # User resource APIs + ###################################################### + /me/change-password: + post: + tags: + - Users + summary: Change the Password of the user + description: | + Using this operation, logged-in user can change their password. + operationId: changeUserPassword + requestBody: + description: | + Current and new password of the user + content: + application/json: + schema: + $ref: '#/components/schemas/CurrentAndNewPasswords' + required: true + responses: + 200: + description: OK. User password changed successfully + content: {} + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apim:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/me/change-password"' + +components: + schemas: + APIList: + title: API List + type: object + properties: + count: + type: integer + description: | + Number of APIs returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIInfo' + pagination: + $ref: '#/components/schemas/Pagination' + example: + count: 2 + list: + - id: 01234567-0123-0123-0123-012345678901 + name: CalculatorAPI + description: A calculator API that supports basic operations + context: /CalculatorAPI + version: 1.0.0 + provider: admin + lifeCycleStatus: PUBLISHED + thumbnailUri: /apis/01234567-0123-0123-0123-012345678901/thumbnail + - id: 01123567-1233-5453-0212-12353678901 + name: PizzaShackAPI + description: A Pizza ordering API + context: /PizzaShackAPI + version: 1.0.0 + provider: admin + lifeCycleStatus: PUBLISHED + thumbnailUri: /apis/01123567-1233-5453-0212-12353678901/thumbnail + pagination: + offset: 2 + limit: 2 + total: 10 + next: /apis?limit=2&offset=4 + previous: /apis?limit=2&offset=0 + APIInfo: + title: API Info object with basic API details. + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorAPI + description: + type: string + example: A calculator API that supports basic operations + context: + type: string + example: CalculatorAPI + version: + type: string + example: 1.0.0 + type: + type: string + example: WS + createdTime: + type: string + example: 1614020559444 + provider: + type: string + description: | + If the provider value is not given, the user invoking the API will be used as the provider. + example: admin + lifeCycleStatus: + type: string + example: PUBLISHED + thumbnailUri: + type: string + example: /apis/01234567-0123-0123-0123-012345678901/thumbnail + avgRating: + type: string + description: Average rating of the API + example: "4.5" + throttlingPolicies: + type: array + description: List of throttling policies of the API + example: + - Unlimited + - Bronze + items: + type: string + advertiseInfo: + $ref: '#/components/schemas/AdvertiseInfo' + businessInformation: + $ref: '#/components/schemas/APIBusinessInformation' + isSubscriptionAvailable: + type: boolean + example: false + monetizationLabel: + type: string + example: Free + gatewayVendor: + type: string + example: WSO2 + APIInfoList: + title: API Info List + type: object + properties: + count: + type: integer + description: | + Number of API Info objects returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIInfo' + API: + title: API object + required: + - context + - lifeCycleStatus + - name + - provider + - version + type: object + properties: + id: + type: string + description: | + UUID of the api + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + description: Name of the API + example: CalculatorAPI + description: + type: string + description: A brief description about the API + example: A calculator API that supports basic operations + context: + type: string + description: A string that represents thecontext of the user's request + example: CalculatorAPI + version: + type: string + description: The version of the API + example: 1.0.0 + provider: + type: string + description: | + If the provider value is not given user invoking the api will be used as the provider. + example: admin + apiDefinition: + type: string + description: | + Swagger definition of the API which contains details about URI templates and scopes + example: '{"paths":{"\/substract":{"get":{"x-auth-type":"Application & Application + User","x-throttling-tier":"Unlimited","parameters":[{"name":"x","required":true,"type":"string","in":"query"},{"name":"y","required":true,"type":"string","in":"query"}],"responses":{"200":{}}}},"\/add":{"get":{"x-auth-type":"Application + & Application User","x-throttling-tier":"Unlimited","parameters":[{"name":"x","required":true,"type":"string","in":"query"},{"name":"y","required":true,"type":"string","in":"query"}],"responses":{"200":{}}}}},"swagger":"2.0","info":{"title":"CalculatorAPI","version":"1.0.0"}}' + wsdlUri: + type: string + description: | + WSDL URL if the API is based on a WSDL endpoint + example: http://www.webservicex.com/globalweather.asmx?wsdl + lifeCycleStatus: + type: string + description: This describes in which status of the lifecycle the API is. + example: PUBLISHED + isDefaultVersion: + type: boolean + example: false + type: + type: string + description: This describes the transport type of the API + example: WS + transport: + type: array + example: + - http + - https + items: + type: string + description: | + Supported transports for the API (http and/or https). + operations: + type: array + example: [] + items: + $ref: '#/components/schemas/APIOperations' + authorizationHeader: + type: string + description: | + Name of the Authorization header used for invoking the API. If it is not set, Authorization header name specified + in tenant or system level will be used. + example: Authorization + securityScheme: + type: array + description: | + Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If + it is not set OAuth2 will be set as the security for the current API. + example: + - oauth2 + - oauth_basic_auth_api_key_mandatory + items: + type: string + tags: + type: array + description: Search keywords related to the API + example: + - substract + - add + items: + type: string + tiers: + type: array + description: The subscription tiers selected for the particular API + items: + type: object + properties: + tierName: + type: string + example: Gold + tierPlan: + type: string + example: COMMERCIAL + monetizationAttributes: + type: object + properties: + fixedPrice: + type: string + example: "10" + pricePerRequest: + type: string + example: "1" + currencyType: + type: string + example: USD + billingCycle: + type: string + example: month + hasThumbnail: + type: boolean + example: true + default: false + additionalProperties: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + description: | + Custom(user defined) properties of API + example: {} + monetization: + $ref: '#/components/schemas/APIMonetizationInfo' + endpointURLs: + type: array + items: + type: object + properties: + environmentName: + type: string + example: Default + environmentDisplayName: + type: string + example: Default + environmentType: + type: string + example: hybrid + URLs: + type: object + properties: + http: + type: string + description: HTTP environment URL + example: http://localhost:8280/phoneverify/1.0.0 + https: + type: string + description: HTTPS environment URL + example: https://localhost:8243/phoneverify/1.0.0 + ws: + type: string + description: WS environment URL + example: ws://localhost:9099/phoneverify/1.0.0 + wss: + type: string + description: WSS environment URL + example: wss://localhost:9099/phoneverify/1.0.0 + defaultVersionURLs: + type: object + properties: + http: + type: string + description: HTTP environment default URL + example: http://localhost:8280/phoneverify/ + https: + type: string + description: HTTPS environment default URL + example: https://localhost:8243/phoneverify/ + ws: + type: string + description: WS environment default URL + example: ws://localhost:9099/phoneverify/ + wss: + type: string + description: WSS environment default URL + example: ws://localhost:9099/phoneverify/ + businessInformation: + $ref: '#/components/schemas/APIBusinessInformation' + environmentList: + type: array + description: The environment list configured with non empty endpoint URLs + for the particular API. + example: + - PRODUCTION + - SANDBOX + items: + type: string + scopes: + type: array + items: + $ref: '#/components/schemas/ScopeInfo' + avgRating: + type: string + description: The average rating of the API + example: "4.5" + advertiseInfo: + $ref: '#/components/schemas/AdvertiseInfo' + isSubscriptionAvailable: + type: boolean + example: false + categories: + type: array + description: | + API categories + items: + type: string + example: "" + keyManagers: + type: object + properties: {} + description: | + API Key Managers + createdTime: + type: string + example: 2020-10-31T13:57:16.229 + lastUpdatedTime: + type: string + example: 2020-10-31T13:57:16.229 + gatewayVendor: + title: Gateway vendor of the API + type: string + example: + wso2 + asyncTransportProtocols: + type: array + description: | + Supported transports for the aync API. + example: + - http + - mqtt + items: + type: string + APIMonetizationInfo: + title: API monetization object + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Flag to indicate the monetization status + example: true + ApplicationList: + title: Application List + type: object + properties: + count: + type: integer + description: | + Number of applications returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationInfo' + pagination: + $ref: '#/components/schemas/Pagination' + Application: + title: Application + required: + - name + - throttlingPolicy + type: object + properties: + applicationId: + type: string + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 100 + minLength: 1 + type: string + example: CalculatorApp + throttlingPolicy: + minLength: 1 + type: string + example: Unlimited + description: + maxLength: 512 + type: string + example: Sample calculator application + tokenType: + type: string + description: | + Type of the access token generated for this application. + + **OAUTH:** A UUID based access token + **JWT:** A self-contained, signed JWT based access token which is issued by default. + example: JWT + default: JWT + enum: + - OAUTH + - JWT + status: + type: string + readOnly: true + example: APPROVED + default: "" + groups: + type: array + example: [] + items: + type: string + subscriptionCount: + type: integer + readOnly: true + keys: + type: array + readOnly: true + example: [] + items: + $ref: '#/components/schemas/ApplicationKey' + attributes: + type: object + additionalProperties: + type: string + example: {} + subscriptionScopes: + type: array + example: [] + items: + $ref: '#/components/schemas/ScopeInfo' + owner: + type: string + description: | + Application created user + readOnly: true + example: admin + hashEnabled: + type: boolean + readOnly: true + example: false + ApplicationInfo: + title: Application info object with basic application details + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + throttlingPolicy: + type: string + example: Unlimited + description: + type: string + example: Sample calculator application + status: + type: string + example: APPROVED + default: "" + groups: + type: array + example: "" + items: + type: string + subscriptionCount: + type: integer + attributes: + type: object + properties: {} + example: External Reference ID, Billing Tier + owner: + type: string + example: admin + DocumentList: + title: Document List + type: object + properties: + count: + type: integer + description: | + Number of Documents returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Document' + pagination: + $ref: '#/components/schemas/Pagination' + Document: + title: Document + required: + - name + - sourceType + - type + type: object + properties: + documentId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorDoc + type: + type: string + example: HOWTO + enum: + - HOWTO + - SAMPLES + - PUBLIC_FORUM + - SUPPORT_FORUM + - API_MESSAGE_FORMAT + - SWAGGER_DOC + - OTHER + summary: + type: string + example: Summary of Calculator Documentation + sourceType: + type: string + example: INLINE + enum: + - INLINE + - MARKDOWN + - URL + - FILE + sourceUrl: + type: string + example: "" + otherTypeName: + type: string + example: "" + ThrottlingPolicyList: + title: Throttling Policy List + type: object + properties: + count: + type: integer + description: | + Number of Throttling Policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ThrottlingPolicy' + pagination: + $ref: '#/components/schemas/Pagination' + ThrottlingPolicy: + title: Throttling Policy + required: + - name + - requestCount + - stopOnQuotaReach + - tierPlan + - unitTime + type: object + properties: + name: + type: string + example: Platinum + description: + type: string + example: Allows 50 request(s) per minute. + policyLevel: + type: string + example: subscription + enum: + - application + - subscription + attributes: + type: object + additionalProperties: + type: string + description: | + Custom attributes added to the throttling policy + example: {} + requestCount: + type: integer + description: | + Maximum number of requests which can be sent within a provided unit time + format: int64 + example: 50 + dataUnit: + description: | + Unit of data allowed to be transfered. Allowed values are "KB", "MB" and "GB" + type: string + example: KB + unitTime: + type: integer + format: int64 + example: 60000 + timeUnit: + type: string + example: min + rateLimitCount: + type: integer + default: 0 + description: Burst control request count + example: 10 + rateLimitTimeUnit: + type: string + description: Burst control time unit + example: min + quotaPolicyType: + type: string + description: Default quota limit type + enum: + - REQUESTCOUNT + - BANDWIDTHVOLUME + example: REQUESTCOUNT + tierPlan: + type: string + description: | + This attribute declares whether this tier is available under commercial or free + example: FREE + enum: + - FREE + - COMMERCIAL + stopOnQuotaReach: + type: boolean + description: | + If this attribute is set to false, you are capabale of sending requests + even if the request count exceeded within a unit time + example: true + monetizationAttributes: + $ref: '#/components/schemas/MonetizationInfo' + throttlingPolicyPermissions: + $ref: '#/components/schemas/ThrottlingPolicyPermissionInfo' + SubscriptionList: + title: Subscription List + type: object + properties: + count: + type: integer + description: | + Number of Subscriptions returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Subscription' + pagination: + $ref: '#/components/schemas/Pagination' + TopicList: + title: Topic List + type: object + properties: + count: + type: integer + description: | + Number of Topics returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Topic' + pagination: + $ref: '#/components/schemas/Pagination' + Topic: + title: Topic + type: object + properties: + apiId: + type: string + example: faae5fcc-cbae-40c4-bf43-89931630d313 + name: + type: string + example: orderBooks + type: + type: string + example: publisher + WebhookSubscriptionList: + title: Subscribed Webhook List + type: object + properties: + count: + type: integer + description: | + Number of webhook subscriptions returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/WebhookSubscription' + pagination: + $ref: '#/components/schemas/Pagination' + WebhookSubscription: + title: Webhook Subscription + type: object + properties: + apiId: + type: string + example: faae5fcc-cbae-40c4-bf43-89931630d313 + appId: + type: string + example: faae5fcc-cbae-40c4-bf43-89931630d313 + topic: + type: string + example: orderBooks + callBackUrl: + type: string + example: www.orderbooksite.com + deliveryTime: + type: string + example: faae5fcc-cbae-40c4-bf43-89931630d313 + deliveryStatus: + type: integer + example: 1 + APIBusinessInformation: + type: object + properties: + businessOwner: + type: string + example: businessowner + businessOwnerEmail: + type: string + example: businessowner@wso2.com + technicalOwner: + type: string + example: technicalowner + technicalOwnerEmail: + type: string + example: technicalowner@wso2.com + Subscription: + title: Subscription + required: + - applicationId + - throttlingPolicy + type: object + properties: + subscriptionId: + type: string + description: The UUID of the subscription + readOnly: true + example: faae5fcc-cbae-40c4-bf43-89931630d313 + applicationId: + type: string + description: The UUID of the application + example: b3ade481-30b0-4b38-9a67-498a40873a6d + apiId: + type: string + description: The unique identifier of the API. + example: 2962f3bb-8330-438e-baee-0ee1d6434ba4 + apiInfo: + $ref: '#/components/schemas/APIInfo' + applicationInfo: + $ref: '#/components/schemas/ApplicationInfo' + throttlingPolicy: + type: string + example: Unlimited + requestedThrottlingPolicy: + type: string + example: Unlimited + status: + type: string + example: UNBLOCKED + enum: + - BLOCKED + - PROD_ONLY_BLOCKED + - UNBLOCKED + - ON_HOLD + - REJECTED + - TIER_UPDATE_PENDING + - DELETE_PENDING + redirectionParams: + type: string + description: A url and other parameters the subscriber can be redirected. + readOnly: true + example: "" + Tag: + title: Tag + type: object + properties: + value: + type: string + example: tag1 + count: + type: integer + example: 5 + TagList: + title: Tag List + type: object + properties: + count: + type: integer + description: | + Number of Tags returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Tag' + pagination: + $ref: '#/components/schemas/Pagination' + Rating: + title: Rating + required: + - rating + type: object + properties: + ratingId: + type: string + readOnly: true + example: 32acfa7a-77f8-4fe0-bb7f-a902f36546d0 + apiId: + type: string + readOnly: true + example: e93fb282-b456-48fc-8981-003fb89086ae + ratedBy: + maxLength: 50 + type: string + readOnly: true + example: admin + rating: + type: integer + example: 4 + RatingList: + title: Rating List + type: object + properties: + avgRating: + type: string + description: | + Average Rating of the API + example: "4" + userRating: + type: integer + description: | + Rating given by the user + example: 4 + count: + type: integer + description: | + Number of Subscriber Ratings returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Rating' + pagination: + $ref: '#/components/schemas/Pagination' + Comment: + title: Comment + required: + - content + type: object + properties: + id: + type: string + readOnly: true + example: 943d3002-000c-42d3-a1b9-d6559f8a4d49 + content: + maxLength: 512 + type: string + example: This is a comment + createdTime: + type: string + readOnly: true + example : 2021-02-11-09:57:25 + createdBy: + type: string + readOnly: true + example: admin + updatedTime: + type: string + readOnly: true + example : 2021-02-12-19:57:25 + category: + type: string + readOnly: true + default: general + example : general + parentCommentId: + type: string + readOnly: true + example: 6f38aea2-f41e-4ac9-b3f2-a9493d00ba97 + entryPoint: + type: string + readOnly: true + enum: [devPortal, publisher] + commenterInfo: + $ref: '#/components/schemas/CommenterInfo' + replies: + $ref: '#/components/schemas/CommentList' + CommentList: + title: Comments List + type: object + properties: + count: + type: integer + readOnly: true + description: | + Number of Comments returned. + example: 1 + list: + type: array + readOnly: true + items: + $ref: '#/components/schemas/Comment' + pagination: + $ref: '#/components/schemas/Pagination' + Error: + title: Error object returned with 4XX HTTP status + required: + - code + - message + type: object + properties: + code: + type: integer + format: int64 + message: + type: string + description: Error message. + description: + type: string + description: | + A detail description about the error message. + moreInfo: + type: string + description: | + Preferably an url with more details about the error. + error: + type: array + description: | + If there are more than one error list them out. + For example, list out validation errors by each field. + items: + $ref: '#/components/schemas/ErrorListItem' + ErrorListItem: + title: Description of individual errors that may have occurred during a request. + required: + - code + - message + type: object + properties: + code: + type: string + message: + type: string + description: | + Description about individual errors occurred + ApplicationToken: + title: Application token details to invoke APIs + type: object + properties: + accessToken: + type: string + description: Access token + example: 1.2345678901234568E30 + tokenScopes: + type: array + description: Valid comma seperated scopes for the access token + example: + - default + - read_api + - write_api + items: + type: string + validityTime: + type: integer + description: Maximum validity time for the access token + format: int64 + example: 3600 + APIKey: + title: API Key details to invoke APIs + type: object + properties: + apikey: + type: string + description: API Key + example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= + validityTime: + type: integer + format: int32 + example: 3600 + ApplicationKey: + title: Application key details + type: object + properties: + keyMappingId: + type: string + description: Key Manager Mapping UUID + readOnly: true + example: 92ab520c-8847-427a-a921-3ed19b15aad7 + keyManager: + type: string + description: Key Manager Name + example: Resident Key Manager + consumerKey: + type: string + description: Consumer key of the application + readOnly: true + example: vYDoc9s7IgAFdkSyNDaswBX7ejoa + consumerSecret: + type: string + description: Consumer secret of the application + readOnly: true + example: TIDlOFkpzB7WjufO3OJUhy1fsvAa + supportedGrantTypes: + type: array + description: The grant types that are supported by the application + example: + - client_credentials + - password + items: + type: string + callbackUrl: + type: string + description: Callback URL + example: http://sample.com/callback/url + keyState: + type: string + description: Describes the state of the key generation. + example: APPROVED + keyType: + type: string + description: Describes to which endpoint the key belongs + example: PRODUCTION + enum: + - PRODUCTION + - SANDBOX + mode: + type: string + description: Describe the which mode Application Mapped. + example: CREATED + enum: + - MAPPED + - CREATED + groupId: + type: string + description: Application group id (if any). + example: "2" + token: + $ref: '#/components/schemas/ApplicationToken' + additionalProperties: + type: object + properties: {} + description: additionalProperties (if any). + ApplicationKeyReGenerateResponse: + title: Application key details after re generating consumer secret + type: object + properties: + consumerKey: + type: string + description: The consumer key associated with the application, used to indetify + the client + example: vYDoc9s7IgAFdkSyNDaswBX7ejoa + consumerSecret: + type: string + description: The client secret that is used to authenticate the client with + the authentication server + example: TIDlOFkpzB7WjufO3OJUhy1fsvAa + ApplicationKeyList: + title: Application Keys List + type: object + properties: + count: + type: integer + description: | + Number of applications keys returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationKey' + ApplicationKeyGenerateRequest: + title: Application key generation request object + required: + - grantTypesToBeSupported + - keyType + type: object + properties: + keyType: + type: string + enum: + - PRODUCTION + - SANDBOX + keyManager: + type: string + description: key Manager to Generate Keys + example: Resident Key Manager + grantTypesToBeSupported: + type: array + description: Grant types that should be supported by the application + example: + - password + - client_credentials + items: + type: string + callbackUrl: + type: string + description: Callback URL + example: http://sample.com/callback/url + scopes: + type: array + description: Allowed scopes for the access token + example: + - am_application_scope + - default + items: + type: string + validityTime: + type: string + example: "3600" + clientId: + type: string + description: Client ID for generating access token. + readOnly: true + example: sZzoeSCI_vL2cjSXZQmsmV8JEyga + clientSecret: + type: string + description: Client secret for generating access token. This is given together + with the client Id. + readOnly: true + example: nrs3YAP4htxnz_DqpvGhf9Um04oa + additionalProperties: + type: object + properties: {} + description: Additional properties needed. + example: {} + ApplicationKeyMappingRequest: + title: Application key provision request object + required: + - consumerKey + - keyType + type: object + properties: + consumerKey: + type: string + description: Consumer key of the application + example: oYhwZu4P2ThDmiDprBk6c0YfjR8a + consumerSecret: + type: string + description: Consumer secret of the application + example: ondWGtFTCOVM4sfPyOfZ7fel610a + keyManager: + type: string + description: Key Manager Name + example: Resident Key Manager + keyType: + type: string + enum: + - PRODUCTION + - SANDBOX + ApplicationTokenGenerateRequest: + title: Application access token generation request object + type: object + properties: + consumerSecret: + type: string + description: Consumer secret of the application + example: cV5pvyisxug5b5QZInq9cGZrMOMa + validityPeriod: + type: integer + description: Token validity period + format: int64 + example: 3600 + scopes: + type: array + description: Allowed scopes (space seperated) for the access token + example: + - apim:subscribe + items: + type: string + revokeToken: + type: string + description: Token to be revoked, if any + example: "" + grantType: + type: string + default: CLIENT_CREDENTIALS + enum: + - CLIENT_CREDENTIALS + - TOKEN_EXCHANGE + additionalProperties: + type: object + properties: {} + description: Additional parameters if Authorization server needs any + APIKeyGenerateRequest: + title: API Key generation request object + type: object + properties: + validityPeriod: + type: integer + description: Token validity period + format: int32 + example: 3600 + additionalProperties: + type: object + properties: {} + description: Additional parameters if Authorization server needs any + APIKeyRevokeRequest: + title: API Key revoke request object + type: object + properties: + apikey: + type: string + description: API Key to revoke + example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= + ScopeInfo: + title: API Scope info object with scope details + type: object + properties: + key: + type: string + example: admin_scope + name: + type: string + example: admin scope + roles: + type: array + description: Allowed roles for the scope + example: + - manager + - developer + items: + type: string + description: + type: string + description: Description of the scope + ScopeList: + title: Scope list + type: object + properties: + count: + type: integer + description: | + Number of results returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ScopeInfo' + pagination: + $ref: '#/components/schemas/Pagination' + ThrottlingPolicyPermissionInfo: + title: Throttling Policy Permission info object with throttling policy permission + details + type: object + properties: + type: + type: string + enum: + - allow + - deny + roles: + type: array + description: roles for this permission + example: + - manager + - developer + items: + type: string + MonetizationInfo: + title: Monetization + type: object + properties: + billingType: + type: string + example: fixedPrice + enum: + - fixedPrice + - dynamicRate + billingCycle: + type: string + example: month + fixedPrice: + type: string + example: "10" + pricePerRequest: + type: string + example: "1" + currencyType: + type: string + example: USD + APIMonetizationUsage: + title: API monetization usage object + type: object + properties: + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to monetization usage + WorkflowResponse: + title: workflow Response + required: + - workflowStatus + type: object + properties: + workflowStatus: + type: string + description: | + This attribute declares whether this workflow task is approved or rejected. + example: APPROVED + enum: + - CREATED + - APPROVED + - REJECTED + - REGISTERED + jsonPayload: + type: string + description: | + Attributes that returned after the workflow execution + User: + title: User + required: + - email + - firstName + - lastName + - password + - username + type: object + properties: + username: + type: string + password: + type: string + firstName: + type: string + lastName: + type: string + email: + type: string + APIOperations: + title: Operation + type: object + properties: + id: + type: string + example: apioperation + target: + type: string + verb: + type: string + SearchResultList: + title: Search Result List + type: object + properties: + count: + type: integer + description: | + Number of results returned. + example: 1 + list: + type: array + items: + type: object + pagination: + $ref: '#/components/schemas/Pagination' + SearchResult: + title: Search Result + required: + - name + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: TestAPI + type: + type: string + example: API + enum: + - DOC + - API + transportType: + type: string + description: Accepted values are HTTP, WS, SOAPTOREST, GRAPHQL + discriminator: + propertyName: name + APISearchResult: + title: API Result + allOf: + - $ref: '#/components/schemas/SearchResult' + - type: object + properties: + description: + type: string + description: A brief description about the API + example: A calculator API that supports basic operations + context: + type: string + description: A string that represents the context of the user's request + example: CalculatorAPI + version: + type: string + description: The version of the API + example: 1.0.0 + provider: + type: string + description: | + If the provider value is notgiven, the user invoking the API will be used as the provider. + example: admin + status: + type: string + description: This describes in which status of the lifecycle the API is + example: CREATED + thumbnailUri: + type: string + example: /apis/01234567-0123-0123-0123-012345678901/thumbnail + businessInformation: + $ref: '#/components/schemas/APIBusinessInformation' + avgRating: + type: string + description: Average rating of the API + example: "4.5" + DocumentSearchResult: + title: Document Result + allOf: + - $ref: '#/components/schemas/SearchResult' + - type: object + properties: + docType: + type: string + example: HOWTO + enum: + - HOWTO + - SAMPLES + - PUBLIC_FORUM + - SUPPORT_FORUM + - API_MESSAGE_FORMAT + - SWAGGER_DOC + - OTHER + summary: + type: string + example: Summary of Calculator Documentation + sourceType: + type: string + example: INLINE + enum: + - INLINE + - URL + - FILE + - MARKDOWN + sourceUrl: + type: string + example: "" + otherTypeName: + type: string + example: "" + visibility: + type: string + example: API_LEVEL + enum: + - OWNER_ONLY + - PRIVATE + - API_LEVEL + apiName: + type: string + description: The name of the associated API + example: TestAPI + apiVersion: + type: string + description: The version of the associated API + example: 1.0.0 + apiProvider: + type: string + example: admin + apiUUID: + type: string + CommenterInfo: + type: object + properties: + firstName: + type: string + example: John + lastName: + type: string + example: David + fullName: + type: string + example: John David + Pagination: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 1 + total: + type: integer + example: 10 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + example: "" + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + example: "" + Settings: + title: Settings + type: object + properties: + grantTypes: + type: array + items: + type: string + scopes: + type: array + items: + type: string + applicationSharingEnabled: + type: boolean + default: false + mapExistingAuthApps: + type: boolean + default: false + apiGatewayEndpoint: + type: string + monetizationEnabled: + type: boolean + default: false + recommendationEnabled: + type: boolean + default: false + IsUnlimitedTierPaid: + type: boolean + default: false + identityProvider: + type: object + properties: + external: + type: boolean + default: false + IsAnonymousModeEnabled: + type: boolean + default: true + IsPasswordChangeEnabled: + type: boolean + default: true + userStorePasswordPattern: + type: string + description: The 'PasswordJavaRegEx' cofigured in the UserStoreManager + example: "" + passwordPolicyPattern: + type: string + description: The regex configured in the Password Policy property 'passwordPolicy.pattern' + example: "" + passwordPolicyMinLength: + type: integer + description: If Password Policy Feature is enabled, the property 'passwordPolicy.min.length' + is returned as the 'passwordPolicyMinLength'. If password policy is not + enabled, default value -1 will be returned. And it should be noted that + the regex pattern(s) returned in 'passwordPolicyPattern' and 'userStorePasswordPattern' + properties too will affect the minimum password length allowed and an + intersection of all conditions will be considered finally to validate + the password. + passwordPolicyMaxLength: + type: integer + description: If Password Policy Feature is enabled, the property 'passwordPolicy.max.length' + is returned as the 'passwordPolicyMaxLength'. If password policy is not + enabled, default value -1 will be returned. And it should be noted that + the regex pattern(s) returned in 'passwordPolicyPattern' and 'userStorePasswordPattern' + properties too will affect the maximum password length allowed and an + intersection of all conditions will be considered finally to validate + the password. + ApplicationAttribute: + title: Application attributes + type: object + properties: + description: + type: string + description: description of the application attribute + example: Sample description of the attribute + type: + type: string + description: type of the input element to display + example: text + tooltip: + type: string + description: tooltop to display for the input element + example: Sample tooltip + required: + type: string + description: whether this is a required attribute + example: "false" + attribute: + type: string + description: the name of the attribute + example: External Reference Id + hidden: + type: string + description: whether this is a hidden attribute + example: "false" + ApplicationAttributeList: + title: Application Attributes List + type: object + properties: + count: + type: integer + description: | + Number of application attributes returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationAttribute' + Tenant: + title: Tenant + type: object + properties: + domain: + type: string + description: tenant domain + example: wso2.com + status: + type: string + description: current status of the tenant active/inactive + example: active + TenantList: + title: Tenant list + type: object + properties: + count: + type: integer + description: | + Number of tenants returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Tenant' + pagination: + $ref: '#/components/schemas/Pagination' + AdvertiseInfo: + title: API Advertise info object with advertise details + type: object + properties: + advertised: + type: boolean + example: true + apiExternalProductionEndpoint: + type: string + example: https://localhost:9443/devportal + apiExternalSandboxEndpoint: + type: string + example: https://localhost:9443/devportal + originalDevPortalUrl: + type: string + example: https://localhost:9443/devportal + apiOwner: + type: string + example: admin + vendor: + type: string + default: WSO2 + enum: + - WSO2 + - AWS + APICategory: + title: API Category + required: + - name + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: Finance + description: + type: string + example: Finance related APIs + APICategoryList: + title: API Category List + type: object + properties: + count: + type: integer + description: | + Number of API categories returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APICategory' + Recommendations: + title: API recommendations + type: object + properties: + count: + type: integer + description: | + Number of APIs returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/recommendedAPI' + recommendedAPI: + title: Recommended API + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorAPI + avgRating: + type: string + description: Average rating of the API + example: "4.5" + KeyManagerInfo: + title: Key Manager Info + required: + - name + - type + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: Resident Key Manager + type: + type: string + example: default + displayName: + type: string + description: | + display name of Keymanager + example: Resident Key Manager + description: + type: string + example: This is Resident Key Manager + enabled: + type: boolean + example: true + availableGrantTypes: + type: array + items: + type: string + example: client_credentials + tokenEndpoint: + type: string + example: https://localhost:9443/oauth2/token + revokeEndpoint: + type: string + example: https://localhost:9443/oauth2/revoke + userInfoEndpoint: + type: string + example: "" + enableTokenGeneration: + type: boolean + example: true + enableTokenEncryption: + type: boolean + example: false + default: false + enableTokenHashing: + type: boolean + example: false + default: false + enableOAuthAppCreation: + type: boolean + example: true + default: true + enableMapOAuthConsumerApps: + type: boolean + example: false + default: false + applicationConfiguration: + type: array + items: + $ref: '#/components/schemas/KeyManagerApplicationConfiguration' + alias: + type: string + description: | + The alias of Identity Provider. + If the tokenType is EXCHANGED, the alias value should be inclusive in the audience values of the JWT token + example: https://localhost:9443/oauth2/token + additionalProperties: + type: object + properties: {} + tokenType: + type: string + description: The type of the tokens to be used (exchanged or without exchanged). + Accepted values are EXCHANGED, DIRECT and BOTH. + example: EXCHANGED + default: DIRECT + enum: + - EXCHANGED + - DIRECT + - BOTH + KeyManagerApplicationConfiguration: + title: Key Manager application Configuration + type: object + properties: + name: + type: string + example: consumer_key + label: + type: string + example: Consumer Key + type: + type: string + example: select + required: + type: boolean + example: true + mask: + type: boolean + example: true + multiple: + type: boolean + example: true + tooltip: + type: string + example: Enter username to connect to key manager + default: + type: object + properties: {} + example: admin + values: + type: array + items: + type: object + properties: {} + KeyManagerList: + title: Key Manager List + type: object + properties: + count: + type: integer + description: | + Number of Key managers returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/KeyManagerInfo' + GraphQLQueryComplexityInfo: + title: GraphQL Query Complexity Info + type: object + properties: + list: + type: array + items: + $ref: '#/components/schemas/GraphQLCustomComplexityInfo' + GraphQLCustomComplexityInfo: + title: GraphQL Custom Complexity Info + required: + - complexityValue + - field + - type + type: object + properties: + type: + type: string + description: | + The type found within the schema of the API + example: Country + field: + type: string + description: | + The field which is found under the type within the schema of the API + example: name + complexityValue: + type: integer + description: | + The complexity value allocated for the associated field under the specified type + example: 1 + GraphQLSchemaTypeList: + title: List of types and corresponding fields of the GraphQL Schema + type: object + properties: + typeList: + type: array + items: + $ref: '#/components/schemas/GraphQLSchemaType' + GraphQLSchemaType: + title: Single type and corresponding fields found within the GraphQL Schema + type: object + properties: + type: + type: string + description: | + Type found within the GraphQL Schema + example: Country + fieldList: + type: array + description: | + Array of fields under current type + example: + - code + - name + items: + type: string + CurrentAndNewPasswords: + title: Current and new passowrd of the user + type: object + properties: + currentPassword: + type: string + example: password123 + newPassword: + type: string + example: newpassword1234 + AdditionalSubscriptionInfoList: + title: Additional Subscription Info List + type: object + properties: + count: + type: integer + description: | + Number of additional information sets of subscription returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/AdditionalSubscriptionInfo' + pagination: + $ref: '#/components/schemas/Pagination' + AdditionalSubscriptionInfo: + title: Additional Information of subscriptions related to an API + type: object + properties: + subscriptionId: + type: string + description: The UUID of the subscription + readOnly: true + example: faae5fcc-cbae-40c4-bf43-89931630d313 + applicationId: + type: string + description: The UUID of the application + example: b3ade481-30b0-4b38-9a67-498a40873a6d + applicationName: + type: string + description: The name of the application + example: Sample Application + apiId: + type: string + description: The unique identifier of the API. + example: 2962f3bb-8330-438e-baee-0ee1d6434ba4 + isSolaceAPI: + type: boolean + example: false + solaceOrganization: + type: string + example: SolaceWso2 + solaceDeployedEnvironments: + type: array + items: + type: object + properties: + environmentName: + type: string + environmentDisplayName: + type: string + organizationName: + type: string + solaceURLs: + type: array + items: + type: object + properties: + protocol: + type: string + example: Defalt + endpointURL: + type: string + example: Default + SolaceTopicsObject: + type: object + properties: + defaultSyntax: + $ref: '#/components/schemas/SolaceTopics' + mqttSyntax: + $ref: '#/components/schemas/SolaceTopics' + SolaceTopics: + title: SolaceTopics + type: object + properties: + publishTopics: + type: array + items: + type: string + subscribeTopics: + type: array + items: + type: string + responses: + BadRequest: + description: Bad Request. Invalid request or validation error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + Conflict: + description: Conflict. Specified resource already exists. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 409 + message: Conflict + description: Specified resource already exists + moreInfo: "" + error: [] + InternalServerError: + description: Internal Server Error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + NotAcceptable: + description: Not Acceptable. The requested media type is not supported. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + NotFound: + description: Not Found. The specified resource does not exist. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + PreconditionFailed: + description: Precondition Failed. The request has not been performed because + one of the preconditions is not met. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 412 + message: Precondition Failed + description: The request has not been performed because one of the preconditions + is not met + moreInfo: "" + error: [] + Unauthorized: + description: Unauthorized. The user is not authorized. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 401 + message: Unauthorized + description: The user is not authorized + moreInfo: "" + error: [] + UnsupportedMediaType: + description: Unsupported Media Type. The entity of the request was not in a + supported format. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 415 + message: Unsupported media type + description: The entity of the request was not in a supported format + moreInfo: "" + error: [] + parameters: + parentCommentID: + name: replyTo + in: query + description: | + ID of the perent comment. + schema: + type: string + requestedTenant: + name: X-WSO2-Tenant + in: header + description: | + For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be + retrieved from. + schema: + type: string + includeCommenterInfo: + name: includeCommenterInfo + in: query + description: | + Whether we need to display commentor details. + schema: + type: boolean + default : false + apiId: + name: apiId + in: path + description: | + **API ID** consisting of the **UUID** of the API. + required: true + schema: + type: string + apiProductId: + name: apiProductId + in: path + description: | + **API Product ID** consisting of the **UUID** of the API Product. + required: true + schema: + type: string + x-encoded: true + x-encoded: true + apiId-Q: + name: apiId + in: query + description: | + **API ID** consisting of the **UUID** of the API. + schema: + type: string + apiType-Q: + name: apiType + in: query + description: | + **API TYPE** Identifies the type API(API or API_PRODUCT). + schema: + type: string + language: + name: language + in: query + description: | + Programming language to generate SDK. + required: true + schema: + type: string + documentId: + name: documentId + in: path + description: | + Document Identifier + required: true + schema: + type: string + applicationId: + name: applicationId + in: path + description: | + Application Identifier consisting of the UUID of the Application. + required: true + schema: + type: string + keyMappingId: + name: keyMappingId + in: path + description: | + OAuth Key Identifier consisting of the UUID of the Oauth Key Mapping. + required: true + schema: + type: string + filterByUserRoles: + name: filterByUserRoles + in: query + description: | + Filter user by roles. + schema: + type: boolean + applicationId-Q: + name: applicationId + in: query + description: | + **Application Identifier** consisting of the UUID of the Application. + schema: + type: string + groupId: + name: groupId + in: query + description: | + Application Group Id + schema: + type: string + subscriptionId: + name: subscriptionId + in: path + description: | + Subscription Id + required: true + schema: + type: string + policyId: + name: policyId + in: path + description: | + The name of the policy + required: true + schema: + type: string + commentId: + name: commentId + in: path + description: | + Comment Id + required: true + schema: + type: string + ratingId: + name: ratingId + in: path + description: | + Rating Id + required: true + schema: + type: string + policyLevel: + name: policyLevel + in: path + description: | + List Application or Subscription type thro. + required: true + schema: + type: string + enum: + - application + - subscription + environmentName: + name: environmentName + in: query + description: | + Name of the API gateway environment. + schema: + type: string + limit: + name: limit + in: query + description: | + Maximum size of resource array to return. + schema: + type: integer + default: 25 + offset: + name: offset + in: query + description: | + Starting point within the complete list of items qualified. + schema: + type: integer + default: 0 + replyLimit: + name: replyLimit + in: query + description: | + Maximum size of replies array to return. + schema: + type: integer + default: 25 + replyOffset: + name: replyOffset + in: query + description: | + Starting point within the complete list of replies. + schema: + type: integer + default: 0 + keyType: + name: keyType + in: path + description: | + **Application Key Type** standing for the type of the keys (i.e. Production or Sandbox). + required: true + schema: + type: string + enum: + - PRODUCTION + - SANDBOX + If-None-Match: + name: If-None-Match + in: header + description: | + Validator for conditional requests; based on the ETag of the formerly retrieved + variant of the resourec. + schema: + type: string + If-Match: + name: If-Match + in: header + description: | + Validator for conditional requests; based on ETag. + schema: + type: string + alertType: + name: alertType + in: path + description: | + The alert type. + required: true + schema: + type: string + configurationId: + name: configurationId + in: path + description: | + The alert configuration id. + Base64 encoded value of 'apiName#apiVersion#applicationName'. + required: true + schema: + type: string + securitySchemes: + OAuth2Security: + type: oauth2 + flows: + password: + tokenUrl: https://localhost:9443/oauth2/token + scopes: + openid: Authorize access to user details + apim:subscribe: Subscribe API + apim:api_key: Generate API Keys + apim:app_manage: Retrieve, Manage and Import, Export applications + apim:sub_manage: Retrieve, Manage subscriptions + apim:store_settings: Retrieve Developer Portal settings + apim:sub_alert_manage: Retrieve, subscribe and configure Developer Portal alert types + apim:app_import_export: Import and export applications related operations + apim:admin: Manage all admin operations \ No newline at end of file diff --git a/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/resources/publisher-api.yaml b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/resources/publisher-api.yaml new file mode 100644 index 000000000000..f34d23ddbc67 --- /dev/null +++ b/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/resources/publisher-api.yaml @@ -0,0 +1,12259 @@ +# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################################ +openapi: 3.0.1 +info: + title: WSO2 API Manager - Publisher API + description: | + This document specifies a **RESTful API** for WSO2 **API Manager** - **Publisher**. + + # Authentication + The Publisher REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking + the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps + that you will need to follow to obtain an access token. + First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types + in the payload. A Sample payload is shown below. + ``` + { + "callbackUrl":"www.google.lk", + "clientName":"rest_api_publisher", + "owner":"admin", + "grantType":"client_credentials password refresh_token", + "saasApp":true + } + ``` + Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the + base64 encoded admin username and password. + **Format of the request** + ``` + curl -X POST -H "Authorization: Basic Base64(admin_username:admin_password)" -H "Content-Type: application/json" + \ -d @payload.json https://:/client-registration/v0.17/register + ``` + **Sample request** + ``` + curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" + \ -d @payload.json https://localhost:9443/client-registration/v0.17/register + ``` + Following is a sample response after invoking the above curl. + ``` + { + "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", + "clientName": "rest_api_publisher", + "callBackURL": "www.google.lk", + "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", + "isSaasApplication": true, + "appOwner": "admin", + "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.google.lk\",\"client_name\":\"rest_api123\"}", + "jsonAppAttribute": "{}", + "tokenType": null + } + ``` + Next you must use the above client id and secret to obtain the access token. + We will be using the password grant type for this, you can use any grant type you desire. + You also need to add the proper **scope** when getting the access token. All possible scopes for publisher REST API can be viewed in **OAuth2 Security** section + of this document and scope for each resource is given in **authorization** section of resource documentation. + Following is the format of the request if you are using the password grant type. + ``` + curl -k -d "grant_type=password&username=&password=" + \ -H "Authorization: Basic base64(cliet_id:client_secret)" + \ https://:/oauth2/token + ``` + **Sample request** + ``` + curl https://localhost:9443/oauth2/token -k \ + -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ + -d "grant_type=password&username=admin&password=admin&scope=apim:api_view apim:api_create" + ``` + Shown below is a sample response to the above request. + ``` + { + "access_token": "e79bda48-3406-3178-acce-f6e4dbdcbb12", + "refresh_token": "a757795d-e69f-38b8-bd85-9aded677a97c", + "scope": "apim:api_create apim:api_view", + "token_type": "Bearer", + "expires_in": 3600 + } + ``` + Now you have a valid access token, which you can use to invoke an API. + Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. + If you use a different authentication mechanism, this process may change. + + # Try out in Postman + If you want to try-out the embedded postman collection with "Run in Postman" option, please follow the guidelines listed below. + * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. + * Make sure you have an API Manager instance up and running. + * Update the `basepath` parameter to match the hostname and port of the APIM instance. + + [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/a09044034b5c3c1b01a9) + contact: + name: WSO2 + url: http://wso2.com/products/api-manager/ + email: architecture@wso2.com + license: + name: Apache 2.0 + url: http://www.apache.org/licenses/LICENSE-2.0.html + version: v3 +servers: + - url: https://apis.wso2.com/api/am/publisher/v3 +security: + - OAuth2Security: + - apim:api_view +paths: + ###################################################### + # The "API Collection" resource APIs + ###################################################### + /apis: + get: + tags: + - APIs + summary: | + Retrieve/Search APIs + description: | + This operation provides you a list of available APIs qualifying under a given search condition. + + Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/sortBy' + - $ref: '#/components/parameters/sortOrder' + - $ref: '#/components/parameters/requestedTenant' + - name: query + in: query + description: | + **Search condition**. + + You can search in attributes by using an **":"** modifier. + + Eg. + "provider:wso2" will match an API if the provider of the API contains "wso2". + "provider:"wso2"" will match an API if the provider of the API is exactly "wso2". + "status:PUBLISHED" will match an API if the API is in PUBLISHED state. + + Also you can use combined modifiers + Eg. + name:pizzashack version:v1 will match an API if the name of the API is pizzashack and version is v1. + + Supported attribute modifiers are [**version, context, name, status, + description, doc, provider**] + + If no advanced attribute modifier has been specified, the API names containing + the search term will be returned as a result. + + Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + List of qualifying APIs is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:api_import_export + - apim:api_list_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis"' + x-examples: + $ref: docs/examples/apis/apis_get.yaml + operationId: getAllAPIs + + post: + tags: + - APIs + summary: Create a New API + description: | + This operation can be used to create a new API specifying the details of the API in the payload. The new API will be in `CREATED` state. + + There is a special capability for a user who has `APIM Admin` permission such that he can create APIs on behalf of other users. For that he can to specify `"provider" : "some_other_user"` in the payload so that the API's creator will be shown as `some_other_user` in the UI. + parameters: + - name: openAPIVersion + in: query + description: Open api version + schema: + type: string + default: v3 + enum: + - v2 + - v3 + requestBody: + description: API object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/API' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis"' + x-examples: + $ref: docs/examples/apis/apis_post.yaml + operationId: createAPI + + ###################################################### + # The "Individual API" resource APIs + ###################################################### + /apis/{apiId}: + get: + tags: + - APIs + summary: Get Details of an API + description: | + Using this operation, you can retrieve complete details of a single API. You need to provide the Id of the API to retrive it. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:api_import_export + - apim:api_product_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/7a2298c4-c905-403f-8fac-38c73301631f"' + x-examples: + $ref: docs/examples/apis/apis_id_get.yaml + operationId: getAPI + + put: + tags: + - APIs + summary: Update an API + description: | + This operation can be used to update an existing API. + But the properties `name`, `version`, `context`, `provider`, `state` will not be changed by this operation. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: API object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/API' + required: true + responses: + 200: + description: | + OK. + Successful response with updated API object + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:api_publish + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/7a2298c4-c905-403f-8fac-38c73301631f"' + operationId: updateAPI + + delete: + tags: + - APIs + summary: Delete an API + description: | + This operation can be used to delete an existing API proving the Id of the API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_delete + - apim:api_manage + - apim:api_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/7a2298c4-c905-403f-8fac-38c73301631f"' + operationId: deleteAPI + + /apis/{apiId}/topics: + put: + tags: + - APIs + summary: Update Topics + description: This operation can be used to update topics of an existing API. + operationId: updateTopics + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: API object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/TopicList' + required: true + responses: + 200: + description: | + OK. + Successful response with updated API object + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:api_import_export + + /apis/{apiId}/reimport-service: + put: + tags: + - APIs + summary: Update the Service that is used to create the API + description: This operation can be used to re-import the Service used to create the API + operationId: reimportServiceFromCatalog + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Successful response with updated API object + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/ecb5b300-422d-4ee8-88d2-364a0a122238/reimport-service"' + + /apis/{apiId}/swagger: + get: + tags: + - APIs + summary: Get Swagger Definition + description: | + This operation can be used to retrieve the swagger definition of an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested swagger document of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + example: "" + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:api_definition_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/7a2298c4-c905-403f-8fac-38c73301631f/swagger"' + operationId: getAPISwagger + + put: + tags: + - APIs + summary: Update Swagger Definition + description: | + This operation can be used to update the swagger definition of an existing API. Swagger definition to be updated is passed as a form data parameter `apiDefinition`. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + properties: + apiDefinition: + type: string + description: Swagger definition of the API + url: + type: string + description: Swagger definition URL of the API + file: + type: string + description: Swagger definitio as a file + format: binary + responses: + 200: + description: | + OK. + Successful response with updated Swagger definition + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + example: "" + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F apiDefinition=@swagger.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/swagger"' + operationId: updateAPISwagger + + /apis/{apiId}/generate-mock-scripts: + post: + tags: + - APIs + summary: Generate Mock Response Payloads + description: | + This operation can be used to generate mock responses from examples of swagger definition of an API. + operationId: generateMockScripts + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested swagger document of the API is returned with example responses + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + example: "" + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/7a2298c4-c905-403f-8fac-38c73301631f/generate-mock-scripts"' + + + /apis/{apiId}/generated-mock-scripts: + get: + tags: + - APIs + summary: Get Generated Mock Response Payloads + description: | + This operation can be used to get generated mock responses from examples of swagger definition of an API. + operationId: getGeneratedMockScriptsOfAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested swagger document of the API is returned with example responses + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/MockResponsePayloadList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/7a2298c4-c905-403f-8fac-38c73301631f/generated-mock-scripts"' + + /apis/{apiId}/resource-policies: + get: + tags: + - API Resource Policies + summary: Get the Resource Policy(inflow/outflow) Definitions + description: | + This operation can be used to retrieve conversion policy resource definitions of an API. + parameters: + - $ref: '#/components/parameters/apiId' + - name: resourcePath + in: query + description: Resource path of the resource policy definition + schema: + type: string + - name: verb + in: query + description: HTTP verb of the resource path of the resource policy definition + schema: + type: string + - name: sequenceType + in: query + description: sequence type of the resource policy resource definition + required: true + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of resource policy definitions of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ResourcePolicyList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/resource-policies?resourcePath=checkPhoneNumber&verb=post&sequenceType=in"' + operationId: getAPIResourcePolicies + + /apis/{apiId}/resource-policies/{resourcePolicyId}: + get: + tags: + - API Resource Policies + summary: Get the Resource Policy(inflow/outflow) Definition for a Given Resource + Identifier. + description: | + This operation can be used to retrieve conversion policy resource definitions of an API given the resource identifier. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/resourcePolicyId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested resource policy definition of the API is returned for the given resource identifier. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ResourcePolicyInfo' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/resource-policies/8efc32a4-c7f1-4bee-b860-b7566e2bc0d5"' + operationId: getAPIResourcePoliciesByPolicyId + + put: + tags: + - API Resource Policies + summary: Update the Resource Policy(inflow/outflow) Definition for the Given + Resource Identifier + description: | + This operation can be used to update the resource policy(inflow/outflow) definition for the given resource identifier of an existing API. resource policy definition to be updated is passed as a body parameter `content`. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/resourcePolicyId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: Content of the resource policy definition that needs to be updated + content: + application/json: + schema: + $ref: '#/components/schemas/ResourcePolicyInfo' + required: true + responses: + 200: + description: | + OK. + Successful response with updated the resource policy definition + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ResourcePolicyInfo' + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/resource-policies/8efc32a4-c7f1-4bee-b860-b7566e2bc0d5"' + operationId: updateAPIResourcePoliciesByPolicyId + + /apis/{apiId}/thumbnail: + get: + tags: + - APIs + summary: Get Thumbnail Image + description: | + This operation can be used to download a thumbnail image of an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Thumbnail image returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/thumbnail"' + operationId: getAPIThumbnail + + put: + tags: + - APIs + summary: Upload a Thumbnail Image + description: | + This operation can be used to upload a thumbnail image of an API. The thumbnail to be uploaded should be given as a form data parameter `file`. + operationId: updateAPIThumbnail + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: Image to upload + format: binary + required: true + responses: + 200: + description: | + OK. + Image updated + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the uploaded thumbnail image of the API. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/FileInfo' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:api_publish + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=image.jpeg "https://127.0.0.1:9443/api/am/publisher/v3/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/thumbnail"' + + /apis/{apiId}/subscription-policies: + get: + tags: + - APIs + summary: | + Get Details of the Subscription Throttling Policies of an API + description: | + This operation can be used to retrieve details of the subscription throttling policy of an API by specifying the API Id. + + `X-WSO2-Tenant` header can be used to retrive API subscription throttling policies that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Throttling Policy returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ThrottlingPolicy' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/subscription-policies"' + operationId: getAPISubscriptionPolicies + + /apis/copy-api: + post: + tags: + - APIs + summary: Create a New API Version + description: | + This operation can be used to create a new version of an existing API. The new version is specified as `newVersion` query parameter. New API will be in `CREATED` state. + parameters: + - name: newVersion + in: query + description: Version of the new API. + required: true + schema: + maxLength: 30 + type: string + - name: defaultVersion + in: query + description: Specifies whether new API should be added as default version. + schema: + type: boolean + default: false + - name: serviceVersion + in: query + description: Version of the Service that will used in creating new version + schema: + type: string + required: false + - $ref: '#/components/parameters/apiId-Q' + responses: + 201: + description: | + Created. + Successful response with the newly created API as entity in the body. Location header contains URL of newly created API. + headers: + Location: + description: | + The URL of the newly created API. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/copy-api?newVersion=2.0&defaultVersion=false&apiId=2fd14eb8-b828-4013-b448-0739d2e76bf7"' + x-examples: + $ref: docs/examples/apis/apis_copyapi.yaml#/post + operationId: createNewAPIVersion + + /apis/change-lifecycle: + post: + tags: + - API Lifecycle + summary: Change API Status + description: | + This operation is used to change the lifecycle of an API. Eg: Publish an API which is in `CREATED` state. In order to change the lifecycle, we need to provide the lifecycle `action` as a query parameter. + + For example, to Publish an API, `action` should be `Publish`. Note that the `Re-publish` action is available only after calling `Block`. + + Some actions supports providing additional paramters which should be provided as `lifecycleChecklist` parameter. Please see parameters table for more information. + parameters: + - name: action + in: query + description: | + The action to demote or promote the state of the API. + + Supported actions are [ **Publish**, **Deploy as a Prototype**, **Demote to Created**, **Block**, **Deprecate**, **Re-Publish**, **Retire** ] + required: true + schema: + type: string + enum: + - Publish + - Deploy as a Prototype + - Demote to Created + - Block + - Deprecate + - Re-Publish + - Retire + - name: lifecycleChecklist + in: query + description: |2 + + Supported checklist items are as follows. + 1. **Deprecate old versions after publishing the API**: Setting this to true will deprecate older versions of a particular API when it is promoted to Published state from Created state. + 2. **Requires re-subscription when publishing the API**: If you set this to true, users need to re subscribe to the API although they may have subscribed to an older version. + You can specify additional checklist items by using an **"attribute:"** modifier. + Eg: "Deprecate old versions after publishing the API:true" will deprecate older versions of a particular API when it is promoted to Published state from Created state. Multiple checklist items can be given in "attribute1:true, attribute2:false" format. + **Sample CURL :** curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -X POST "https://localhost:9443/api/am/publisher/v3/apis/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish&lifecycleChecklist=Deprecate%20old%20versions%20after%20publishing%20the%20API%3Atrue,Requires%20re-subscription%20when%20publishing%20the%20API%3Afalse" + schema: + type: string + - $ref: '#/components/parameters/apiId-Q' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Lifecycle changed successfully. + headers: + ETag: + description: | + Entity Tag of the changed API. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the API lifecycle has been modified the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 202: + description: | + Accepted. + The request has been accepted. + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + - apim:api_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish"' + operationId: changeAPILifecycle + + /apis/{apiId}/lifecycle-history: + get: + tags: + - API Lifecycle + summary: Get Lifecycle State Change History of the API. + description: | + This operation can be used to retrieve Lifecycle state change history of the API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Lifecycle state change history returned successfully. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/LifecycleHistory' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-history"' + operationId: getAPILifecycleHistory + + /apis/{apiId}/lifecycle-state: + get: + tags: + - API Lifecycle + summary: Get Lifecycle State Data of the API. + description: | + This operation can be used to retrieve Lifecycle state data of the API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Lifecycle state data returned successfully. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/LifecycleState' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state"' + operationId: getAPILifecycleState + + /apis/{apiId}/lifecycle-state/pending-tasks: + delete: + tags: + - API Lifecycle + summary: Delete Pending Lifecycle State Change Tasks + description: | + This operation can be used to remove pending lifecycle state change requests that are in pending state + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Lifecycle state change pending task removed successfully. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state/pending-tasks"' + operationId: deleteAPILifecycleStatePendingTasks + + ###################################################### + # The "API Revisions" resource API + ###################################################### + /apis/{apiId}/revisions: + + #-------------------------------------------- + # List available revisions of an API + #-------------------------------------------- + get: + tags: + - API Revisions + summary: List Revisions + description: | + List available revisions of an API + operationId: getAPIRevisions + parameters: + - $ref: '#/components/parameters/apiId' + - name: query + in: query + schema: + type: string + responses: + 200: + description: | + OK. + List of API revisions are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_create + - apim:api_manage + - apim:api_publish + - apim:api_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions?query=deployed:true"' + + #-------------------------------------------- + # Create a new API revision + #-------------------------------------------- + post: + tags: + - API Revisions + summary: Create API Revision + description: | + Create a new API revision + operationId: createAPIRevision + parameters: + - $ref: '#/components/parameters/apiId' + requestBody: + description: API object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevision' + responses: + 201: + description: | + Created. + Successful response with the newly created APIRevision object as the entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevision' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:api_publish + - apim:api_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions"' + + ###################################################### + # The "API Revisions" individual resource API + ###################################################### + /apis/{apiId}/revisions/{revisionId}: + + #-------------------------------------------- + # Get a revision + #-------------------------------------------- + get: + tags: + - API Revisions + summary: Retrieve Revision + description: | + Retrieve a revision of an API + operationId: getAPIRevision + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/revisionId' + responses: + 200: + description: | + OK. + An API revision is returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevision' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_create + - apim:api_manage + - apim:api_publish + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' + + #-------------------------------------------- + # Delete a revision + #-------------------------------------------- + delete: + tags: + - API Revisions + summary: Delete Revision + description: | + Delete a revision of an API + operationId: deleteAPIRevision + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/revisionId' + responses: + 200: + description: | + OK. + List of remaining API revisions are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionList' + 204: + description: | + No Content. + Successfully deleted the revision + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:api_publish + - apim:api_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' + + /apis/{apiId}/deployments: + #-------------------------------------------- + # List available deployed revision deployment details of an API + #-------------------------------------------- + get: + tags: + - API Revisions + summary: List Deployments + description: | + List available deployed revision deployment details of an API + operationId: getAPIRevisionDeployments + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + List of deployed revision deployment details are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionDeploymentList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_create + - apim:api_manage + - apim:api_publish + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments"' + + /apis/{apiId}/deployments/{deploymentId}: + #-------------------------------------------- + # Change Display On Devportal Field + #-------------------------------------------- + put: + tags: + - API Revisions + summary: Update Deployment + description: | + Update deployment devportal visibility + operationId: updateAPIDeployment + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/deploymentId' + requestBody: + description: Deployment object that needs to be updated + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionDeployment' + responses: + 200: + description: | + Created. + Successful response with the newly updated APIRevisionDeployment List object as the entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionDeployment' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:api_publish + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -d @data.json + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments/UHJvZHVjdGlvbiBhbmQgU2FuZGJveA"' + + /apis/{apiId}/deploy-revision: + #-------------------------------------------- + # Deploy a revision + #-------------------------------------------- + post: + tags: + - API Revisions + summary: Deploy Revision + description: | + Deploy a revision + operationId: deployAPIRevision + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/revisionId-Q' + requestBody: + description: Deployment object that needs to be added + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/APIRevisionDeployment' + responses: + 200: + description: | + Created. + Successful response with the newly deployed APIRevisionDeployment List object as the entity in the body. + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/APIRevisionDeployment' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:api_publish + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' + + /apis/{apiId}/undeploy-revision: + #-------------------------------------------- + # Un-Deploy a revision from deployed gateway + #-------------------------------------------- + post: + tags: + - API Revisions + summary: UnDeploy Revision + description: | + UnDeploy a revision + operationId: undeployAPIRevision + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/revisionId-Q' + - $ref: '#/components/parameters/revisionNum-Q' + - name: allEnvironments + in: query + schema: + type: boolean + default: false + requestBody: + description: Deployment object that needs to be added + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/APIRevisionDeployment' + responses: + 200: + description: | + OK. + 201: + description: | + Created. + Successful response with the newly undeployed APIRevisionDeploymentList object as the entity in the body. + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/APIRevisionDeployment' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:api_publish + - apim:api_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/undeploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' + + /apis/{apiId}/restore-revision: + + #-------------------------------------------------------- + # Restore a revision to the current API of the API + #-------------------------------------------------------- + post: + tags: + - API Revisions + summary: Restore API Revision + description: | + Restore a revision to the current API of the API + operationId: restoreAPIRevision + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/revisionId-Q' + responses: + 201: + description: | + Restored. + Successful response with the newly restored API object as the entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:api_publish + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/restore-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' + + /apis/import-service: + post: + tags: + - APIs + summary: Import a Service from Service Catalog + description: This operation can be used to create an API from a Service from Service Catalog + operationId: importServiceFromCatalog + parameters: + - name: serviceKey + in: query + required: true + schema: + type: string + description: ID of service that should be imported from Service Catalog + example: Pizzashack-1.0.0 + requestBody: + content: + application/json: + schema: + '$ref': '#/components/schemas/API' + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains the URL of the newly created entity. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/import-service?serviceKey=Pizzashack-1.0.0"' + + /apis/{apiId}/comments: + get: + tags: + - Comments + summary: Retrieve API Comments + description: | + Get a list of Comments that are already added to APIs + operationId: getAllCommentsOfAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/includeCommenterInfo' + responses: + 200: + description: | + OK. + Comments list is returned. + content: + application/json: + schema: + $ref: '#/components/schemas/CommentList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:comment_view + - apim:comment_manage + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/publisher/v1/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments" + + post: + tags: + - Comments + summary: Add an API Comment + operationId: addCommentToAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/parentCommentID' + requestBody: + description: | + Comment object that should to be added + content: + application/json: + schema: + title: Post request body + type: object + properties: + content: + type: string + maxLength: 512 + description: | + Content of the comment + example: This is a comment + category: + type: string + description: | + Category of the comment + example: general + required: + - content + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created Comment. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:comment_write + - apim:comment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/publisher/v1/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments"' + + /apis/{apiId}/comments/{commentId}: + get: + tags: + - Comments + summary: Get Details of an API Comment + description: | + Get the individual comment given by a username for a certain API. + operationId: getCommentOfAPI + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/includeCommenterInfo' + - $ref: '#/components/parameters/replyLimit' + - $ref: '#/components/parameters/replyOffset' + responses: + 200: + description: | + OK. + Comment returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:comment_view + - apim:comment_manage + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/publisher/v1/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" + + patch: + tags: + - Comments + summary: Edit a comment + description: | + Edit the individual comment + operationId: editCommentOfAPI + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + requestBody: + description: | + Comment object that should to be updated + content: + application/json: + schema: + title: Patch request body + type: object + properties: + content: + type: string + maxLength: 512 + description: | + Content of the comment + example: This is a comment + category: + type: string + description: | + Category of the comment + example: general + required: true + responses: + 200: + description: | + OK. + Comment updated. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created Comment. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:comment_write + - apim:comment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PATCH -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/publisher/v1/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' + + delete: + tags: + - Comments + summary: Delete an API Comment + description: | + Remove a Comment + operationId: deleteComment + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 401: + $ref: '#/components/responses/Unauthorized' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 405: + description: | + MethodNotAllowed. + Request method is known by the server but is not supported by the target resource. + content: {} + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:comment_write + - apim:comment_manage + - apim:admin # special scope added to moderate other comments as well + x-code-samples: + - lang: Curl + source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/publisher/v1/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" + + /apis/{apiId}/comments/{commentId}/replies: + get: + tags: + - Comments + summary: Get replies of a comment + description: | + Get replies of a comment + operationId: getRepliesOfComment + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/includeCommenterInfo' + responses: + 200: + description: | + OK. + Comment returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CommentList' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:comment_view + - apim:comment_manage + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/publisher/v1/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4/replies" + + /apis/import-openapi: + post: + tags: + - APIs + summary: Import an OpenAPI Definition + description: | + This operation can be used to create an API from an OpenAPI definition. Provide either `url` or `file` + to specify the definition. + + Specify additionalProperties with **at least** API's name, version, context and endpointConfig. + operationId: importOpenAPIDefinition + requestBody: + content: + multipart/form-data: + schema: + properties: + file: + type: string + description: Definition to upload as a file + format: binary + url: + type: string + description: Definition url + additionalProperties: + type: string + description: Additional attributes specified as a stringified JSON with API's schema + inlineAPIDefinition: + type: string + description: Inline content of the OpenAPI definition + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@openapi.json -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/import-openapi"' + x-examples: + $ref: docs/examples/apis/import_openapi_post.yaml + + /apis/import-wsdl: + post: + tags: + - APIs + summary: Import a WSDL Definition + description: | + This operation can be used to create an API using a WSDL definition. Provide either `url` or `file` + to specify the definition. + + WSDL can be speficied as a single file or a ZIP archive with WSDLs and reference XSDs etc. + Specify additionalProperties with **at least** API's name, version, context and endpointConfig. + operationId: importWSDLDefinition + requestBody: + content: + multipart/form-data: + schema: + properties: + file: + type: string + description: | + WSDL definition as a file or archive + + **Sample cURL to Upload WSDL File** + + curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@api.wsdl -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/import-wsdl" + + **Sample cURL to Upload WSDL Archive** + + curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file="@wsdl.zip;type=application/zip" -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/import-wsdl" + format: binary + url: + type: string + description: WSDL Definition url + additionalProperties: + type: string + description: Additional attributes specified as a stringified JSON + with API's schema + implementationType: + type: string + description: | + If 'SOAP' is specified, the API will be created with only one resource 'POST /*' which is to be used for SOAP + operations. + + If 'HTTP_BINDING' is specified, the API will be created with resources using HTTP binding operations + which are extracted from the WSDL. + default: SOAP + enum: + - SOAPTOREST + - SOAP + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@api.wsdl -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/import-wsdl"' + x-examples: + $ref: docs/examples/apis/wsdl/import_wsdl_post.yaml + + /apis/import-graphql-schema: + post: + tags: + - APIs + summary: Import a GraphQL SDL + description: | + This operation can be used to create api from api definition.APIMgtDAOTest + + API definition is GraphQL Schema + parameters: + - name: If-Match + in: header + description: | + Validator for conditional requests; based on ETag. + schema: + type: string + requestBody: + content: + multipart/form-data: + schema: + properties: + type: + type: string + description: Definition type to upload + file: + type: string + description: Definition to uploads a file + format: binary + additionalProperties: + type: string + description: Additional attributes specified as a stringified JSON + with API's schema + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@schema.graphql -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/import-graphql-schema"' + operationId: importGraphQLSchema + + /apis/validate-openapi: + post: + tags: + - Validation + summary: Validate an OpenAPI Definition + description: | + This operation can be used to validate an OpenAPI definition and retrieve a summary. Provide either `url` + or `file` to specify the definition. + operationId: validateOpenAPIDefinition + parameters: + - name: returnContent + in: query + description: | + Specify whether to return the full content of the OpenAPI definition in the response. This is only + applicable when using url based validation + schema: + type: boolean + default: false + requestBody: + content: + multipart/form-data: + schema: + properties: + url: + type: string + description: OpenAPI definition url + file: + type: string + description: OpenAPI definition as a file + format: binary + inlineAPIDefinition: + type: string + description: Inline content of the OpenAPI definition + responses: + 200: + description: | + OK. + API definition validation information is returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/OpenAPIDefinitionValidationResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@openapi.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/validate-openapi"' + x-examples: + $ref: docs/examples/apis/validate_openapi_post.yaml + + /apis/validate-endpoint: + post: + tags: + - Validation + summary: Check Whether Given Endpoint URL is Valid + description: | + Using this operation, it is possible check whether the given API endpoint url is a valid url + operationId: validateEndpoint + parameters: + - name: endpointUrl + in: query + description: API endpoint url + required: true + schema: + type: string + - name: apiId + in: query + schema: + type: string + responses: + 200: + description: | + OK. + API definition validation information is returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApiEndpointValidationResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/validate-endpoint?apiId=e0824883-3e86-403a-aec1-22bbc454eb7c&endpointUrl=https%3A%2F%2Flocalhost%3A9443%2Fam%2Fsample%2Fpizzashack%2Fv1%2Fapi%2F"' + + /apis/validate: + post: + tags: + - Validation + summary: Check Given API Context Name already Exists + description: | + Using this operation, you can check a given API context is already used. You need to provide the context name you want to check. + operationId: validateAPI + parameters: + - name: query + in: query + description: | + **Search condition**. + + You can search in attributes by using an **":"** modifier. + + Eg. + "name:wso2" will match an API if the provider of the API is exactly "wso2". + + Supported attribute modifiers are [** version, context, name **] + + If no advanced attribute modifier has been specified, search will match the + given query string against API Name. + required: true + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + API definition validation information is returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/validate?query=name%3Awso2"' + x-examples: + $ref: docs/examples/apis/apis_validate.yaml + + /apis/validate-wsdl: + post: + tags: + - Validation + summary: Validate a WSDL Definition + description: | + This operation can be used to validate a WSDL definition and retrieve a summary. Provide either `url` + or `file` to specify the definition. + operationId: validateWSDLDefinition + requestBody: + content: + multipart/form-data: + schema: + properties: + url: + type: string + description: Definition url + file: + type: string + description: Definition to upload as a file + format: binary + responses: + 200: + description: | + OK. + API definition validation information is returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WSDLValidationResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@api.wsdl "https://127.0.0.1:9443/api/am/publisher/v3/apis/validate-wsdl"' + x-examples: + $ref: docs/examples/apis/wsdl/validate_wsdl_post.yaml + + /apis/validate-graphql-schema: + post: + tags: + - Validation + summary: Validate a GraphQL SDL + description: | + This operation can be used to validate a graphQL definition and retrieve a summary. + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: Definition to upload as a file + format: binary + required: true + responses: + 200: + description: | + OK. + API definition validation information is returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/GraphQLValidationResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@schema.graphql "https://127.0.0.1:9443/api/am/publisher/v3/apis/validate-graphql-schema"' + operationId: validateGraphQLSchema + + /apis/{apiId}/graphql-schema: + get: + tags: + - GraphQL Schema (Individual) + summary: Get the Schema of a GraphQL API + description: | + This operation can be used to retrieve the Schema definition of a GraphQL API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested GraphQL Schema DTO object belongs to the API + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/GraphQLSchema' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/e0824883-3e86-403a-aec1-22bbc454eb7c/graphql-schema"' + operationId: getAPIGraphQLSchema + + put: + tags: + - GraphQL Schema + summary: Add a Schema to a GraphQL API + description: | + This operation can be used to add a GraphQL Schema definition to an existing GraphQL API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + required: + - schemaDefinition + properties: + schemaDefinition: + type: string + description: schema definition of the GraphQL API + required: true + responses: + 200: + description: | + OK. + Successful response with updated schema definition + headers: + ETag: + description: | + Entity Tag of the response resource. Used by cache, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F schemaDefinition=@schema.graphql "https://127.0.0.1:9443/api/am/publisher/v3/apis/e0824883-3e86-403a-aec1-22bbc454eb7c/graphql-schema"' + operationId: updateAPIGraphQLSchema + + /apis/{apiId}/amznResourceNames: + get: + tags: + - AWS Lambda (Individual) + summary: Retrieve the ARNs of AWS Lambda Functions + description: | + This operation can be use to retrieve ARNs of AWS Lambda function for a given AWS credentials. + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Requested ARN List of the API is returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + example: |- + { + "count": "2", + "list": [ + "arn:aws:lambda:us-west-2:123456789012:function:my-function1", + "arn:aws:lambda:us-west-2:123456789012:function:my-function2" + ] + } + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/e0824883-3e86-403a-aec1-22bbc454eb7c/amznResourceNames"' + x-examples: + $ref: docs/examples/apis/apis_id_amznresourcenames_get.yaml + operationId: getAmazonResourceNamesOfAPI + + /apis/{apiId}/monetize: + post: + tags: + - API Monetization + summary: Configure Monetization for a Given API + description: | + This operation can be used to configure monetization for a given API. + parameters: + - $ref: '#/components/parameters/apiId' + requestBody: + description: Monetization data object + content: + application/json: + schema: + $ref: '#/components/schemas/APIMonetizationInfo' + required: true + responses: + 201: + description: | + OK. + Monetization status changed successfully. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/monetize' + operationId: addAPIMonetization + + /apis/{apiId}/monetization: + get: + tags: + - API Monetization + summary: Get Monetization Status for each Tier in a Given API + description: | + This operation can be used to get monetization status for each tier in a given API + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Monetization status for each tier returned successfully. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/monetize"' + operationId: getAPIMonetization + + /apis/{apiId}/revenue: + get: + tags: + - API Monetization + summary: Get Total Revenue Details of a Given Monetized API with Meterd Billing + description: | + This operation can be used to get details of total revenue details of a given monetized API with meterd billing. + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Details of a total revenue returned. + headers: + ETag: + description: Entity Tag of the response resource. Used by caches, or + in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevenue' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/revenue"' + operationId: getAPIRevenue + + /apis/{apiId}/documents: + get: + tags: + - API Documents + summary: Get a List of Documents of an API + description: | + This operation can be used to retrieve a list of documents belonging to an API by providing the id of the API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document list is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/DocumentList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/e0824883-3e86-403a-aec1-22bbc454eb7c/documents"' + operationId: getAPIDocuments + + post: + tags: + - API Documents + summary: Add a New Document to an API + description: | + This operation can be used to add a new documentation to an API. This operation only adds the metadata of a document. To add the actual content we need to use **Upload the content of an API document ** API once we obtain a document Id by this operation. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: Document object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created Document object as entity in the body. + Location header contains URL of newly added document. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + Location to the newly created Document. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:document_create #deprecate + - apim:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents"' + operationId: addAPIDocument + + /apis/{apiId}/documents/{documentId}: + get: + tags: + - API Documents + summary: Get a Document of an API + description: | + This operation can be used to retrieve a particular document's metadata associated with an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5"' + operationId: getAPIDocumentByDocumentId + + put: + tags: + - API Documents + summary: Update a Document of an API + description: | + This operation can be used to update metadata of an API's document. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: Document object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + required: true + responses: + 200: + description: | + OK. + Document updated + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the updated document. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @doc.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5"' + operationId: updateAPIDocument + + delete: + tags: + - API Documents + summary: Delete a Document of an API + description: | + This operation can be used to delete a document associated with an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5"' + operationId: deleteAPIDocument + + /apis/{apiId}/documents/{documentId}/content: + get: + tags: + - API Documents + summary: Get the Content of an API Document + description: | + This operation can be used to retrive the content of an API's document. + + The document can be of 3 types. In each cases responses are different. + + 1. **Inline type**: + The content of the document will be retrieved in `text/plain` content type + + _Sample cURL_ : `curl -k -H "Authorization:Bearer 579f0af4-37be-35c7-81a4-f1f1e9ee7c51" -F inlineContent=@"docs.txt" -X POST "https://localhost:9443/api/am/publisher/v3/apis/995a4972-3178-4b17-a374-756e0e19127c/documents/43c2bcce-60e7-405f-bc36-e39c0c5e189e/content` + 2. **FILE type**: + The file will be downloaded with the related content type (eg. `application/pdf`) + 3. **URL type**: + The client will recieve the URL of the document as the Location header with the response with - `303 See Other` + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + File or inline content returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/octet-stream: + schema: + type: string + 303: + description: | + See Other. + Source can be retrived from the URL specified at the Location header. + headers: + Location: + description: | + The Source URL of the document. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content"' + operationId: getAPIDocumentContentByDocumentId + + post: + tags: + - API Documents + summary: Upload the Content of an API Document + description: | + Thid operation can be used to upload a file or add inline content to an API document. + + **IMPORTANT:** + * Either **file** or **inlineContent** form data parameters should be specified at one time. + * Document's source type should be **FILE** in order to upload a file to the document using **file** parameter. + * Document's source type should be **INLINE** in order to add inline content to the document using **inlineContent** parameter. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + properties: + file: + type: string + description: Document to upload + format: binary + inlineContent: + type: string + description: Inline content of the document + responses: + 200: + description: | + OK. + Document updated + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the updated content of the document. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:document_create #deprecate + - apim:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@sample.pdf "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content"' + operationId: addAPIDocumentContent + + /apis/{apiId}/documents/validate: + post: + tags: + - API Documents + summary: Check Whether a Document with the Provided Name Exist + description: | + This operation can be used to verify the document name exists or not. + operationId: validateDocument + parameters: + - $ref: '#/components/parameters/apiId' + - name: name + in: query + description: | + The name of the document which needs to be checked for the existance. + required: true + schema: + type: string + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Successful response if the document name exists. + 400: + $ref: '#/components/responses/BadRequest' + 404: + description: | + Not Found. + The specified resource does not exist. + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:document_manage + - apim:document_create #deprecate + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/validate?name=CalculatorDoc"' + x-examples: + $ref: docs/examples/apis/apis_id_document_validate.yaml + + /apis/{apiId}/wsdl-info: + get: + tags: + - APIs + summary: Get WSDL Meta Information + description: | + This operation can be used to retrieve the WSDL meta information of an API. It states whether the API is a SOAP + API. If the API is a SOAP API, it states whether it has a single WSDL or a WSDL archive. + operationId: getWSDLInfoOfAPI + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Requested WSDL meta information of the API is returned + content: + application/json: + schema: + $ref: '#/components/schemas/WSDLInfo' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/wsdl-info"' + x-examples: + $ref: docs/examples/apis/wsdl/apiId_wsdl_info_get.yaml + + /apis/{apiId}/wsdl: + get: + tags: + - APIs + summary: Get WSDL definition + description: | + This operation can be used to retrieve the WSDL definition of an API. It can be either a single WSDL file or a WSDL archive. + + The type of the WSDL of the API is indicated at the "wsdlInfo" element of the API payload definition. + operationId: getWSDLOfAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested WSDL document of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/wsdl"' + x-examples: + $ref: docs/examples/apis/wsdl/apiId_wsdl_get.yaml + + put: + tags: + - APIs + summary: Update WSDL Definition + description: | + This operation can be used to update the WSDL definition of an existing API. WSDL to be updated can be passed as either "url" or "file". + Only one of "url" or "file" can be used at the same time. "file" can be specified as a single WSDL file or as a zip file which has a WSDL + and its dependencies (eg: XSDs) + operationId: updateWSDLOfAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + properties: + file: + type: string + description: WSDL file or archive to upload + format: binary + url: + type: string + description: WSDL Definition url + responses: + 200: + description: | + OK. + Successful response with updated WSDL definition + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@api.wsdl "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/wsdl"' + x-examples: + $ref: docs/examples/apis/wsdl/apiId_wsdl_put.yaml + + /apis/{apiId}/graphql-policies/complexity: + get: + tags: + - GraphQL Policies + summary: Get the Complexity Related Details of an API + description: | + This operation can be used to retrieve complexity related details belonging to an API by providing the API id. + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Requested complexity details returned. + headers: + Content-Type: + description: | + The content of the body. + schema: + type: string + default: application/json + content: + application/json: + schema: + $ref: '#/components/schemas/GraphQLQueryComplexityInfo' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_create + - apim:api_manage + - apim:api_publish + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/graphql-policies/complexity"' + operationId: getGraphQLPolicyComplexityOfAPI + + + put: + tags: + - GraphQL Policies + summary: Update Complexity Related Details of an API + description: | + This operation can be used to update complexity details belonging to an API by providing the id of the API. + parameters: + - $ref: '#/components/parameters/apiId' + requestBody: + description: Role-depth mapping that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/GraphQLQueryComplexityInfo' + responses: + 200: + description: | + Created. + Complexity details created successfully. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/graphql-policies/complexity"' + operationId: updateGraphQLPolicyComplexityOfAPI + + /apis/{apiId}/graphql-policies/complexity/types: + get: + tags: + - GraphQL Policies + summary: Retrieve Types and Fields of a GraphQL Schema + description: | + This operation can be used to retrieve all types and fields of the GraphQL Schema by providing the API id. + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Types and fields returned successfully. + headers: + Content-Type: + description: | + The content of the body. + schema: + type: string + default: application/json + content: + application/json: + schema: + $ref: '#/components/schemas/GraphQLSchemaTypeList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_create + - apim:api_manage + - apim:api_publish + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/graphql-policies/complexity/types"' + operationId: getGraphQLPolicyComplexityTypesOfAPI + + /apis/{apiId}/resource-paths: + get: + tags: + - APIs + summary: Get Resource Paths of an API + description: | + This operation can be used to retrieve resource paths defined for a specific api. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + ResourcePaths returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ResourcePathList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/resource-paths"' + operationId: getAPIResourcePaths + + /apis/{apiId}/auditapi: + get: + tags: + - API Audit + summary: Retrieve the Security Audit Report of the Audit API + description: | + Retrieve the Security Audit Report of the Audit API + parameters: + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + The Security Audit Report has been returned. + headers: + Content-Type: + description: | + The content of the body. + schema: + type: string + default: application/json + content: + application/json: + schema: + $ref: '#/components/schemas/AuditReport' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/auditapi"' + x-examples: + $ref: "docs/examples/apis/apis_id_auditapi_get.yaml" + operationId: getAuditReportOfAPI + + /apis/{apiId}/external-stores: + get: + tags: + - External Stores + summary: Get the List of External Stores to which an API is Published + description: | + This operation can be used to retrieve a list of external stores which an API is published to by providing the id of the API. + operationId: getAllPublishedExternalStoresByAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + External Store list is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIExternalStoreList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/external-stores"' + x-examples: + $ref: docs/examples/external-stores/external_stores.yaml#/getPublishedExternalStoresByAPI + + /apis/{apiId}/publish-to-external-stores: + post: + tags: + - External Stores + summary: Publish an API to External Stores + description: | + This operation can be used to publish an API to a list of external stores. + operationId: publishAPIToExternalStores + parameters: + - $ref: '#/components/parameters/apiId' + - name: externalStoreIds + in: query + description: External Store Ids of stores which the API needs to be published + or updated. + schema: + type: string + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + API was successfully published to all the selected external stores. + headers: + ETag: + description: | + Entity Tag of the blocked subscription. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the subscription has been blocked. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIExternalStoreList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/publish-to-external-stores?externalStoreId=Store123#"' + x-examples: + $ref: docs/examples/external-stores/external_stores.yaml#/publishToExternalStore + + /apis/{apiId}/generate-key: + post: + tags: + - APIs + summary: Generate internal API Key to invoke APIS. + description: | + This operation can be used to generate internal api key which used to invoke API. + operationId: generateInternalAPIKey + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + apikey generated. + content: + application/json: + schema: + $ref: '#/components/schemas/APIKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_generate_key + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/7a2298c4-c905-403f-8fac-38c73301631f/generate-key"' + + /apis/export: + get: + tags: + - Import Export + summary: Export an API + description: | + This operation can be used to export the details of a particular API as a zip file. + parameters: + - name: apiId + in: query + description: UUID of the API + schema: + type: string + - name: name + in: query + description: | + API Name + schema: + type: string + - name: version + in: query + description: | + Version of the API + schema: + type: string + - name: revisionNumber + in: query + description: | + Revision number of the API artifact + schema: + type: string + - name: providerName + in: query + description: | + Provider name of the API + schema: + type: string + - name: format + in: query + description: | + Format of output documents. Can be YAML or JSON. + schema: + type: string + enum: + - JSON + - YAML + - name: preserveStatus + in: query + description: | + Preserve API Status on export + schema: + type: boolean + - name: latestRevision + in: query + description: | + Export the latest revision of the API + schema: + type: boolean + default: false + responses: + 200: + description: | + OK. + Export Successful. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/zip: + schema: + type: string + format: binary + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_create + - apim:api_import_export + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/export?apiId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=PizzaShackAPI&version=1.0&provider=admin&format=YAML" + > exportAPI.zip' + operationId: exportAPI + + /apis/import: + post: + tags: + - Import Export + summary: Import an API + description: | + This operation can be used to import an API. + parameters: + - name: preserveProvider + in: query + description: | + Preserve Original Provider of the API. This is the user choice to keep or replace the API provider + required: false + schema: + type: boolean + - name: rotateRevision + in: query + description: | + Once the revision max limit reached, undeploy and delete the earliest revision and create a new revision + required: false + schema: + type: boolean + - name: overwrite + in: query + description: | + Whether to update the API or not. This is used when updating already existing APIs + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: Zip archive consisting on exported api configuration + format: binary + responses: + 200: + description: | + Created. + API Imported Successfully. + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_import_export + - apim:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@admin-PizzaShackAPI-1.0.0.zip "https://127.0.0.1:9443/api/am/publisher/v3/apis/import?preserveProvider=false&overwrite=false"' + operationId: importAPI + + ###################################################### + # The "Subscription Collection" resource APIs + ###################################################### + /subscriptions: + get: + tags: + - Subscriptions + summary: Get all Subscriptions + description: | + This operation can be used to retrieve a list of subscriptions of the user associated with the provided access token. This operation is capable of + + 1. Retrieving all subscriptions for the user's APIs. + `GET https://127.0.0.1:9443/api/am/publisher/v3/subscriptions` + + 2. Retrieving subscriptions for a specific API. + `GET https://127.0.0.1:9443/api/am/publisher/v3/subscriptions?apiId=c43a325c-260b-4302-81cb-768eafaa3aed` + parameters: + - $ref: '#/components/parameters/apiId-Q-Opt' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + - name: query + in: query + description: | + Keywords to filter subscriptions + schema: + type: string + responses: + 200: + description: | + OK. + Subscription list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:subscription_view + - apim:subscription_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/subscriptions?apiId=96077508-fd01-4fae-bc64-5de0e2baf43c"' + operationId: getSubscriptions + + ###################################################### + # The Individual Subscription resource APIs + ###################################################### + /subscriptions/{subscriptionId}/usage: + get: + tags: + - API Monetization + summary: Get Details of a Pending Invoice for a Monetized Subscription with Metered Billing. + description: | + This operation can be used to get details of a pending invoice for a monetized subscription with meterd billing. + parameters: + - $ref: '#/components/parameters/subscriptionId' + responses: + 200: + description: | + OK. + Details of a pending invoice returned. + headers: + ETag: + description: Entity Tag of the response resource. Used by caches, or + in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIMonetizationUsage' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + description: | + Not Found. + Requested Subscription does not exist. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + security: + - OAuth2Security: + - apim:api_view + - apim:subscription_view + - apim:subscription_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/subscriptions/64eca60b-2e55-4c38-8603-e9e6bad7d809/usage"' + operationId: getSubscriptionUsage + + /subscriptions/{subscriptionId}/subscriber-info: + get: + tags: + - Subscriber + summary: Get Details of a Subscriber + description: | + This operation can be used to get details of a user who subscribed to the API. + parameters: + - $ref: '#/components/parameters/subscriptionId' + responses: + 200: + description: | + OK. + Details of the subscriber are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriberInfo' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:subscription_view + - apim:subscription_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/subscriptions/64eca60b-2e55-4c38-8603-e9e6bad7d809/subscriber-info"' + operationId: getSubscriberInfoBySubscriptionId + + /subscriptions/block-subscription: + post: + tags: + - Subscriptions + summary: Block a Subscription + description: | + This operation can be used to block a subscription. Along with the request, `blockState` must be specified as a query parameter. + + 1. `BLOCKED` : Subscription is completely blocked for both Production and Sandbox environments. + 2. `PROD_ONLY_BLOCKED` : Subscription is blocked for Production environment only. + parameters: + - $ref: '#/components/parameters/subscriptionId-Q' + - name: blockState + in: query + description: | + Subscription block state. + required: true + schema: + type: string + enum: + - BLOCKED + - PROD_ONLY_BLOCKED + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Subscription was blocked successfully. + headers: + ETag: + description: | + Entity Tag of the blocked subscription. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the subscription has been blocked. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscription_block + - apim:subscription_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/subscriptions/block-subscription?subscriptionId=64eca60b-2e55-4c38-8603-e9e6bad7d809&blockState=PROD_ONLY_BLOCKED"' + operationId: blockSubscription + + /subscriptions/unblock-subscription: + post: + tags: + - Subscriptions + summary: Unblock a Subscription + description: | + This operation can be used to unblock a subscription specifying the subscription Id. The subscription will be fully unblocked after performing this operation. + parameters: + - $ref: '#/components/parameters/subscriptionId-Q' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Subscription was unblocked successfully. + headers: + ETag: + description: | + Entity Tag of the unblocked subscription. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the subscription has been unblocked. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:subscription_block + - apim:subscription_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/subscriptions/unblock-subscription?subscriptionId=64eca60b-2e55-4c38-8603-e9e6bad7d809"' + operationId: unBlockSubscription + + + ###################################################### + # The "Thorttling Tier Collection" resource APIs + ###################################################### + /throttling-policies/{policyLevel}: + get: + tags: + - Throttling Policies + summary: Get All Throttling Policies for the Given Type + description: | + This operation can be used to list the available policies for a given policy level. Tier level should be specified as a path parameter and should be one of `subscription` and `api`. + `subscription` is for Subscription Level policies and `api` is for Resource Level policies + operationId: getAllThrottlingPolicies + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/policyLevel' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of policies returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ThrottlingPolicyList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:tier_view + - apim:tier_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/throttling-policies/api"' + + ###################################################### + # The "Subscription Throttling Based on Quota Type" resource APIs + ###################################################### + /throttling-policies/streaming/subscription: + get: + tags: + - Throttling Policies + summary: Get streaming throttling policies + description: | + This operation can be used to list the available streaming subscription policies + operationId: getSubscriptionThrottlingPolicies + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of subscription policies returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionPolicyList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:tier_view + - apim:tier_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/throttling-policies/subscription?tierQuotaType=RequestCountLimit"' + + ###################################################### + # The "Individual Throttling Tier" resource APIs + ###################################################### + /throttling-policies/{policyLevel}/{policyName}: + get: + tags: + - Throttling Policies + summary: Get Details of a Policy + description: | + This operation can be used to retrieve details of a single policy by specifying the policy level and policy name. + operationId: getThrottlingPolicyByName + parameters: + - $ref: '#/components/parameters/policyName' + - $ref: '#/components/parameters/policyLevel' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Tier returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ThrottlingPolicy' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:tier_view + - apim:tier_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/throttling-policies/api/Platinum"' + + /apis/{apiId}/client-certificates: + get: + tags: + - Client Certificates + summary: Retrieve/ Search Uploaded Client Certificates + description: | + This operation can be used to retrieve and search the uploaded client certificates. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - name: alias + in: query + description: Alias for the client certificate + schema: + type: string + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. Successful response with the list of matching certificate information in the body. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ClientCertificates' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:client_certificates_view + - apim:client_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates?alias=wso2carbon"' + operationId: getAPIClientCertificates + + post: + tags: + - Client Certificates + summary: Upload a New Certificate + description: | + This operation can be used to upload a new certificate for an endpoint. + parameters: + - $ref: '#/components/parameters/apiId' + requestBody: + content: + multipart/form-data: + schema: + required: + - alias + - certificate + - tier + properties: + certificate: + type: string + description: The certificate that needs to be uploaded. + format: binary + alias: + maxLength: 30 + minLength: 1 + type: string + description: Alias for the certificate + tier: + type: string + description: api tier to which the certificate should be applied. + required: true + responses: + 200: + description: | + OK. + The Certificate added successfully. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ClientCertMetadata' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:client_certificates_add + - apim:client_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F certificate=@test.crt -F alias=wso2carbon + -F apiId=fea749dd-d548-4a8b-b308-34903b39a34b -F tier=Gold "https://127.0.0.1:9443/api/am/publisher/v3/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates"' + operationId: addAPIClientCertificate + + /apis/{apiId}/client-certificates/{alias}: + get: + tags: + - Client Certificates + summary: Get the Certificate Information + description: | + This operation can be used to get the information about a certificate. + parameters: + - name: alias + in: path + required: true + schema: + type: string + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateInfo' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:client_certificates_view + - apim:client_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"' + operationId: getAPIClientCertificateByAlias + + put: + tags: + - Client Certificates + summary: Update a Certificate + description: | + This operation can be used to update an uploaded certificate. + parameters: + - name: alias + in: path + description: Alias for the certificate + required: true + schema: + maxLength: 30 + minLength: 1 + type: string + - $ref: '#/components/parameters/apiId' + requestBody: + content: + multipart/form-data: + schema: + properties: + certificate: + type: string + description: The certificate that needs to be uploaded. + format: binary + tier: + type: string + description: The tier of the certificate + responses: + 200: + description: | + OK. + The Certificate updated successfully. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ClientCertMetadata' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:client_certificates_update + - apim:client_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F certificate=@test.crt -F alias=wso2carbon + -F apiId=fea749dd-d548-4a8b-b308-34903b39a34b -F tier=Gold "https://127.0.0.1:9443/api/am/publisher/v3/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"' + operationId: updateAPIClientCertificateByAlias + + delete: + tags: + - Client Certificates + summary: Delete a Certificate + description: | + This operation can be used to delete an uploaded certificate. + parameters: + - name: alias + in: path + description: | + The alias of the certificate that should be deleted. + required: true + schema: + type: string + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + The Certificate deleted successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:client_certificates_update + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"' + operationId: deleteAPIClientCertificateByAlias + + /apis/{apiId}/client-certificates/{alias}/content: + get: + tags: + - Client Certificates + summary: Download a Certificate + description: | + This operation can be used to download a certificate which matches the given alias. + parameters: + - $ref: '#/components/parameters/apiId' + - name: alias + in: path + required: true + schema: + type: string + responses: + 200: + description: | + OK. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:client_certificates_view + - apim:client_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon/content"' + operationId: getAPIClientCertificateContentByAlias + + ###################################################### + # The "Certificate Management" resource APIs + ###################################################### + /endpoint-certificates: + get: + tags: + - Endpoint Certificates + summary: Retrieve/Search Uploaded Certificates + description: | + This operation can be used to retrieve and search the uploaded certificates. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - name: alias + in: query + description: Alias for the certificate + schema: + maxLength: 30 + type: string + - name: endpoint + in: query + description: Endpoint of which the certificate is uploaded + schema: + type: string + responses: + 200: + description: | + OK. Successful response with the list of matching certificate information in the body. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Certificates' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:ep_certificates_view + - apim:ep_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/endpoint-certificates?alias=wso2carbon&endpoint=www.abc.com"' + operationId: getEndpointCertificates + + post: + tags: + - Endpoint Certificates + summary: Upload a new Certificate. + description: | + This operation can be used to upload a new certificate for an endpoint. + requestBody: + content: + multipart/form-data: + schema: + required: + - alias + - certificate + - endpoint + properties: + certificate: + type: string + description: The certificate that needs to be uploaded. + format: binary + alias: + maxLength: 30 + minLength: 1 + type: string + description: Alias for the certificate + endpoint: + type: string + description: Endpoint to which the certificate should be applied. + required: true + responses: + 200: + description: | + OK. + The Certificate added successfully. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CertMetadata' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:ep_certificates_add + - apim:ep_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F certificate=@test.crt -F alias=alias + -F "endpoint=endpoint=https://www.abc.com" "https://127.0.0.1:9443/api/am/publisher/v3/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/endpoint-certificates"' + operationId: addEndpointCertificate + + /endpoint-certificates/{alias}: + get: + tags: + - Endpoint Certificates + summary: Get the Certificate Information + description: | + This operation can be used to get the information about a certificate. + parameters: + - name: alias + in: path + required: true + schema: + type: string + responses: + 200: + description: | + OK. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateInfo' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:ep_certificates_view + - apim:ep_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/endpoint-certificates/wso2carbon"' + operationId: getEndpointCertificateByAlias + + put: + tags: + - Endpoint Certificates + summary: Update a certificate. + description: | + This operation can be used to update an uploaded certificate. + parameters: + - name: alias + in: path + description: Alias for the certificate + required: true + schema: + maxLength: 30 + minLength: 1 + type: string + requestBody: + content: + multipart/form-data: + schema: + required: + - certificate + properties: + certificate: + type: string + description: The certificate that needs to be uploaded. + format: binary + required: true + responses: + 200: + description: | + OK. + The Certificate updated successfully. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CertMetadata' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:ep_certificates_update + - apim:ep_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F certificate=@test.crt "https://127.0.0.1:9443/api/am/publisher/v3/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/endpoint-certificates/wso2carbon"' + operationId: updateEndpointCertificateByAlias + + delete: + tags: + - Endpoint Certificates + summary: Delete a certificate. + description: | + This operation can be used to delete an uploaded certificate. + parameters: + - name: alias + in: path + description: | + The alias of the certificate that should be deleted. + required: true + schema: + type: string + responses: + 200: + description: | + OK. + The Certificate deleted successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + - apim:ep_certificates_update + - apim:ep_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/endpoint-certificates/wso2carbon"' + operationId: deleteEndpointCertificateByAlias + + /endpoint-certificates/{alias}/content: + get: + tags: + - Endpoint Certificates + summary: Download a Certificate + description: | + This operation can be used to download a certificate which matches the given alias. + parameters: + - name: alias + in: path + required: true + schema: + type: string + responses: + 200: + description: | + OK. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:ep_certificates_view + - apim:ep_certificates_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/endpoint-certificates/wso2carbon/content"' + operationId: getEndpointCertificateContentByAlias + + ###################################################### + # The "Content Search Results" resource APIs + ###################################################### + /search: + get: + tags: + - Unified Search + summary: | + Retrieve/Search APIs and API Documents by Content + description: | + This operation provides you a list of available APIs and API Documents qualifying the given keyword match. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - name: query + in: query + description: | + **Search**. + + You can search by proving a keyword. + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of qualifying APIs and API documents is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SearchResultList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:api_import_export + - apim:api_product_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/search?query=pizza"' + x-examples: + $ref: docs/examples/apis/search_get.yaml + operationId: search + + ###################################################### + # The "API Product Collection" resource APIs + ###################################################### + /api-products: + get: + tags: + - API Products + summary: | + Retrieve/Search API Products + description: | + This operation provides you a list of available API Products qualifying under a given search condition. + + Each retrieved API Product is represented with a minimal amount of attributes. If you want to get complete details of an API Product, you need to use **Get details of an API Product** operation. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - name: query + in: query + schema: + type: string + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of qualifying API Products is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIProductList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products?query=PizzaAPIProduct"' + operationId: getAllAPIProducts + + post: + tags: + - API Products + summary: Create a New API Product + description: | + This operation can be used to create a new API Product specifying the details of the API Product in the payload. + requestBody: + description: API object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/APIProduct' + required: true + responses: + 201: + description: | + 'Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity.' + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIProduct' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/api-products"' + operationId: createAPIProduct + + ################################################################ + # The "Individual API Product" resource APIs + ################################################################ + /api-products/{apiProductId}: + get: + tags: + - API Products + summary: Get Details of an API Product + description: | + Using this operation, you can retrieve complete details of a single API Product. You need to provide the Id of the API to retrive it. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested API Product is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIProduct' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + - apim:api_product_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33"' + operationId: getAPIProduct + + put: + tags: + - API Products + summary: Update an API Product + description: | + This operation can be used to update an existing API product. + But the properties `name`, `provider` and `version` cannot be changed. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: API object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/APIProduct' + required: true + responses: + 200: + description: | + OK. + Successful response with updated API product object + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIProduct' + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33"' + operationId: updateAPIProduct + + + delete: + tags: + - API Products + summary: Delete an API Product + description: | + This operation can be used to delete an existing API Product proving the Id of the API Product. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + - apim:api_product_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33"' + operationId: deleteAPIProduct + + /api-products/{apiProductId}/thumbnail: + get: + tags: + - API Products + summary: Get Thumbnail Image + description: | + This operation can be used to download a thumbnail image of an API product. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Thumbnail image returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33/thumbnail" + > image.jpeg' + operationId: getAPIProductThumbnail + + put: + tags: + - API Products + summary: Upload a Thumbnail Image + description: | + This operation can be used to upload a thumbnail image of an API Product. The thumbnail to be uploaded should be given as a form data parameter `file`. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: Image to upload + format: binary + required: true + responses: + 200: + description: | + OK. + Image updated + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the uploaded thumbnail image of the API Product. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/FileInfo' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F file=@image.jpeg "https://127.0.0.1:9443/api/am/publisher/v3/api-products/d48a3412-1b85-49be-99f4-b81a3722ae73/thumbnail"' + operationId: updateAPIProductThumbnail + + /api-products/{apiProductId}/swagger: + get: + tags: + - API Products + summary: Get Swagger Definition + description: | + This operation can be used to retrieve the swagger definition of an API. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested swagger document of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33/swagger"' + operationId: getAPIProductSwagger + + /api-products/{apiProductId}/is-outdated: + get: + tags: + - API Products + summary: Check Whether API Product is Outdated + description: | + This operation can be used to retrieve the status indicating if an API Product is outdated due to updating of dependent APIs (This resource is not supported at the moment) + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested swagger document of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIProductOutdatedStatus' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + operationId: getIsAPIProductOutdated + + /api-products/{apiProductId}/documents: + get: + tags: + - API Product Documents + summary: Get a List of Documents of an API Product + description: | + This operation can be used to retrive a list of documents belonging to an API Product by providing the id of the API Product. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document list is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/DocumentList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents"' + operationId: getAPIProductDocuments + + post: + tags: + - API Product Documents + summary: Add a New Document to an API Product + description: | + This operation can be used to add a new documentation to an API Product. This operation only adds the metadata of a document. To add the actual content we need to use **Upload the content of an API Product document ** API once we obtain a document Id by this operation. + parameters: + - $ref: '#/components/parameters/apiProductId' + requestBody: + description: Document object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created Document object as entity in the body. + Location header contains URL of newly added document. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + Location to the newly created Document. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents"' + operationId: addAPIProductDocument + + /api-products/{apiProductId}/documents/{documentId}: + get: + tags: + - API Product Documents + summary: Get a Document of an API Product + description: | + This operation can be used to retrieve a particular document's metadata associated with an API. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' + operationId: getAPIProductDocument + + put: + tags: + - API Product Documents + summary: Update a Document of an API Product + description: | + This operation can be used to update metadata of an API's document. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: Document object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + required: true + responses: + 200: + description: | + OK. + Document updated + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the updated document. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' + operationId: updateAPIProductDocument + + delete: + tags: + - API Product Documents + summary: Delete a Document of an API Product + description: | + This operation can be used to delete a document associated with an API Product. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' + operationId: deleteAPIProductDocument + + /api-products/{apiProductId}/documents/{documentId}/content: + get: + tags: + - API Product Documents + summary: Get the Content of an API Product Document + description: | + This operation can be used to retrive the content of an API's document. + + The document can be of 3 types. In each cases responses are different. + + 1. **Inline type**: + The content of the document will be retrieved in `text/plain` content type + + _Sample cURL_ : `curl -k -H "Authorization:Bearer 579f0af4-37be-35c7-81a4-f1f1e9ee7c51" -F inlineContent=@"docs.txt" -X POST "https://localhost:9443/api/am/publisher/v3/apis/995a4972-3178-4b17-a374-756e0e19127c/documents/43c2bcce-60e7-405f-bc36-e39c0c5e189e/content` + 2. **FILE type**: + The file will be downloaded with the related content type (eg. `application/pdf`) + 3. **URL type**: + The client will recieve the URL of the document as the Location header with the response with - `303 See Other` + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + File or inline content returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 303: + description: | + See Other. + Source can be retrived from the URL specified at the Location header. + headers: + Location: + description: | + The Source URL of the document. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3/content"' + operationId: getAPIProductDocumentContent + + post: + tags: + - API Product Documents + summary: Upload the Content of an API Product Document + description: | + Thid operation can be used to upload a file or add inline content to an API Product document. + + **IMPORTANT:** + * Either **file** or **inlineContent** form data parameters should be specified at one time. + * Document's source type should be **FILE** in order to upload a file to the document using **file** parameter. + * Document's source type should be **INLINE** in order to add inline content to the document using **inlineContent** parameter. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + properties: + file: + type: string + description: Document to upload + format: binary + inlineContent: + type: string + description: Inline content of the document + responses: + 200: + description: | + OK. + Document updated + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modifed the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the updated content of the document. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F file=@sample.pdf "https://127.0.0.1:9443/api/am/publisher/v3/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3/content"' + operationId: addAPIProductDocumentContent + + ###################################################### + # The "API Product Revisions" resource API + ###################################################### + /api-products/{apiProductId}/revisions: + + #-------------------------------------------- + # List available revisions of an API Product + #-------------------------------------------- + get: + tags: + - API Product Revisions + summary: List Revisions + description: | + List available revisions of an API Product + operationId: getAPIProductRevisions + parameters: + - $ref: '#/components/parameters/apiProductId' + - name: query + in: query + schema: + type: string + responses: + 200: + description: | + OK. + List of API Product revisions are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_create + - apim:api_publish + - apim:api_manage + - apim:api_product_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions?query=deployed:true"' + + #-------------------------------------------- + # Create a new API Product revision + #-------------------------------------------- + post: + tags: + - API Product Revisions + summary: Create a new API Product revision + description: | + Create a new API Product revision + operationId: createAPIProductRevision + parameters: + - $ref: '#/components/parameters/apiProductId' + requestBody: + description: API Product object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevision' + responses: + 201: + description: | + Created. + Successful response with the newly created APIRevision object as the entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevision' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions"' + + ###################################################### + # The "API Revisions" individual resource API Product + ###################################################### + /api-products/{apiProductId}/revisions/{revisionId}: + + #-------------------------------------------- + # Get a revision + #-------------------------------------------- + get: + tags: + - API Product Revisions + summary: Retrieve Revision + description: | + Retrieve a revision of an API Product + operationId: getAPIProductRevision + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/revisionId' + responses: + 200: + description: | + OK. + An API revision is returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevision' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_create + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' + + #-------------------------------------------- + # Delete a revision + #-------------------------------------------- + delete: + tags: + - API Product Revisions + summary: Delete Revision + description: | + Delete a revision of an API Product + operationId: deleteAPIProductRevision + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/revisionId' + responses: + 200: + description: | + OK. + List of remaining API revisions are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionList' + 204: + description: | + No Content. + Successfully deleted the revision + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' + + /api-products/{apiProductId}/deployments: + #-------------------------------------------- + # List available deployed revision deployment details of an API Product + #-------------------------------------------- + get: + tags: + - API Product Revisions + summary: List Deployments + description: | + List available deployed revision deployment details of an API Product + operationId: getAPIProductRevisionDeployments + parameters: + - $ref: '#/components/parameters/apiProductId' + responses: + 200: + description: | + OK. + List of deployed revision deployment details are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionDeploymentList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_create + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments"' + + /api-products/{apiProductId}/deployments/{deploymentId}: + #-------------------------------------------- + # Change Display On Devportal Field + #-------------------------------------------- + put: + tags: + - API Product Revisions + summary: Update Deployment + description: | + Update deployment devportal visibility + operationId: updateAPIProductDeployment + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/deploymentId' + requestBody: + description: Deployment object that needs to be updated + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionDeployment' + responses: + 200: + description: | + Created. + Successful response with the newly updated APIRevisionDeployment List object as the entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/APIRevisionDeployment' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -d @data.json + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments/UHJvZHVjdGlvbiBhbmQgU2FuZGJveA"' + + /api-products/{apiProductId}/deploy-revision: + #-------------------------------------------- + # Deploy a revision + #-------------------------------------------- + post: + tags: + - API Product Revisions + summary: Deploy Revision + description: | + Deploy an API Product Revision + operationId: deployAPIProductRevision + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/revisionId-Q' + requestBody: + description: Deployment object that needs to be added + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/APIRevisionDeployment' + responses: + 200: + description: | + OK. + 201: + description: | + Created. + Successful response with the newly deployed APIRevisionDeployment List object as the entity in the body. + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/APIRevisionDeployment' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' + + /api-products/{apiProductId}/undeploy-revision: + #-------------------------------------------- + # Un-Deploy a revision from deployed gateway + #-------------------------------------------- + post: + tags: + - API Product Revisions + summary: UnDeploy Revision + description: | + UnDeploy an API Product Revision + operationId: undeployAPIProductRevision + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/revisionId-Q' + - $ref: '#/components/parameters/revisionNum-Q' + - name: allEnvironments + in: query + schema: + type: boolean + default: false + requestBody: + description: Deployment object that needs to be added + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/APIRevisionDeployment' + responses: + 200: + description: | + OK. + 201: + description: | + Created. + Successful response with the newly undeployed APIRevisionDeploymentList object as the entity in the body. + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/APIRevisionDeployment' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_publish + - apim:api_manage + - apim:api_product_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/undeploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' + + /api-products/{apiProductId}/restore-revision: + + #-------------------------------------------------------- + # Restore a revision to the Current API of the API Product + #-------------------------------------------------------- + post: + tags: + - API Product Revisions + summary: Restore Revision + description: | + Restore a revision to the Current API of the API Product + operationId: restoreAPIProductRevision + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/revisionId-Q' + responses: + 201: + description: | + Restored. + Successful response with the newly restored API Product object as the entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/APIProduct' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/restore-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' + + /api-products/export: + get: + tags: + - Import Export + summary: Export an API Product + description: | + This operation can be used to export the details of a particular API Product as a zip file. + parameters: + - name: name + in: query + description: | + API Product Name + schema: + type: string + - name: version + in: query + description: | + Version of the API Product + schema: + type: string + - name: providerName + in: query + description: | + Provider name of the API Product + schema: + type: string + - name: revisionNumber + in: query + description: | + Revision number of the API Product + schema: + type: string + - name: format + in: query + description: | + Format of output documents. Can be YAML or JSON. + schema: + type: string + enum: + - JSON + - YAML + - name: preserveStatus + in: query + description: | + Preserve API Product Status on export + schema: + type: boolean + - name: latestRevision + in: query + description: | + Export the latest revision of the API Product + schema: + type: boolean + default: false + responses: + 200: + description: | + OK. + Export Successful. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/zip: + schema: + type: string + format: binary + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_product_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/export?name=LeasingAPIProduct&version=1.0.0&revisionNumber=2&provider=admin&format=YAML" + > exportAPIProduct.zip' + operationId: exportAPIProduct + + /api-products/import: + post: + tags: + - Import Export + summary: Import an API Product + description: | + This operation can be used to import an API Product. + parameters: + - name: preserveProvider + in: query + description: | + Preserve Original Provider of the API Product. This is the user choice to keep or replace the API Product provider + required: false + schema: + type: boolean + - name: rotateRevision + in: query + description: | + Once the revision max limit reached, undeploy and delete the earliest revision and create a new revision + required: false + schema: + type: boolean + - name: importAPIs + in: query + description: | + Whether to import the dependent APIs or not. + schema: + type: boolean + - name: overwriteAPIProduct + in: query + description: | + Whether to update the API Product or not. This is used when updating already existing API Products. + schema: + type: boolean + - name: overwriteAPIs + in: query + description: | + Whether to update the dependent APIs or not. This is used when updating already existing dependent APIs of an API Product. + schema: + type: boolean + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: | + Zip archive consisting on exported API Product configuration + format: binary + responses: + 200: + description: | + Created. + API Product Imported Successfully. + content: {} + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_product_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@admin-PizzaShackAPIProduct.zip "https://127.0.0.1:9443/api/am/admin/v3/api-products/importt?preserveProvider=false&overwriteAPIProduct=false&overwriteAPIs=false&importAPIs=false"' + operationId: importAPIProduct + + ###################################################### + # Roles resource APIs + ###################################################### + /roles/{roleId}: + head: + tags: + - Roles + summary: Check Whether Given Role Name already Exist + description: | + Using this operation, user can check a given role name exists or not. + operationId: validateSystemRole + parameters: + - $ref: '#/components/parameters/roleId' + responses: + 200: + description: OK. Requested role name exists. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/roles/SW50ZXJuYWwvcHVibGlzaGVyCQ"' + + /me/roles/{roleId}: + head: + tags: + - Roles + summary: Validate Whether the Logged-in User has the Given Role + description: | + Using this operation, logged-in user can check whether he has given role. + operationId: validateUserRole + parameters: + - $ref: '#/components/parameters/roleId' + responses: + 200: + description: OK. Requested user has the role. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/me/roles/SW50ZXJuYWwvcHVibGlzaGVyCQ"' + + ###################################################### + # The "ExternalStore Collection" resource APIs + ###################################################### + /external-stores: + get: + tags: + - External Stores + summary: Retrieve External Stores List to Publish an API + description: | + Retrieve external stores list configured to publish an API + operationId: getAllExternalStores + responses: + 200: + description: | + OK. + External Stores list returned + content: + application/json: + schema: + $ref: '#/components/schemas/ExternalStore' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/external-stores"' + + ###################################################### + # The Publisher settings resource APIs + ###################################################### + /settings: + get: + tags: + - Settings + summary: Retreive Publisher Settings + description: | + Retreive publisher settings + responses: + 200: + description: | + OK. + Settings returned + content: + application/json: + schema: + $ref: '#/components/schemas/Settings' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:publisher_settings + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/settings"' + operationId: getSettings + + ###################################################### + # The tenant resource APIs + ###################################################### + /tenants: + get: + tags: + - Tenants + summary: | + Get Tenants by State + description: | + This operation is to get tenants by state + operationId: getTenantsByState + parameters: + - name: state + in: query + description: | + The state represents the current state of the tenant + + Supported states are [active, inactive] + schema: + type: string + default: active + enum: + - active + - inactive + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + responses: + 200: + description: | + OK. + Tenant names returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TenantList' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/tenants?state=active"' + + /tenants/{tenantDomain}: + head: + tags: + - Tenants + summary: Check Whether the Given Tenant already Exists + description: | + Using this operation, user can check whether a given tenant exists or not. + operationId: getTenantExistence + parameters: + - $ref: '#/components/parameters/tenantDomain' + responses: + 200: + description: OK. Requested tenant exists. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/tenants/wso2.com"' + x-examples: + $ref: docs/examples/tenants/tenants.yaml + + ###################################################### + # The "API Category Collection" resource API + ###################################################### + /api-categories: + get: + tags: + - API Category (Collection) + summary: Get all API categories + description: | + Get all API categories + responses: + 200: + description: | + OK. + Categories returned + content: + application/json: + schema: + $ref: '#/components/schemas/APICategoryList' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-categories"' + operationId: getAllAPICategories + + ###################################################### + # The "Scopes" resource APIs + ###################################################### + /scopes: + get: + tags: + - Scopes + summary: Get All Available Shared Scopes + description: | + This operation can be used to get all the available Shared Scopes. + operationId: getSharedScopes + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + responses: + 200: + description: | + OK. + Shared Scope list is returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeList' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view + - apim:shared_scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/scopes"' + + post: + tags: + - Scopes + summary: Add a New Shared Scope + description: | + This operation can be used to add a new Shared Scope. + operationId: addSharedScope + requestBody: + description: Scope object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created Scope object as an entity in the body. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:shared_scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/scopes"' + + /scopes/{scopeId}: + get: + tags: + - Scopes + summary: Get a Shared Scope by Scope Id + description: | + This operation can be used to retrieve details of a Shared Scope by a given scope Id. + operationId: getSharedScope + parameters: + - $ref: '#/components/parameters/scopeId' + responses: + 200: + description: | + OK. + Requested Shared Scope is returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:shared_scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/scopes/01234567-0123-0123-0123-012345678901"' + + put: + tags: + - Scopes + summary: Update a Shared Scope + description: | + This operation can be used to update a Shared Scope by a given scope Id. + operationId: updateSharedScope + parameters: + - $ref: '#/components/parameters/scopeId' + requestBody: + description: Scope object that needs to be updated + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + required: true + responses: + 200: + description: | + OK. + Successful response with updated Scope object + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Scope' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:shared_scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v3/scopes/01234567-0123-0123-0123-012345678901"' + + delete: + tags: + - Scopes + summary: Delete a Shared Scope + description: | + This operation can be used to delete a Shared Scope proving the Id of the scope. + operationId: deleteSharedScope + parameters: + - $ref: '#/components/parameters/scopeId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:shared_scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/scopes/01234567-0123-0123-0123-012345678901"' + + head: + tags: + - Scopes + summary: Check Given Scope Name already Exists + description: | + Using this operation, user can check a given scope name exists or not. + operationId: validateScope + parameters: + - $ref: '#/components/parameters/scopeName' + responses: + 200: + description: OK. Requested scope name exists. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_publish + - apim:api_manage + - apim:shared_scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/scopes/YXBpbTphcGlfdmlldw"' + + /scopes/{scopeId}/usage: + get: + tags: + - Scopes + summary: Get usages of a Shared Scope by Scope Id + description: | + This operation can be used to retrieve usages of a Shared Scope by a given scope Id. + operationId: getSharedScopeUsages + parameters: + - $ref: '#/components/parameters/scopeId' + responses: + 200: + description: | + OK. + Usages of the shared scope is returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SharedScopeUsage' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:shared_scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/scopes/01234567-0123-0123-0123-012345678901/usage"' + + ###################################################### + # The "Key Managers Collection" resource API + ###################################################### + /key-managers: + get: + tags: + - Key Managers (Collection) + summary: Get All Key Managers + description: | + Get all Key managers + responses: + 200: + description: | + OK. + Categories returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerList' + security: + - OAuth2Security: + - apim:api_view + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/key-managers"' + operationId: getAllKeyManagers + + /apis/validate-asyncapi: + post: + tags: + - Validation + summary: Validate an AsyncAPI Specification + description: + This operation can be used to validate and AsyncAPI Specification and retrieve a summary. Provide either 'url' + or 'file' to specify the definition. + operationId: validateAsyncAPISpecification + parameters: + - name: returnContent + in: query + description: + Specify whether to return the full content of the AsyncAPI specification in the response. This is only + applicable when using url based validation + schema: + type: boolean + default: false + requestBody: + content: + multipart/form-data: + schema: + properties: + url: + type: string + description: AsyncAPI definition url + file: + type: string + description: AsyncAPI definition as a file + format: binary + responses: + 200: + description: + OK. + API definition validation information is returned + headers: + Content-Type: + description: + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AsyncAPISpecificationValidationResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + + /apis/import-asyncapi: + post: + tags: + - APIs + summary: import an AsyncAPI Specification + description: + This operation can be used to create and API from the AsyncAPI Specification. Provide either 'url' or 'file' + to specify the definition. + + Specify additionalProperties with **at least** API's name, version, context and endpointConfig. + operationId: importAsyncAPISpecification + requestBody: + content: + multipart/form-data: + schema: + properties: + file: + type: string + description: Definition to upload as a file + format: binary + url: + type: string + description: Definition url + additionalProperties: + type: string + description: Additional attributes specified as a stringified JSON with API's schema + responses: + 201: + description: + Created. Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Etag: + description: + Entity Tag of the respons resource. Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Location: + description: + The URL of the newly created resource. + schema: + type: string + Content-type: + description: + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + + /apis/{apiId}/asyncapi: + get: + tags: + - APIs + summary: Get AsyncAPI definition + description: | + This operation can be used to retrieve the AsyncAPI definition of an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested AsyncAPI definition of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Willl= be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has beed modified the last time. + Used by caches, or in conditional request (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + example: "" + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: { } + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:api_view + - apim:api_manage + - apim:api_definition_view + + put: + tags: + - APIs + summary: Update AsyncAPI definition + description: | + This operation can be used to update the AsyncAPI definition of an existing API. AsyncAPI definition to be updated is passed as a form data parameter 'apiDefinition'. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + properties: + apiDefinition: + type: string + description: AsyncAPI definition of the API + url: + type: string + description: AsyncAPI definition URL of the API + file: + type: string + description: AsyncAPI definition as a file + format: binary + responses: + 200: + description: | + OK. + Successful response with updated AsyncAPI definition + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has beed modified the last time. + Use =d by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + example: "" + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + /apis/{apiId}/environments/{envId}/keys: + get: + tags: + - APIs + summary: get environment specific API properties + description: | + This operation can be used to retrieve environment specific API properties from an existing API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/envId' + responses: + '200': + description: | + OK. + Successful response with environment specific API properties + content: + application/json: + schema: + $ref: '#/components/schemas/EnvironmentProperties' + '400': + $ref: '#/components/responses/BadRequest' + '403': + $ref: '#/components/responses/Forbidden' + '404': + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + put: + tags: + - APIs + summary: Update environment specific API properties + description: | + This operation can be used to update the environment specific API properties of an existing API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/envId' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EnvironmentProperties' + required: true + responses: + '200': + description: | + OK. + Successful response with environment specific API properties + content: + application/json: + schema: + $ref: '#/components/schemas/EnvironmentProperties' + '400': + $ref: '#/components/responses/BadRequest' + '403': + $ref: '#/components/responses/Forbidden' + '404': + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:api_create + - apim:api_manage + /apis/{apiId}/operation-policies: + get: + tags: + - API Operation Policies + summary: | + Get all API specific operation policies for an API + description: | + This operation provides you a list of all applicabale operation policies for an API + operationId: getAllAPISpecificOperationPolicies + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - name: query + in: query + description: -Not supported yet- + schema: + type: string + responses: + 200: + description: | + OK. + List of qualifying policies is returned. + headers: + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/OperationPolicyDataList' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view #This scope was added as the publisher user needs to access this resource. Mediation_policy_view scope is not included in the Internal/Publisher user. + - apim:api_manage + - apim:mediation_policy_view + - apim:mediation_policy_manage + - apim:api_mediation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v2/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies"' + + post: + tags: + - API Operation Policies + summary: Add an API specific operation policy + description: | + This operation can be used to add an API specifc operation policy. This policy cannot be used in other APIs. + operationId: addAPISpecificOperationPolicy + parameters: + - $ref: '#/components/parameters/apiId' + requestBody: + content: + multipart/form-data: + schema: + required: + - type + properties: + policySpecFile: + type: string + description: Policy specification to upload + format: binary + synapsePolicyDefinitionFile: + type: string + description: Operation policy definition of synapse gateway to upload + format: binary + ccPolicyDefinitionFile: + type: string + description: Operation policy definition of choreo connect to upload + format: binary + required: true + responses: + 201: + description: | + OK. + Operation policy uploaded + headers: + Location: + description: | + The URL of the uploaded operation policy of the API. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/OperationPolicyData' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_manage + - apim:mediation_policy_create + - apim:mediation_policy_manage + - apim:api_mediation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F policySpecFile=@setHeader.yaml -F policyDefinitionFile=@setHeader.j2 + "https://127.0.0.1:9443/api/am/publisher/v2/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies"' + + + /apis/{apiId}/operation-policies/{operationPolicyId}: + get: + tags: + - API Operation Policies + summary: Get policy details of an API specific policy + description: | + This operation can be used to retrieve a particular API specific operation policy. + operationId: getOperationPolicyForAPIByPolicyId + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/operationPolicyId' + responses: + 200: + description: | + OK. + Operation policy returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/OperationPolicyData' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view #This scope was added as the publisher user needs to access this resource. Mediation_policy_view scope is not included in the Internal/Publisher user. + - apim:api_manage + - apim:mediation_policy_view + - apim:mediation_policy_manage + - apim:api_mediation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v2/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' + + delete: + tags: + - API Operation Policies + summary: Delete an API Specific Operation Policy + description: | + This operation can be used to delete an existing API specific opreation policy by providing the Id of the API and the Id of the policy. + operationId: deleteAPISpecificOperationPolicyByPolicyId + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/operationPolicyId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_manage + - apim:mediation_policy_create + - apim:mediation_policy_manage + - apim:api_mediation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v2/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' + + /apis/{apiId}/operation-policies/{operationPolicyId}/content: + get: + tags: + - API Operation Policies + summary: Download an API Specific Operation Policy + description: | + This operation can be used to download a particular API specific operation policy. + operationId: getAPISpecificOperationPolicyContentByPolicyId + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/operationPolicyId' + responses: + 200: + description: | + OK. + Operation policy returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/zip: + schema: + type: string + format: binary + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_view #This scope was added as the publisher user needs to access this resource. Mediation_policy_view scope is not included in the Internal/Publisher user. + - apim:api_manage + - apim:mediation_policy_view + - apim:mediation_policy_manage + - apim:api_mediation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v2/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a/content"' + + /operation-policies: + get: + tags: + - Operation Policies + summary: | + Get all common operation policies to all the APIs + description: | + This operation provides you a list of all common operation policies that can be used by any API + operationId: getAllCommonOperationPolicies + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - name: query + in: query + description: -Not supported yet- + schema: + type: string + responses: + 200: + description: | + OK. + List of qualifying policies is returned. + headers: + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/OperationPolicyDataList' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:common_operation_policy_view + - apim:common_operation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v2/operation-policies"' + + post: + tags: + - Operation Policies + summary: Add a new common operation policy + description: | + This operation can be used to add a new common operation policy. + operationId: addCommonOperationPolicy + requestBody: + content: + multipart/form-data: + schema: + required: + - type + properties: + policySpecFile: + type: string + description: Operation policy specification to upload + format: binary + synapsePolicyDefinitionFile: + type: string + description: Operation policy definition of synapse gateway to upload + format: binary + ccPolicyDefinitionFile: + type: string + description: Operation policy definition of choreo connect to upload + format: binary + required: true + responses: + 201: + description: | + OK. + Shared operation policy uploaded + headers: + Location: + description: | + The URL of the uploaded common operation policy of the API. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/OperationPolicyData' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:common_operation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F policySpecFile=@setHeader.yaml -F policyDefinitionFile=@setHeader.j2 + "https://127.0.0.1:9443/api/am/publisher/v2/operation-policies"' + + /operation-policies/{operationPolicyId}: + get: + tags: + - Operation Policies + summary: Get the details of a common operation policy by providing policy ID + description: | + This operation can be used to retrieve a particular common operation policy. + operationId: getCommonOperationPolicyByPolicyId + parameters: + - $ref: '#/components/parameters/operationPolicyId' + responses: + 200: + description: | + OK. + Operation policy returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/OperationPolicyData' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:common_operation_policy_view + - apim:common_operation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v2/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' + + delete: + tags: + - Operation Policies + summary: Delete a common operation policy + description: | + This operation can be used to delete an existing common opreation policy by providing the Id of the policy. + operationId: deleteCommonOperationPolicyByPolicyId + parameters: + - $ref: '#/components/parameters/operationPolicyId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:common_operation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v2/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' + + /operation-policies/{operationPolicyId}/content: + get: + tags: + - Operation Policies + summary: Download a common operation policy + description: | + This operation can be used to download a selected common operation policy. + operationId: getCommonOperationPolicyContentByPolicyId + parameters: + - $ref: '#/components/parameters/operationPolicyId' + responses: + 200: + description: | + OK. + Operation policy returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/zip: + schema: + type: string + format: binary + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:common_operation_policy_view + - apim:common_operation_policy_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v2/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a/content"' + + /api-products/change-lifecycle: + post: + tags: + - API Product Lifecycle + summary: Change API Product LC Status + description: | + This operation is used to change the lifecycle of an API Product. + Eg: Publish an API Product which is in `CREATED` state. In order to change the lifecycle, we need to provide the + lifecycle `action` as a query parameter. + + For example, to Publish an API Product, `action` should be `Publish`. Note that the `Re-publish` action is + available only after calling `Block`. + + Some actions supports providing additional paramters which should be provided as `lifecycleChecklist` parameter. + Please see parameters table for more information. + parameters: + - name: action + in: query + description: | + The action to demote or promote the state of the API Product. + + Supported actions are [ **Publish**, **Deploy as a Prototype**, **Demote to Created**, **Block**, **Deprecate**, **Re-Publish**, **Retire** ] + required: true + schema: + type: string + enum: + - Publish + - Deploy as a Prototype + - Demote to Created + - Block + - Deprecate + - Re-Publish + - Retire + - name: lifecycleChecklist + in: query + description: | + Supported checklist items are as follows. + 1. **Deprecate old versions after publishing the API**: Setting this to true will deprecate older versions of a particular API Product when it is promoted to Published state from Created state. + 2. **Requires re-subscription when publishing the API**: If you set this to true, users need to re subscribe to the API Products although they may have subscribed to an older version. + You can specify additional checklist items by using an **"attribute:"** modifier. + Eg: "Deprecate old versions after publishing the API:true" will deprecate older versions of a particular API Product when it is promoted to Published state from Created state. Multiple checklist items can be given in "attribute1:true, attribute2:false" format. + **Sample CURL :** curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -X POST "https://localhost:9443/api/am/publisher/v3/api-products/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish&lifecycleChecklist=Deprecate%20old%20versions%20after%20publishing%20the%20API%3Atrue,Requires%20re-subscription%20when%20publishing%20the%20API%3Afalse" + schema: + type: string + - $ref: '#/components/parameters/apiProductId-Q' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Lifecycle changed successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + - apim:api_product_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish"' + operationId: changeAPIProductLifecycle + + /api-products/{apiProductId}/lifecycle-history: + get: + tags: + - API Product Lifecycle + summary: Get Lifecycle State Change History of the API Products. + description: | + This operation can be used to retrieve Lifecycle state change history of the API Products. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Lifecycle state change history returned successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/LifecycleHistory' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-history"' + operationId: getAPIProductLifecycleHistory + + /api-products/{apiProductId}/lifecycle-state: + get: + tags: + - API Product Lifecycle + summary: Get Lifecycle State Data of the API Product. + description: | + This operation can be used to retrieve Lifecycle state data of the API Product. + parameters: + - $ref: '#/components/parameters/apiProductId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Lifecycle state data returned successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/LifecycleState' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_create + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state"' + operationId: getAPIProductLifecycleState + + /api-products/{apiProductId}/lifecycle-state/pending-tasks: + delete: + tags: + - API Product Lifecycle + summary: Delete Pending Lifecycle State Change Tasks + description: | + This operation can be used to remove pending lifecycle state change requests that are in pending state + parameters: + - $ref: '#/components/parameters/apiProductId' + responses: + 200: + description: | + OK. + Lifecycle state change pending task removed successfully. + content: {} + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:api_publish + - apim:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v3/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state/pending-tasks"' + operationId: deleteAPIProductLifecycleStatePendingTasks +components: + schemas: + Comment: + title: Comment + required: + - content + type: object + properties: + id: + type: string + readOnly: true + example: 943d3002-000c-42d3-a1b9-d6559f8a4d49 + content: + maxLength: 512 + type: string + example: This is a comment + createdTime: + type: string + readOnly: true + example : 2021-02-11-09:57:25 + createdBy: + type: string + readOnly: true + example: admin + updatedTime: + type: string + readOnly: true + example : 2021-02-12-19:57:25 + category: + type: string + readOnly: true + default: general + example : general + parentCommentId: + type: string + readOnly: true + example: 6f38aea2-f41e-4ac9-b3f2-a9493d00ba97 + entryPoint: + type: string + readOnly: true + enum: [devPortal, publisher] + commenterInfo: + $ref: '#/components/schemas/CommenterInfo' + replies: + $ref: '#/components/schemas/CommentList' + CommentList: + title: Comments List + type: object + properties: + count: + type: integer + readOnly: true + description: | + Number of Comments returned. + example: 1 + list: + type: array + readOnly: true + items: + $ref: '#/components/schemas/Comment' + pagination: + $ref: '#/components/schemas/Pagination' + CommenterInfo: + type: object + properties: + firstName: + type: string + example: John + lastName: + type: string + example: David + fullName: + type: string + example: John David + APIList: + title: API List + type: object + properties: + count: + type: integer + description: | + Number of APIs returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIInfo' + pagination: + $ref: '#/components/schemas/Pagination' + + APIInfo: + title: API Info object with basic API details. + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorAPI + description: + type: string + example: A calculator API that supports basic operations + context: + type: string + example: CalculatorAPI + additionalProperties: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + description: Map of custom properties of API + additionalPropertiesMap: + type: object + additionalProperties: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + default: false + version: + type: string + example: 1.0.0 + provider: + type: string + description: | + If the provider value is not given, the user invoking the API will be used as the provider. + example: admin + type: + type: string + example: HTTP + audience: + type: string + description: The audience of the API. Accepted values are PUBLIC, SINGLE + example: PUBLIC + enum: + - PUBLIC + - SINGLE + lifeCycleStatus: + type: string + example: CREATED + workflowStatus: + type: string + example: APPROVED + hasThumbnail: + type: boolean + example: true + securityScheme: + type: array + items: + type: string + createdTime: + type: string + example : 2021-02-11 09:57:25 + updatedTime: + type: string + example : 2021-02-11 09:57:25 + gatewayVendor: + type: string + example: wso2 + advertiseOnly: + type: boolean + example: true + Topic: + title: Topic object + required: + - name + - mode + - description + type: object + properties: + id: + type: string + description: id + readOnly: true + example: 1222344 + name: + maxLength: 50 + minLength: 1 + pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\s+\[\]\/]*$)' + type: string + example: PizzaShackAPI + mode: + maxLength: 32766 + type: string + example: This is a simple API for Pizza Shack online pizza delivery store. + description: + maxLength: 32766 + type: string + example: This is a simple API for Pizza Shack online pizza delivery store. + TopicList: + title: Topic List + type: object + properties: + count: + type: integer + description: | + Number of Topics returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Topic' + pagination: + $ref: '#/components/schemas/Pagination' + API: + title: API object + required: + - context + - name + - version + type: object + properties: + id: + type: string + description: | + UUID of the api registry artifact + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 60 + minLength: 1 + pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\[\]\/]*$)' + type: string + example: PizzaShackAPI + description: + maxLength: 32766 + type: string + example: This is a simple API for Pizza Shack online pizza delivery store. + context: + maxLength: 232 + minLength: 1 + type: string + example: pizza + version: + maxLength: 30 + minLength: 1 + type: string + pattern: '^[^~!@#;:%^*()+={}|\\<>"'',&/$\[\]\s+\/]+$' + example: 1.0.0 + provider: + maxLength: 50 + type: string + description: | + If the provider value is not given user invoking the api will be used as the provider. + example: admin + lifeCycleStatus: + type: string + example: CREATED + x-otherScopes: + - apim:api_publish + - apim:api_manage + wsdlInfo: + $ref: '#/components/schemas/WSDLInfo' + wsdlUrl: + type: string + readOnly: true + example: /apimgt/applicationdata/wsdls/admin--soap1.wsdl + responseCachingEnabled: + type: boolean + example: true + cacheTimeout: + type: integer + example: 300 + hasThumbnail: + type: boolean + example: false + isDefaultVersion: + type: boolean + example: false + isRevision: + type: boolean + example: false + revisionedApiId: + type: string + description: | + UUID of the api registry artifact + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + revisionId: + type: integer + example: 1 + enableSchemaValidation: + type: boolean + example: false + type: + type: string + description: The api creation type to be used. Accepted values are HTTP, + WS, SOAPTOREST, GRAPHQL, WEBSUB, SSE, WEBHOOK, ASYNC + example: HTTP + default: HTTP + enum: + - HTTP + - WS + - SOAPTOREST + - SOAP + - GRAPHQL + - WEBSUB + - SSE + - WEBHOOK + - ASYNC + audience: + type: string + description: The audience of the API. Accepted values are PUBLIC, SINGLE + example: PUBLIC + enum: + - PUBLIC + - SINGLE + transport: + type: array + description: | + Supported transports for the API (http and/or https). + example: + - http + - https + items: + type: string + tags: + type: array + example: + - pizza + - food + items: + type: string + x-otherScopes: + - apim:api_publish + - apim:api_manage + policies: + type: array + example: + - Unlimited + items: + type: string + x-otherScopes: + - apim:api_publish + - apim:api_manage + apiThrottlingPolicy: + type: string + description: The API level throttling policy selected for the particular + API + example: Unlimited + x-otherScopes: + - apim:api_publish + - apim:api_manage + authorizationHeader: + type: string + pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\s+]*$)' + description: | + Name of the Authorization header used for invoking the API. If it is not set, Authorization header name specified + in tenant or system level will be used. + example: Authorization + securityScheme: + type: array + description: | + Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If + it is not set OAuth2 will be set as the security for the current API. + example: + - oauth2 + items: + type: string + maxTps: + $ref: '#/components/schemas/APIMaxTps' + visibility: + type: string + description: The visibility level of the API. Accepts one of the following. + PUBLIC, PRIVATE, RESTRICTED. + example: PUBLIC + default: PUBLIC + enum: + - PUBLIC + - PRIVATE + - RESTRICTED + x-otherScopes: + - apim:api_publish + - apim:api_manage + visibleRoles: + type: array + description: The user roles that are able to access the API in Developer Portal + example: [] + items: + type: string + x-otherScopes: + - apim:api_publish + - apim:api_manage + visibleTenants: + type: array + example: [] + items: + type: string + mediationPolicies: + type: array + example: + - name: json_to_xml_in_message + type: in + - name: xml_to_json_out_message + type: out + - name: json_fault + type: fault + items: + $ref: '#/components/schemas/MediationPolicy' + apiPolicies: + $ref: '#/components/schemas/APIOperationPolicies' + subscriptionAvailability: + type: string + description: The subscription availability. Accepts one of the following. + CURRENT_TENANT, ALL_TENANTS or SPECIFIC_TENANTS. + example: CURRENT_TENANT + default: CURRENT_TENANT + enum: + - CURRENT_TENANT + - ALL_TENANTS + - SPECIFIC_TENANTS + x-otherScopes: + - apim:api_publish + - apim:api_manage + subscriptionAvailableTenants: + type: array + example: [] + items: + type: string + additionalProperties: + type: array + description: Map of custom properties of API + items: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + x-otherScopes: + - apim:api_publish + - apim:api_manage + additionalPropertiesMap: + type: object + additionalProperties: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + default: false + x-otherScopes: + - apim:api_publish + - apim:api_manage + monetization: + $ref: '#/components/schemas/APIMonetizationInfo' + accessControl: + type: string + description: | + Is the API is restricted to certain set of publishers or creators or is it visible to all the + publishers and creators. If the accessControl restriction is none, this API can be modified by all the + publishers and creators, if not it can only be viewable/modifiable by certain set of publishers and creators, + based on the restriction. + default: NONE + enum: + - NONE + - RESTRICTED + accessControlRoles: + type: array + description: The user roles that are able to view/modify as API publisher + or creator. + example: [] + items: + type: string + businessInformation: + allOf: + - $ref: '#/components/schemas/APIBusinessInformation' + x-otherScopes: + - apim:api_publish + - apim:api_manage + corsConfiguration: + $ref: '#/components/schemas/APICorsConfiguration' + websubSubscriptionConfiguration: + $ref: '#/components/schemas/WebsubSubscriptionConfiguration' + workflowStatus: + type: string + example: APPROVED + createdTime: + type: string + lastUpdatedTimestamp: + type: string + lastUpdatedTime: + type: string + x-otherScopes: + - apim:api_publish + - apim:api_manage + endpointConfig: + type: object + properties: {} + description: | + Endpoint configuration of the API. This can be used to provide different types of endpoints including Simple REST Endpoints, Loadbalanced and Failover. + + `Simple REST Endpoint` + + { + "endpoint_type": "http", + "sandbox_endpoints": { + "url": "https://localhost:9443/am/sample/pizzashack/v1/api/" + }, + "production_endpoints": { + "url": "https://localhost:9443/am/sample/pizzashack/v1/api/" + } + } + + `Loadbalanced Endpoint` + + { + "endpoint_type": "load_balance", + "algoCombo": "org.apache.synapse.endpoints.algorithms.RoundRobin", + "sessionManagement": "", + "sandbox_endpoints": [ + { + "url": "https://localhost:9443/am/sample/pizzashack/v1/api/1" + }, + { + "endpoint_type": "http", + "template_not_supported": false, + "url": "https://localhost:9443/am/sample/pizzashack/v1/api/2" + } + ], + "production_endpoints": [ + { + "url": "https://localhost:9443/am/sample/pizzashack/v1/api/3" + }, + { + "endpoint_type": "http", + "template_not_supported": false, + "url": "https://localhost:9443/am/sample/pizzashack/v1/api/4" + } + ], + "sessionTimeOut": "", + "algoClassName": "org.apache.synapse.endpoints.algorithms.RoundRobin" + } + + `Failover Endpoint` + + { + "production_failovers":[ + { + "endpoint_type":"http", + "template_not_supported":false, + "url":"https://localhost:9443/am/sample/pizzashack/v1/api/1" + } + ], + "endpoint_type":"failover", + "sandbox_endpoints":{ + "url":"https://localhost:9443/am/sample/pizzashack/v1/api/2" + }, + "production_endpoints":{ + "url":"https://localhost:9443/am/sample/pizzashack/v1/api/3" + }, + "sandbox_failovers":[ + { + "endpoint_type":"http", + "template_not_supported":false, + "url":"https://localhost:9443/am/sample/pizzashack/v1/api/4" + } + ] + } + + `Default Endpoint` + + { + "endpoint_type":"default", + "sandbox_endpoints":{ + "url":"default" + }, + "production_endpoints":{ + "url":"default" + } + } + + `Endpoint from Endpoint Registry` + + { + "endpoint_type": "Registry", + "endpoint_id": "{registry-name:entry-name:version}", + } + + `AWS Lambda as Endpoint` + + { + "endpoint_type":"awslambda", + "access_method":"role-supplied|stored", + "assume_role":true|false, + "amznAccessKey":"access_method==stored?:", + "amznSecretKey":"access_method==stored?:", + "amznRegion":"access_method==stored?:", + "amznRoleArn":"assume_role==true?:", + "amznRoleSessionName":"assume_role==true?:", + "amznRoleRegion":"assume_role==true?:" + } + example: + endpoint_type: http + sandbox_endpoints: + url: https://localhost:9443/am/sample/pizzashack/v1/api/ + production_endpoints: + url: https://localhost:9443/am/sample/pizzashack/v1/api/ + endpointImplementationType: + type: string + example: INLINE + default: ENDPOINT + enum: + - INLINE + - ENDPOINT + - MOCKED_OAS + scopes: + type: array + items: + $ref: '#/components/schemas/APIScope' + operations: + type: array + example: + - target: /order/{orderId} + verb: POST + authType: Application & Application User + throttlingPolicy: Unlimited + - target: /menu + verb: GET + authType: Application & Application User + throttlingPolicy: Unlimited + items: + $ref: '#/components/schemas/APIOperations' + threatProtectionPolicies: + type: object + properties: + list: + type: array + items: + type: object + properties: + policyId: + type: string + priority: + type: integer + categories: + type: array + description: | + API categories + items: + type: string + example: "" + x-otherScopes: + - apim:api_publish + keyManagers: + type: object + properties: {} + description: | + API Key Managers + readOnly: true + serviceInfo: + type: object + properties: + key: + type: string + example: PetStore-1.0.0 + name: + type: string + example: PetStore + version: + type: string + example: 1.0.0 + outdated: + type: boolean + example: false + advertiseInfo: + $ref: '#/components/schemas/AdvertiseInfo' + gatewayVendor: + title: field to identify gateway vendor + type: string + example: + wso2 + gatewayType: + title: Field to identify gateway type. + type: string + description: The gateway type selected for the API policies. Accepts one of the + following. wso2/synapse, wso2/choreo-connect. + example: wso2/synapse + asyncTransportProtocols: + type: array + description: | + Supported transports for the async API (http and/or https). + example: + - http + - https + items: + type: string + x-scopes: + - apim:api_create + - apim:api_import_export + - apim:api_manage + + #----------------------------------------------------- + # The API Revision resource + #----------------------------------------------------- + APIRevision: + title: API Info object with basic API details + properties: + displayName: + type: string + readOnly: true + example: REVISION 1 + id: + type: string + readOnly: true + example: c26b2b9b-4632-4ca4-b6f3-521c8863990c + description: + maxLength: 255 + minLength: 0 + type: string + example: removed a post resource + createdTime: + readOnly: true + type: string + format: date-time + apiInfo: + $ref: '#/components/schemas/APIRevisionAPIInfo' + deploymentInfo: + type: array + readOnly: true + items: + $ref: '#/components/schemas/APIRevisionDeployment' + + #----------------------------------------------------- + # The API Revision - API Info resource + #----------------------------------------------------- + APIRevisionAPIInfo: + title: API Info object with basic Revisioned API details + readOnly: true + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + + #----------------------------------------------------- + # The API Revision List resource + #----------------------------------------------------- + APIRevisionList: + title: API Revisions List + properties: + count: + type: integer + description: | + Number of API revisions returned + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIRevision' + #----------------------------------------------------- + # The API Revision Deployment List resource + #----------------------------------------------------- + APIRevisionDeploymentList: + title: API Revision to Deployment mapped object with basic API deployment details + properties: + list: + type: array + items: + $ref: '#/components/schemas/APIRevisionDeployment' + #----------------------------------------------------- + # The API Revision Deployment resource + #----------------------------------------------------- + APIRevisionDeployment: + title: APIRevisionDeployment Info object with basic API deployment details + properties: + revisionUuid: + maxLength: 255 + minLength: 0 + type: string + example: c26b2b9b-4632-4ca4-b6f3-521c8863990c + name: + maxLength: 255 + minLength: 1 + type: string + example: default + vhost: + maxLength: 255 + minLength: 1 + # hostname regex as per RFC 1123 (http://tools.ietf.org/html/rfc1123) and appended * + pattern: '^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$' + type: string + example: mg.wso2.com + displayOnDevportal: + type: boolean + example: true + deployedTime: + readOnly: true + type: string + format: date-time + successDeployedTime: + readOnly: true + type: string + format: date-time + AuditReport: + title: Resource for Audit Report + type: object + properties: + report: + type: string + description: | + The API Security Audit Report + grade: + type: string + description: | + The overall grade of the Security Audit + example: "27.95" + numErrors: + type: integer + description: | + The number of errors in the API Definition + example: 20 + externalApiId: + type: string + description: | + The External API ID + example: fd21f9f7-3674-49cf-8a83-dca401f635de + APIProductList: + title: API Product List + type: object + properties: + count: + type: integer + description: | + Number of API Products returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIProductInfo' + pagination: + $ref: '#/components/schemas/Pagination' + APIProductInfo: + title: API Info object with basic API details. + type: object + properties: + id: + type: string + description: | + UUID of the api product + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + description: Name of the API Product + example: PizzaShackAPIProduct + context: + type: string + example: pizzaproduct + description: + type: string + description: A brief description about the API + example: This is a simple API for Pizza Shack online pizza delivery store + provider: + type: string + description: | + If the provider value is not given, the user invoking the API will be used as the provider. + example: admin + hasThumbnail: + type: boolean + example: true + state: + type: string + description: | + State of the API product. Only published api products are visible on the Developer Portal + enum: + - CREATED + - PUBLISHED + - DEPRECATED + - RETIRED + - BLOCKED + - PROTOTYPED + securityScheme: + type: array + description: | + Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If + it is not set OAuth2 will be set as the security for the current API. + example: + - oauth2 + items: + type: string + gatewayVendor: + type: string + example: wso2 + APIProduct: + title: API Product object + required: + - name + type: object + properties: + id: + type: string + description: | + UUID of the api product + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 50 + minLength: 1 + type: string + description: Name of the API Product + example: PizzaShackAPIProduct + context: + maxLength: 60 + minLength: 1 + type: string + example: pizzaproduct + description: + type: string + description: A brief description about the API + example: This is a simple API for Pizza Shack online pizza delivery store + provider: + maxLength: 50 + type: string + description: | + If the provider value is not given, the user invoking the API will be used as the provider. + example: admin + hasThumbnail: + type: boolean + example: false + state: + type: string + description: | + State of the API product. Only published api products are visible on the Developer Portal + default: CREATED + enum: + - CREATED + - PUBLISHED + - DEPRECATED + - RETIRED + - BLOCKED + - PROTOTYPED + enableSchemaValidation: + type: boolean + example: false + isRevision: + type: boolean + example: false + revisionedApiProductId: + type: string + description: | + UUID of the api product registry artifact + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + revisionId: + type: integer + example: 1 + responseCachingEnabled: + type: boolean + example: true + cacheTimeout: + type: integer + example: 300 + visibility: + type: string + description: The visibility level of the API. Accepts one of the following. + PUBLIC, PRIVATE, RESTRICTED. + example: PUBLIC + default: PUBLIC + enum: + - PUBLIC + - PRIVATE + - RESTRICTED + visibleRoles: + type: array + description: The user roles that are able to access the API + example: [] + items: + type: string + visibleTenants: + type: array + example: [] + items: + type: string + accessControl: + type: string + description: | + Defines whether the API Product is restricted to certain set of publishers or creators or is it visible to all the + publishers and creators. If the accessControl restriction is none, this API Product can be modified by all the + publishers and creators, if not it can only be viewable/modifiable by certain set of publishers and creators, + based on the restriction. + default: NONE + enum: + - NONE + - RESTRICTED + accessControlRoles: + type: array + description: The user roles that are able to view/modify as API Product + publisher or creator. + example: [] + items: + type: string + apiType: + type: string + description: The API type to be used. Accepted values are API, APIPRODUCT + example: APIPRODUCT + enum: + - API + - APIPRODUCT + transport: + type: array + description: | + Supported transports for the API (http and/or https). + example: + - http + - https + items: + type: string + tags: + type: array + example: + - pizza + - food + items: + type: string + policies: + type: array + example: + - Unlimited + items: + type: string + apiThrottlingPolicy: + type: string + description: The API level throttling policy selected for the particular + API Product + example: Unlimited + authorizationHeader: + type: string + description: | + Name of the Authorization header used for invoking the API. If it is not set, Authorization header name specified + in tenant or system level will be used. + example: Authorization + securityScheme: + type: array + description: | + Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If + it is not set OAuth2 will be set as the security for the current API. + example: + - oauth2 + items: + type: string + subscriptionAvailability: + type: string + description: The subscription availability. Accepts one of the following. + CURRENT_TENANT, ALL_TENANTS or SPECIFIC_TENANTS. + example: CURRENT_TENANT + default: ALL_TENANTS + enum: + - CURRENT_TENANT + - ALL_TENANTS + - SPECIFIC_TENANTS + subscriptionAvailableTenants: + type: array + example: [] + items: + type: string + x-otherScopes: + - apim:api_publish + - apim:api_manage + additionalProperties: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + description: Map of custom properties of API + additionalPropertiesMap: + type: object + additionalProperties: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + default: false + monetization: + $ref: '#/components/schemas/APIMonetizationInfo' + businessInformation: + $ref: '#/components/schemas/APIProductBusinessInformation' + corsConfiguration: + $ref: '#/components/schemas/APICorsConfiguration' + createdTime: + type: string + lastUpdatedTimestamp: + type: string + lastUpdatedTime: + type: string + gatewayVendor: + title: field to identify gateway vendor + type: string + example: + wso2 + apis: + type: array + description: | + APIs and resources in the API Product. + example: + - name: PizzaShackAPI + apiId: 01234567-0123-0123-0123-012345678901 + version: "1.0" + operations: + - target: /order/{orderId} + verb: POST + authType: Application & Application User + throttlingPolicy: Unlimited + - target: /menu + verb: GET + authType: Application & Application User + throttlingPolicy: Unlimited + items: + $ref: '#/components/schemas/ProductAPI' + scopes: + type: array + example: [] + items: + $ref: '#/components/schemas/APIScope' + categories: + type: array + description: | + API categories + example: [] + items: + type: string + workflowStatus: + type: string + example: APPROVED + ProductAPI: + title: ProductAPI + required: + - apiId + type: object + properties: + name: + type: string + example: PizzaShackAPI + apiId: + type: string + example: 01234567-0123-0123-0123-012345678901 + version: + type: string + example: "1.0" + operations: + type: array + items: + $ref: '#/components/schemas/APIOperations' + ResourcePath: + title: ResourcePath + required: + - id + type: object + properties: + id: + type: integer + example: 1 + resourcePath: + type: string + example: /menu + httpVerb: + type: string + example: GET + ResourcePathList: + title: ResourcePath List + type: object + properties: + count: + type: integer + description: | + Number of API Resource Paths returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ResourcePath' + pagination: + $ref: '#/components/schemas/Pagination' + APIProductOutdatedStatus: + title: APIProduct is outdated status + type: object + properties: + isOutdated: + type: boolean + description: | + Indicates if an API Product is outdated + example: true + APIProductBusinessInformation: + type: object + properties: + businessOwner: + maxLength: 120 + type: string + example: businessowner + businessOwnerEmail: + type: string + example: businessowner@wso2.com + technicalOwner: + maxLength: 120 + type: string + example: technicalowner + technicalOwnerEmail: + type: string + example: technicalowner@wso2.com + Claim: + title: Claim + type: object + properties: + name: + type: string + example: email + URI: + type: string + example: http://wso2.org/claims/emailaddress + value: + type: string + example: admin@wso2.com + SubscriberInfo: + title: SubscriberInfo + type: object + properties: + name: + type: string + example: admin + claims: + type: array + items: + $ref: '#/components/schemas/Claim' + Application: + title: Application + required: + - name + - throttlingTier + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + subscriber: + type: string + example: admin + throttlingTier: + type: string + example: Unlimited + description: + type: string + example: Sample calculator application + groupId: + type: string + example: "" + ApplicationInfo: + title: Application info object with basic application details + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + subscriber: + type: string + example: admin + description: + type: string + example: Sample calculator application + subscriptionCount: + type: integer + DocumentList: + title: Document List + type: object + properties: + count: + type: integer + description: | + Number of Documents returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Document' + pagination: + $ref: '#/components/schemas/Pagination' + Document: + title: Document + required: + - name + - sourceType + - type + - visibility + type: object + properties: + documentId: + type: string + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 60 + minLength: 1 + type: string + example: PizzaShackDoc + type: + type: string + example: HOWTO + enum: + - HOWTO + - SAMPLES + - PUBLIC_FORUM + - SUPPORT_FORUM + - API_MESSAGE_FORMAT + - SWAGGER_DOC + - OTHER + summary: + maxLength: 32766 + minLength: 1 + type: string + example: Summary of PizzaShackAPI Documentation + sourceType: + type: string + example: INLINE + enum: + - INLINE + - MARKDOWN + - URL + - FILE + sourceUrl: + type: string + readOnly: true + example: "" + fileName: + type: string + readOnly: true + example: "" + inlineContent: + type: string + example: This is doc content. This can have many lines. + otherTypeName: + type: string + readOnly: true + example: "" + visibility: + type: string + example: API_LEVEL + enum: + - OWNER_ONLY + - PRIVATE + - API_LEVEL + createdTime: + type: string + readOnly: true + createdBy: + type: string + example: admin + lastUpdatedTime: + type: string + readOnly: true + lastUpdatedBy: + type: string + readOnly: true + example: admin + GraphQLSchema: + title: GraphQL Schema + required: + - name + type: object + properties: + name: + type: string + example: admin--HackerNewsAPI.graphql + schemaDefinition: + type: string + GraphQLQueryComplexityInfo: + title: GraphQL Query Complexity Info + type: object + properties: + list: + type: array + items: + $ref: '#/components/schemas/GraphQLCustomComplexityInfo' + GraphQLCustomComplexityInfo: + title: GraphQL Custom Complexity Info + required: + - complexityValue + - field + - type + type: object + properties: + type: + type: string + description: | + The type found within the schema of the API + example: Country + field: + type: string + description: | + The field which is found under the type within the schema of the API + example: name + complexityValue: + type: integer + description: | + The complexity value allocated for the associated field under the specified type + example: 1 + GraphQLSchemaTypeList: + title: List of types and corresponding fields of the GraphQL Schema + type: object + properties: + typeList: + type: array + items: + $ref: '#/components/schemas/GraphQLSchemaType' + GraphQLSchemaType: + title: Single type and corresponding fields found within the GraphQL Schema + type: object + properties: + type: + type: string + description: | + Type found within the GraphQL Schema + example: Country + fieldList: + type: array + description: | + Array of fields under current type + example: + - code + - name + items: + type: string + ThrottlingPolicyList: + title: Throttling policy list + type: object + properties: + count: + type: integer + description: | + Number of Tiers returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ThrottlingPolicy' + pagination: + $ref: '#/components/schemas/Pagination' + ThrottlingPolicy: + title: Tier + required: + - name + - requestCount + - stopOnQuotaReach + - tierPlan + - unitTime + type: object + properties: + name: + type: string + example: Platinum + description: + type: string + example: Allows 50 request(s) per minute. + policyLevel: + type: string + example: api + enum: + - subscription + - api + displayName: + type: string + example: Platinum + attributes: + type: object + additionalProperties: + type: string + description: | + Custom attributes added to the policy policy + example: {} + requestCount: + type: integer + description: | + Maximum number of requests which can be sent within a provided unit time + format: int64 + example: 50 + dataUnit: + description: | + Unit of data allowed to be transfered. Allowed values are "KB", "MB" and "GB" + type: string + example: KB + unitTime: + type: integer + format: int64 + example: 60000 + timeUnit: + type: string + example: min + rateLimitCount: + type: integer + default: 0 + description: Burst control request count + example: 10 + rateLimitTimeUnit: + type: string + description: Burst control time unit + example: min + quotaPolicyType: + type: string + description: Default quota limit type + enum: + - REQUESTCOUNT + - BANDWIDTHVOLUME + example: REQUESTCOUNT + tierPlan: + type: string + description: | + This attribute declares whether this policy is available under commercial or free + example: FREE + enum: + - FREE + - COMMERCIAL + stopOnQuotaReach: + type: boolean + description: | + By making this attribute to false, you are capabale of sending requests + even if the request count exceeded within a unit time + example: true + monetizationProperties: + type: object + additionalProperties: + type: string + description: Properties of a tier plan which are related to monetization + example: {} + SubscriptionPolicyList: + title: Subscription policy list + type: object + properties: + count: + type: integer + description: | + Number of Tiers returned. + example: 1 + list: + type: array + description: | + Array of SubscriptionPolicies + items: + $ref: '#/components/schemas/SubscriptionPolicy' + pagination: + $ref: '#/components/schemas/Pagination' + SubscriptionList: + title: Subscription List + type: object + properties: + count: + type: integer + description: | + Number of Subscriptions returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Subscription' + pagination: + $ref: '#/components/schemas/Pagination' + Subscription: + title: Subscription + required: + - applicationInfo + - subscriptionId + - subscriptionStatus + - throttlingPolicy + type: object + properties: + subscriptionId: + type: string + example: 01234567-0123-0123-0123-012345678901 + applicationInfo: + $ref: '#/components/schemas/ApplicationInfo' + throttlingPolicy: + type: string + example: Unlimited + subscriptionStatus: + type: string + example: BLOCKED + enum: + - BLOCKED + - PROD_ONLY_BLOCKED + - UNBLOCKED + - ON_HOLD + - REJECTED + - TIER_UPDATE_PENDING + - DELETE_PENDING + ThrottlePolicy: + title: Generic Throttling Policy + required: + - policyName + type: object + properties: + policyId: + type: string + description: Id of policy + readOnly: true + example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 + policyName: + maxLength: 60 + minLength: 1 + type: string + description: Name of policy + example: 30PerMin + displayName: + type: string + description: Display name of the policy + example: 30PerMin + maxLength: 512 + description: + maxLength: 1024 + type: string + description: Description of the policy + example: Allows 30 request per minute + isDeployed: + type: boolean + description: Indicates whether the policy is deployed successfully or not. + default: false + type: + type: string + description: Indicates the type of throttle policy + discriminator: + propertyName: type + GraphQLQuery: + title: GraphQL Query + type: object + properties: + graphQLMaxComplexity: + type: integer + description: Maximum Complexity of the GraphQL query + example: 400 + graphQLMaxDepth: + type: integer + description: Maximum Depth of the GraphQL query + example: 10 + ThrottleLimitBase: + title: Throttle Limit Base + required: + - timeUnit + - unitTime + type: object + properties: + timeUnit: + type: string + description: Unit of the time. Allowed values are "sec", "min", "hour", + "day" + example: min + unitTime: + type: integer + description: Time limit that the throttling limit applies. + example: 10 + ThrottleLimit: + title: Throttle Limit + required: + - type + type: object + properties: + type: + type: string + description: | + Type of the throttling limit. Allowed values are "REQUESTCOUNTLIMIT" and "BANDWIDTHLIMIT". + Please see schemas of "RequestCountLimit" and "BandwidthLimit" throttling limit types in + Definitions section. + example: REQUESTCOUNTLIMIT + enum: + - REQUESTCOUNTLIMIT + - BANDWIDTHLIMIT + - EVENTCOUNTLIMIT + requestCount: + $ref: '#/components/schemas/RequestCountLimit' + bandwidth: + $ref: '#/components/schemas/BandwidthLimit' + eventCount: + $ref: '#/components/schemas/EventCountLimit' + MonetizationInfo: + title: API monetization details object + required: + - monetizationPlan + - properties + type: object + properties: + monetizationPlan: + type: string + description: Flag to indicate the monetization plan + example: FixedRate + enum: + - FIXEDRATE + - DYNAMICRATE + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to each monetization plan + BandwidthLimit: + title: Bandwidth Limit object + allOf: + - $ref: '#/components/schemas/ThrottleLimitBase' + - required: + - dataAmount + - dataUnit + type: object + properties: + dataAmount: + type: integer + description: Amount of data allowed to be transfered + format: int64 + example: 1000 + dataUnit: + type: string + description: Unit of data allowed to be transfered. Allowed values are + "KB", "MB" and "GB" + example: KB + RequestCountLimit: + title: Request Count Limit object + allOf: + - $ref: '#/components/schemas/ThrottleLimitBase' + - required: + - requestCount + type: object + properties: + requestCount: + type: integer + description: Maximum number of requests allowed + format: int64 + example: 30 + EventCountLimit: + title: Event Count Limit object + allOf: + - $ref: '#/components/schemas/ThrottleLimitBase' + - required: + - eventCount + type: object + properties: + eventCount: + type: integer + description: Maximum number of events allowed + format: int64 + example: 3000 + SubscriptionPolicy: + title: Subscription Throttling Policy + allOf: + - required: + - defaultLimit + type: object + properties: + policyId: + type: integer + description: Id of policy + example: 1 + uuid: + type: string + description: policy uuid + example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 + policyName: + maxLength: 60 + minLength: 1 + type: string + description: Name of policy + example: 30PerMin + displayName: + type: string + description: Display name of the policy + example: 30PerMin + maxLength: 512 + description: + maxLength: 1024 + type: string + description: Description of the policy + example: Allows 30 request per minute + isDeployed: + type: boolean + description: Indicates whether the policy is deployed successfully or not. + default: false + tenantId: + type: integer + description: Throttling policy tenant domain id + example: -1234 + tenantDomain: + type: string + description: Throttling policy tenant domain + example: carbon.super + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + rateLimitCount: + type: integer + description: Burst control request count + example: 10 + rateLimitTimeUnit: + type: string + description: Burst control time unit + example: min + subscriberCount: + type: integer + description: Number of subscriptions allowed + example: 10 + customAttributes: + type: array + description: | + Custom attributes added to the Subscription Throttling Policy + example: [ ] + items: + $ref: '#/components/schemas/CustomAttribute' + stopOnQuotaReach: + type: boolean + description: | + This indicates the action to be taken when a user goes beyond the allocated quota. If checked, the user's requests will be dropped. If unchecked, the requests will be allowed to pass through. + default: false + billingPlan: + type: string + description: | + define whether this is Paid or a Free plan. Allowed values are FREE or COMMERCIAL. + example: FREE + permissions: + $ref: '#/components/schemas/SubscriptionThrottlePolicyPermission' + CustomAttribute: + title: Name-Value pair + required: + - name + - value + type: object + properties: + name: + type: string + description: Name of the custom attribute + example: customAttr1 + value: + type: string + description: Value of the custom attribute + example: value1 + SubscriptionThrottlePolicyPermission: + title: SubscriptionThrottlePolicyPermission + required: + - permissionType + - roles + type: object + properties: + permissionType: + type: string + example: deny + enum: + - ALLOW + - DENY + roles: + type: array + example: + - Internal/everyone + items: + type: string + APIMonetizationUsage: + title: API monetization usage object + type: object + properties: + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to monetization usage + APIRevenue: + title: API revenue data object + type: object + properties: + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to API revenue + MediationPolicy: + title: Mediation Policy + required: + - name + type: object + properties: + id: + type: string + example: 69ea3fa6-55c6-472e-896d-e449dd34a824 + name: + type: string + example: log_in_message + type: + type: string + example: in + shared: + type: boolean + example: true + Error: + title: Error object returned with 4XX HTTP Status + required: + - code + - message + type: object + properties: + code: + type: integer + format: int64 + message: + type: string + description: Error message. + description: + type: string + description: | + A detail description about the error message. + moreInfo: + type: string + description: | + Preferably an url with more details about the error. + error: + type: array + description: | + If there are more than one error list them out. + For example, list out validation errors by each field. + items: + $ref: '#/components/schemas/ErrorListItem' + ErrorListItem: + title: Description of individual errors that may have occurred during a request. + required: + - code + - message + type: object + properties: + code: + type: string + message: + type: string + description: | + Description about individual errors occurred + description: + type: string + description: | + A detail description about the error message. + Environment: + title: Environment + required: + - id + - name + - serverUrl + - showInApiConsole + - type + type: object + properties: + id: + type: string + name: + type: string + example: default + displayName: + type: string + example: Default + type: + type: string + example: hybrid + serverUrl: + type: string + example: https://localhost:9443/services/ + provider: + type: string + example: wso2 + showInApiConsole: + type: boolean + example: true + vhosts: + type: array + items: + $ref: '#/components/schemas/VHost' + endpointURIs: + type: array + items: + $ref: '#/components/schemas/GatewayEnvironmentProtocolURI' + additionalProperties: + type: array + items: + $ref: '#/components/schemas/AdditionalProperty' + EnvironmentList: + title: Environment List + type: object + properties: + count: + type: integer + description: | + Number of Environments returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Environment' + AdditionalProperty: + title: Additional Gateway Properties + type: object + properties: + key: + type: string + example: Organization + value: + type: string + example: wso2 + VHost: + title: Virtual Host + type: object + properties: + host: + type: string + example: mg.wso2.com + httpContext: + type: string + example: pets + httpPort: + type: integer + example: 80 + httpsPort: + type: integer + example: 443 + wsPort: + type: integer + example: 9099 + wsHost: + type: string + example: mg.wso2.com + wssPort: + type: integer + example: 8099 + wssHost: + type: string + example: mg.wso2.com + websubHttpPort: + type: integer + example: 9021 + websubHttpsPort: + type: integer + example: 8021 + FileInfo: + title: File Information including meta data + type: object + properties: + relativePath: + type: string + description: relative location of the file (excluding the base context and + host of the Publisher API) + example: apis/01234567-0123-0123-0123-012345678901/thumbnail + mediaType: + type: string + description: media-type of the file + example: image/jpeg + APIMaxTps: + type: object + properties: + production: + type: integer + format: int64 + example: 1000 + sandbox: + type: integer + format: int64 + example: 1000 + APIBusinessInformation: + type: object + properties: + businessOwner: + maxLength: 120 + type: string + example: businessowner + businessOwnerEmail: + type: string + example: businessowner@wso2.com + technicalOwner: + maxLength: 120 + type: string + example: technicalowner + technicalOwnerEmail: + type: string + example: technicalowner@wso2.com + + WebsubSubscriptionConfiguration: + type: object + properties: + enable: + type: boolean + default: false + description: Toggle enable WebSub subscription configuration + secret: + type: string + description: Secret key to be used for subscription + signingAlgorithm: + type: string + description: The algorithm used for signing + signatureHeader: + type: string + description: The header uses to send the signature + + APICorsConfiguration: + type: object + properties: + corsConfigurationEnabled: + type: boolean + default: false + accessControlAllowOrigins: + type: array + items: + type: string + accessControlAllowCredentials: + type: boolean + default: false + accessControlAllowHeaders: + type: array + items: + type: string + accessControlAllowMethods: + type: array + items: + type: string + description: | + CORS configuration for the API + Endpoint: + title: Endpoints + type: object + properties: + id: + type: string + description: | + UUID of the Endpoint entry + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + description: | + name of the Endpoint entry + example: Endpoint 1 + endpointConfig: + type: object + properties: + endpointType: + type: string + example: FAIL_OVER + enum: + - SINGLE + - LOAD_BALANCED + - FAIL_OVER + list: + type: array + items: + $ref: '#/components/schemas/EndpointConfig' + endpointSecurity: + type: object + properties: + enabled: + type: boolean + example: false + type: + type: string + example: basic + username: + type: string + example: basic + password: + type: string + example: basic + maxTps: + type: integer + description: Endpoint max tps + format: int64 + example: 1000 + type: + type: string + example: http + EndpointConfig: + title: Endpoint Configuration + type: object + properties: + url: + type: string + description: | + Service url of the endpoint + example: http://localhost:8280 + timeout: + type: string + description: | + Time out of the endpoint + example: "1000" + attributes: + type: array + items: + type: object + properties: + name: + type: string + example: Suspension time + value: + type: string + example: 2s + EndpointList: + title: Endpoint List + type: object + properties: + count: + type: integer + description: | + Number of Endpoints returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Endpoint' + Scope: + title: Scope + required: + - name + type: object + properties: + id: + type: string + description: | + UUID of the Scope. Valid only for shared scopes. + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 255 + minLength: 1 + type: string + description: | + name of Scope + example: apim:api_view + displayName: + maxLength: 255 + type: string + description: | + display name of Scope + example: api_view + description: + maxLength: 512 + type: string + description: | + description of Scope + example: This Scope can used to view Apis + bindings: + type: array + description: | + role bindings list of the Scope + example: + - admin + - Internal/creator + - Internal/publisher + items: + type: string + usageCount: + type: integer + description: | + usage count of Scope + readOnly: true + example: 3 + SharedScopeUsage: + title: SharedScopeUsage + required: + - id + - name + type: object + properties: + id: + type: string + description: | + UUID of the Scope. Valid only for shared scopes. + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + description: | + name of Scope + example: apim:api_view + usedApiList: + type: array + description: | + API list which have used the shared scope + items: + $ref: '#/components/schemas/SharedScopeUsedAPIInfo' + SharedScopeUsedAPIInfo: + title: API object using shared scope + required: + - context + - name + - version + type: object + properties: + name: + type: string + example: CalculatorAPI + context: + type: string + example: CalculatorAPI + version: + type: string + example: 1.0.0 + provider: + type: string + description: | + If the provider value is not given user invoking the api will be used as the provider. + example: admin + usedResourceList: + type: array + description: | + Resource list which have used the shared scope within this API + items: + $ref: '#/components/schemas/SharedScopeUsedAPIResourceInfo' + SharedScopeUsedAPIResourceInfo: + title: API resource object using shared scope + type: object + properties: + target: + type: string + example: /add + verb: + type: string + example: POST + APIScope: + title: APIScope + required: + - scope + type: object + properties: + scope: + $ref: '#/components/schemas/Scope' + shared: + type: boolean + description: | + States whether scope is shared. This will not be honored when updating/adding scopes to APIs or when + adding/updating Shared Scopes. + example: true + APIOperations: + title: Operation + type: object + properties: + id: + type: string + example: postapiresource + target: + type: string + example: /order/{orderId} + verb: + type: string + example: POST + authType: + type: string + example: Application & Application User + default: Any + throttlingPolicy: + type: string + example: Unlimited + scopes: + type: array + example: [] + items: + type: string + usedProductIds: + type: array + example: [] + items: + type: string + amznResourceName: + type: string + example: "" + amznResourceTimeout: + type: integer + payloadSchema: + type: string + example: "" + uriMapping: + type: string + example: "" + operationPolicies: + $ref: '#/components/schemas/APIOperationPolicies' + ScopeList: + title: Scope List + type: object + properties: + count: + type: integer + description: | + Number of Scopes returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Scope' + pagination: + $ref: '#/components/schemas/Pagination' + ExternalStore: + title: External Store + type: object + properties: + id: + type: string + description: | + The external store identifier, which is a unique value. + example: Store123# + displayName: + type: string + description: | + The name of the external API Store that is displayed in the Publisher UI. + example: UKStore + type: + type: string + description: | + The type of the Store. This can be a WSO2-specific API Store or an external one. + example: wso2 + endpoint: + type: string + description: | + The endpoint URL of the external store + example: http://localhost:9764/store + APIExternalStore: + title: API External Store + type: object + properties: + id: + type: string + description: | + The external store identifier, which is a unique value. + example: Store123# + lastUpdatedTime: + type: string + description: | + The recent timestamp which a given API is updated in the external store. + example: 2019-09-09T13:57:16.229 + APIExternalStoreList: + title: API External Store List + type: object + properties: + count: + type: integer + description: | + Number of external stores returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIExternalStore' + ExternalStoreList: + title: External Store List + type: object + properties: + count: + type: integer + description: | + Number of external stores returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ExternalStore' + Certificates: + title: Certificates + type: object + properties: + count: + type: integer + example: 1 + certificates: + type: array + items: + $ref: '#/components/schemas/CertMetadata' + pagination: + $ref: '#/components/schemas/Pagination' + description: Representation of a list of certificates + CertMetadata: + title: Certificate + type: object + properties: + alias: + type: string + example: wso2carbon + endpoint: + type: string + example: www.abc.com + description: Representation of the details of a certificate + CertificateInfo: + title: Certificate information + type: object + properties: + status: + type: string + example: Active + validity: + $ref: '#/components/schemas/CertificateValidity' + version: + type: string + example: V3 + subject: + type: string + example: CN=wso2.com, OU=wso2, O=wso2, L=Colombo, ST=Western, C=LK + CertificateValidity: + title: Certificate Valid period + type: object + properties: + from: + type: string + example: 12-12-2017 + to: + type: string + example: 01-01-2019 + ClientCertificates: + title: Client Certificates + type: object + properties: + count: + type: integer + example: 1 + certificates: + type: array + items: + $ref: '#/components/schemas/ClientCertMetadata' + pagination: + $ref: '#/components/schemas/Pagination' + description: Representation of a list of client certificates + ClientCertMetadata: + title: Client certificate meta data + type: object + properties: + alias: + type: string + example: wso2carbon + apiId: + type: string + example: 64eca60b-2e55-4c38-8603-e9e6bad7d809 + tier: + type: string + example: Gold + description: Meta data of certificate + LifecycleState: + title: Lifecycle State + type: object + properties: + state: + type: string + example: Created + checkItems: + type: array + items: + type: object + properties: + name: + type: string + example: Deprecate old versions after publishing the API + value: + type: boolean + example: false + requiredStates: + type: array + example: [] + items: + type: string + availableTransitions: + type: array + items: + type: object + properties: + event: + type: string + example: Publish + targetState: + type: string + example: Published + LifecycleHistory: + title: Lifecycle history item list + type: object + properties: + count: + type: integer + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/LifecycleHistoryItem' + LifecycleHistoryItem: + title: Lifecycle history item + type: object + properties: + previousState: + type: string + example: Created + postState: + type: string + example: Published + user: + type: string + example: admin + updatedTime: + type: string + format: dateTime + example: 2019-02-31T23:59:60Z + WorkflowResponse: + title: workflow Response + required: + - workflowStatus + type: object + properties: + workflowStatus: + type: string + description: | + This attribute declares whether this workflow task is approved or rejected. + example: APPROVED + enum: + - CREATED + - APPROVED + - REJECTED + - REGISTERED + jsonPayload: + type: string + description: | + Attributes that returned after the workflow execution + example: null + lifecycleState: + $ref: '#/components/schemas/LifecycleState' + OpenAPIDefinitionValidationResponse: + title: OpenAPI Definition Validation Response + required: + - isValid + type: object + properties: + isValid: + type: boolean + description: | + This attribute declares whether this definition is valid or not. + example: true + content: + type: string + description: | + OpenAPI definition content. + info: + type: object + properties: + name: + type: string + example: PetStore + version: + type: string + example: 1.0.0 + context: + type: string + example: /petstore + description: + type: string + example: A sample API that uses a petstore as an example to demonstrate + swagger-2.0 specification + openAPIVersion: + type: string + example: 3.0.0 + endpoints: + type: array + description: | + contains host/servers specified in the OpenAPI file/URL + items: + type: string + example: https://localhost:9443/am/sample/pizzashack/v1/api/ + description: | + API definition information + errors: + type: array + description: | + If there are more than one error list them out. + For example, list out validation errors by each field. + items: + $ref: '#/components/schemas/ErrorListItem' + WSDLValidationResponse: + title: WSDL Definition Validation Response + required: + - isValid + type: object + properties: + isValid: + type: boolean + description: | + This attribute declares whether this definition is valid or not. + example: true + errors: + type: array + description: | + If there are more than one error list them out. + For example, list out validation errors by each field. + items: + $ref: '#/components/schemas/ErrorListItem' + wsdlInfo: + type: object + properties: + version: + type: string + description: | + WSDL version + example: "1.1" + endpoints: + type: array + description: | + A list of endpoints the service exposes + items: + type: object + properties: + name: + type: string + description: Name of the endpoint + example: StockQuoteSoap + location: + type: string + description: Endpoint URL + example: http://www.webservicex.net/stockquote.asmx + description: Summary of the WSDL including the basic information + GraphQLValidationResponse: + title: GraphQL API definition validation Response + required: + - errorMessage + - isValid + type: object + properties: + isValid: + type: boolean + description: | + This attribute declares whether this definition is valid or not. + example: true + errorMessage: + type: string + description: | + This attribute declares the validation error message + graphQLInfo: + type: object + properties: + operations: + type: array + items: + $ref: '#/components/schemas/APIOperations' + graphQLSchema: + $ref: '#/components/schemas/GraphQLSchema' + description: Summary of the GraphQL including the basic information + ApiEndpointValidationResponse: + title: API Endpoint url validation response + required: + - statusCode + - statusMessage + type: object + properties: + statusCode: + type: integer + description: HTTP status code + example: 200 + statusMessage: + type: string + description: string + example: OK + error: + type: string + description: | + If an error occurs, the error message will be set to this property. + If not, this will remain null. + example: null + ThreatProtectionPolicyList: + title: Threat Protection Policy List + type: object + properties: + list: + type: array + items: + $ref: '#/components/schemas/ThreatProtectionPolicy' + ThreatProtectionPolicy: + title: Threat Protection Policy Schema + required: + - name + - policy + - type + type: object + properties: + uuid: + type: string + description: Policy ID + name: + type: string + description: Name of the policy + type: + type: string + description: Type of the policy + policy: + type: string + description: policy as a json string + SearchResultList: + title: Unified Search Result List + type: object + properties: + count: + type: integer + description: | + Number of results returned. + example: 1 + list: + type: array + items: + type: object + pagination: + $ref: '#/components/schemas/Pagination' + SearchResult: + title: Search Result + required: + - name + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: TestAPI + type: + type: string + example: API + enum: + - DOC + - API + - APIProduct + transportType: + type: string + description: Accepted values are HTTP, WS, SOAPTOREST, GRAPHQL + discriminator: + propertyName: name + APISearchResult: + title: API Result + allOf: + - $ref: '#/components/schemas/SearchResult' + - type: object + properties: + description: + type: string + description: A brief description about the API + example: A calculator API that supports basic operations + context: + type: string + description: A string that represents the context of the user's request + example: CalculatorAPI + contextTemplate: + type: string + description: The templated context of the API + example: CalculatorAPI/{version} + version: + type: string + description: The version of the API + example: 1.0.0 + provider: + type: string + description: | + If the provider value is not given, the user invoking the API will be used as the provider. + example: admin + status: + type: string + description: This describes in which status of the lifecycle the API is + example: CREATED + thumbnailUri: + type: string + example: /apis/01234567-0123-0123-0123-012345678901/thumbnail + advertiseOnly: + type: boolean + example: true + hasThumbnail: + type: boolean + example: true + APIProductSearchResult: + title: API Result + allOf: + - $ref: '#/components/schemas/SearchResult' + - type: object + properties: + description: + type: string + description: A brief description about the API + example: A calculator API that supports basic operations + context: + type: string + description: A string that represents the context of the user's request + example: CalculatorAPI + version: + type: string + description: The version of the API Product + example: 1.0.0 + provider: + type: string + description: | + If the provider value is not given, the user invoking the API will be used as the provider. + example: admin + status: + type: string + description: This describes in which status of the lifecycle the APIPRODUCT + is + example: PUBLISHED + thumbnailUri: + type: string + example: /apis/01234567-0123-0123-0123-012345678901/thumbnail + hasThumbnail: + type: boolean + example: true + APIMonetizationInfo: + title: API monetization object + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Flag to indicate the monetization status + example: true + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to monetization + DocumentSearchResult: + title: Document Result + allOf: + - $ref: '#/components/schemas/SearchResult' + - type: object + properties: + docType: + type: string + example: HOWTO + enum: + - HOWTO + - SAMPLES + - PUBLIC_FORUM + - SUPPORT_FORUM + - API_MESSAGE_FORMAT + - SWAGGER_DOC + - OTHER + summary: + type: string + example: Summary of Calculator Documentation + sourceType: + type: string + example: INLINE + enum: + - INLINE + - URL + - FILE + - MARKDOWN + sourceUrl: + type: string + example: "" + otherTypeName: + type: string + example: "" + visibility: + type: string + example: API_LEVEL + enum: + - OWNER_ONLY + - PRIVATE + - API_LEVEL + apiName: + type: string + description: The name of the associated API + example: TestAPI + apiVersion: + type: string + description: The version of the associated API + example: 1.0.0 + apiProvider: + type: string + example: admin + apiUUID: + type: string + associatedType: + type: string + MockResponsePayloadList: + title: Mock Response Payload list + type: object + properties: + list: + type: array + items: + $ref: '#/components/schemas/MockResponsePayloadInfo' + MockResponsePayloadInfo: + title: Mock Response Payload info object + type: object + properties: + path: + type: string + description: path of the resource + example: /menu + content: + type: string + description: new modified code + example: "var accept = \"\\\"\"+mc.getProperty('AcceptHeader')+\"\\\"\"\ + ;\nvar responseCode = mc.getProperty('query.param.responseCode');\nvar\ + \ responseCodeStr = \"\\\"\"+responseCode+\"\\\"\";\nvar responses = [];\n\ + \nif (!responses[200]) {\n responses [200] = [];\n}\nresponses[200][\"\ + application/json\"] = \n[ {\n \"price\" : \"string\",\n \"description\"\ + \ : \"string\",\n \"name\" : \"string\",\n \"image\" : \"string\"\n\ + } ]\n\n/*if (!responses[304]) {\n responses[304] = [];\n}\nresponses[304][\"\ + application/(json or xml)\"] = {}/<>*/\n\nif (!responses[406]) {\n responses\ + \ [406] = [];\n}\nresponses[406][\"application/json\"] = \n{\n \"message\"\ + \ : \"string\",\n \"error\" : [ {\n \"message\" : \"string\",\n \ + \ \"code\" : 0\n } ],\n \"description\" : \"string\",\n \"code\" :\ + \ 0,\n \"moreInfo\" : \"string\"\n}\n\nresponses[501] = [];\nresponses[501][\"\ + application/json\"] = {\n\"code\" : 501,\n\"description\" : \"Not Implemented\"\ + }\nresponses[501][\"application/xml\"] = 501Not\ + \ Implemented;\n\nif (!responses[responseCode])\ + \ {\n responseCode = 501;\n}\n\nif (responseCode == null) {\n responseCode\ + \ = 200;\n responseCodeStr = \"200\";\n}\n\nif (accept == null || !responses[responseCode][accept])\ + \ {\n accept = \"application/json\";\n}\n\nif (accept === \"application/json\"\ + ) {\n mc.setProperty('CONTENT_TYPE', 'application/json');\n mc.setProperty('HTTP_SC',\ + \ responseCodeStr);\n mc.setPayloadJSON(responses[responseCode][\"application/json\"\ + ]);\n} else if (accept === \"application/xml\") {\n mc.setProperty('CONTENT_TYPE',\ + \ 'application/xml');\n mc.setProperty('HTTP_SC', responseCodeStr);\n\ + \ mc.setPayloadXML(responses[responseCode][\"application/xml\"]);\n}" + verb: + type: string + example: POST + ResourcePolicyList: + title: Resource policy List + type: object + properties: + list: + type: array + items: + $ref: '#/components/schemas/ResourcePolicyInfo' + count: + type: integer + description: | + Number of policy resources returned. + example: 1 + ResourcePolicyInfo: + title: Resource policy Info object with conversion policy resource details. + type: object + properties: + id: + type: string + description: | + UUID of the resource policy registry artifact + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + httpVerb: + type: string + description: HTTP verb used for the resource path + example: get + resourcePath: + type: string + description: A string that represents the resource path of the api for the + related resource policy + example: checkPhoneNumber + content: + type: string + description: The resource policy content + example:
+ Settings: + title: SettingsDTO + type: object + properties: + devportalUrl: + type: string + description: The Developer Portal URL + example: https://localhost:9443/devportal + environment: + type: array + items: + $ref: '#/components/schemas/Environment' + scopes: + type: array + example: + - apim:api_create + - apim:api_manage + - apim:api_publish + items: + type: string + monetizationAttributes: + type: array + example: [] + items: + $ref: '#/components/schemas/MonetizationAttribute' + securityAuditProperties: + type: object + properties: {} + externalStoresEnabled: + type: boolean + description: | + Is External Stores configuration enabled + example: true + docVisibilityEnabled: + type: boolean + description: | + Is Document Visibility configuration enabled + example: false + crossTenantSubscriptionEnabled: + type: boolean + description: | + Is Cross Tenant Subscriptions Enabled + example: false + default: false + defaultAdvancePolicy: + type: string + description: Default Advance Policy. + defaultSubscriptionPolicy: + type: string + description: Default Subscription Policy. + authorizationHeader: + type: string + description: Authorization Header + example: authorization + customProperties: + type: array + items: + type: object + properties: + name: + type: string + description: | + Custom property name + example: Department + description: + type: string + description: Description of custom property + example: Relevant Department + required: + type: boolean + example: false + isAPIPoliciesEnabled: + type: boolean + description: Is API level policy support feature enabled + example: false + SecurityAuditAttribute: + title: SecurityAuditAttributeDTO + type: object + properties: + isGlobal: + type: boolean + example: false + overrideGlobal: + type: boolean + example: false + apiToken: + type: string + example: b1267ytf-b7gc-4aee-924d-ece81241efec + collectionId: + type: string + example: 456ef957-5a79-449f-83y3-9027945d3c60 + baseUrl: + type: string + WSDLInfo: + title: WSDL information of the API. This is only available if the API is a SOAP + API. + type: object + properties: + type: + type: string + description: Indicates whether the WSDL is a single WSDL or an archive in + ZIP format + enum: + - WSDL + - ZIP + Pagination: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 1 + total: + type: integer + example: 10 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + MonetizationAttribute: + title: Monetization attribute object + type: object + properties: + required: + type: boolean + description: | + Is attribute required + example: true + name: + type: string + description: | + Name of the attribute + displayName: + type: string + description: | + Display name of the attribute + description: + type: string + description: | + Description of the attribute + hidden: + type: boolean + description: | + Is attribute hidden + default: + type: string + description: | + Default value of the attribute + Tenant: + title: Tenant + type: object + properties: + domain: + type: string + description: tenant domain + example: wso2.com + status: + type: string + description: current status of the tenant active/inactive + example: active + TenantList: + title: Tenant list + type: object + properties: + count: + type: integer + description: | + Number of tenants returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Tenant' + pagination: + $ref: '#/components/schemas/Pagination' + AdvertiseInfo: + title: API Advertise info object with advertise details + type: object + properties: + advertised: + type: boolean + example: true + apiExternalProductionEndpoint: + type: string + example: https://localhost:9443/devportal + apiExternalSandboxEndpoint: + type: string + example: https://localhost:9443/devportal + originalDevPortalUrl: + type: string + example: https://localhost:9443/devportal + apiOwner: + type: string + example: admin + vendor: + type: string + default: WSO2 + enum: + - WSO2 + - AWS + APICategory: + title: API Category + required: + - name + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: Finance + description: + type: string + example: Finance related APIs + APICategoryList: + title: API Category List + type: object + properties: + count: + type: integer + description: | + Number of API categories returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APICategory' + KeyManagerInfo: + title: Key Manager Info + required: + - name + - type + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: WSO2 IS + displayName: + type: string + description: | + display name of Keymanager + example: Keymanager1 + type: + type: string + example: IS + description: + type: string + example: This is a key manager for Developers + enabled: + type: boolean + example: true + additionalProperties: + type: array + items: + type: object + properties: {} + KeyManagerList: + title: Key Manager List + type: object + properties: + count: + type: integer + description: | + Number of Key managers returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/KeyManagerInfo' + APIKey: + title: API Key details to invoke APIs + type: object + properties: + apikey: + type: string + description: API Key + example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= + validityTime: + type: integer + format: int32 + example: 3600 + EnvironmentProperties: + title: Envionment specific API properties request body + type: object + additionalProperties: + type: string + example: + productionEndpoint: https://localhost:9443/pizzashack/v1/api/ + sandboxEndpoint: https://localhost:9443/pizzashack/v1/api/ + AsyncAPISpecificationValidationResponse: + title: AsyncAPI Specification Validation Response + required: + - isValid + type: object + properties: + isValid: + type: boolean + description: + This attribute declares whether this definition is valid or not. + example: true + content: + type: string + description: + AsyncAPI specification content + info: + type: object + properties: + name: + type: string + example: Streetlights + version: + type: string + example: 1.0.0 + context: + type: string + example: /streetlights + description: + type: string + example: A sample API that uses a streetlights as an example to demonstrate AsyncAPI specifications + asyncAPIVersion: + type: string + example: 2.0 + protocol: + type: string + example: WEBSUB + endpoints: + type: array + description: + contains host/servers specified in the AsyncAPI file/URL + items: + type: string + example: "https://localhost:9443/am/sample/pizzashack/v1/api/" + gatewayVendor: + type: string + example: wso2 + asyncTransportProtocols: + type: array + description: contains available transports for an async API + items: + type: string + example: http + description: + API definition information + errors: + type: array + description: + If there are more than one error list them out. + For example, list out validation error by each field. + items: + $ref: '#/components/schemas/ErrorListItem' + OperationPolicy: + title: API Operation Policy + type: object + required: + - policyName + properties: + policyName: + type: string + policyVersion: + type: string + default: v1 + policyId: + type: string + parameters: + type: object + additionalProperties: + type: object + APIOperationPolicies: + title: API Operation Level Policies + properties: + request: + type: array + items: + $ref: '#/components/schemas/OperationPolicy' + response: + type: array + items: + $ref: '#/components/schemas/OperationPolicy' + fault: + type: array + items: + $ref: '#/components/schemas/OperationPolicy' + GatewayEnvironmentProtocolURI: + title: Gateway Environment protocols and URIs + required: + - protocol + - endpointURI + type: object + properties: + protocol: + type: string + example: default + endpointURI: + type: string + example: default + OperationPolicyDataList: + title: Operation policy List + type: object + properties: + count: + type: integer + description: | + Number of operation policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/OperationPolicyData' + pagination: + $ref: '#/components/schemas/Pagination' + OperationPolicyData: + title: Operation Policy Data + type: object + properties: + category: + type: string + example: Mediation + id: + type: string + example: 121223q41-24141-124124124-12414 + name: + type: string + example: removeHeaderPolicy + displayName: + type: string + example: Remove Header Policy + version: + type: string + example: v1 + description: + type: string + example: With this policy, user can add a new header to the request + applicableFlows: + type: array + items: + type: string + example: in + supportedGateways: + type: array + items: + type: string + example: Synapse + supportedApiTypes: + type: array + items: + type: string + example: REST + isAPISpecific: + type: boolean + example: true + md5: + type: string + example: 121223q41-24141-124124124-12414 + policyAttributes: + type: array + items: + $ref: '#/components/schemas/OperationPolicySpecAttribute' + OperationPolicySpecAttribute: + title: OperationPolicySpecAttribute + type: object + properties: + name: + type: string + description: Name of the attibute + example: headerName + displayName: + type: string + description: Display name of the attibute + example: Header Name + description: + type: string + description: Description of the attibute + example: Name of the header to be removed + validationRegex: + type: string + description: UI validation regex for the attibute + example: /^[a-z\s]{0,255}$/i + type: + type: string + description: Type of the attibute + example: string + required: + type: boolean + description: Is this attibute mandetory for the policy + example: true + defaultValue: + type: string + description: Default value for the attribute + example: true + allowedValues: + type: array + description: If the attribute type is enum, this array should contain all the possible values for the enum. + items: + type: string + example: ["GET","POST","PUT"] + responses: + BadRequest: + description: Bad Request. Invalid request or validation error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + Conflict: + description: Conflict. Specified resource already exists. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 409 + message: Conflict + description: Specified resource already exists + moreInfo: "" + error: [] + Forbidden: + description: Forbidden. The request must be conditional but no condition has + been specified. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has been + specified + moreInfo: "" + error: [] + InternalServerError: + description: Internal Server Error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + NotAcceptable: + description: Not Acceptable. The requested media type is not supported. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + NotFound: + description: Not Found. The specified resource does not exist. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + PreconditionFailed: + description: Precondition Failed. The request has not been performed because + one of the preconditions is not met. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 412 + message: Precondition Failed + description: The request has not been performed because one of the preconditions + is not met + moreInfo: "" + error: [] + Unauthorized: + description: Unauthorized. The user is not authorized. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 401 + message: Unauthorized + description: The user is not authorized + moreInfo: "" + error: [] + UnsupportedMediaType: + description: Unsupported Media Type. The entity of the request was not in a + supported format. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 415 + message: Unsupported media type + description: The entity of the request was not in a supported format + moreInfo: "" + error: [] + parameters: + replyLimit: + name: replyLimit + in: query + description: | + Maximum size of replies array to return. + schema: + type: integer + default: 25 + replyOffset: + name: replyOffset + in: query + description: | + Starting point within the complete list of replies. + schema: + type: integer + default: 0 + commentId: + name: commentId + in: path + description: | + Comment Id + required: true + schema: + type: string + parentCommentID: + name: replyTo + in: query + description: | + ID of the perent comment. + schema: + type: string + includeCommenterInfo: + name: includeCommenterInfo + in: query + description: | + Whether we need to display commentor details. + schema: + type: boolean + default : false + apiId: + name: apiId + in: path + description: | + **API ID** consisting of the **UUID** of the API. + required: true + schema: + type: string + endpointId: + name: endpointId + in: path + description: | + **Endpoint ID** consisting of the **UUID** of the Endpoint**. + required: true + schema: + type: string + apiId-Q: + name: apiId + in: query + description: | + **API ID** consisting of the **UUID** of the API. + The combination of the provider of the API, name of the API and the version is also accepted as a valid API I. + Should be formatted as **provider-name-version**. + required: true + schema: + type: string + apiId-Q-Opt: + name: apiId + in: query + description: | + **API ID** consisting of the **UUID** of the API. + The combination of the provider of the API, name of the API and the version is also accepted as a valid API I. + Should be formatted as **provider-name-version**. + schema: + type: string + labelType-Q: + name: labelType + in: query + description: | + **API ID** consisting of the **UUID** of the API. + The combination of the provider of the API, name of the API and the version is also accepted as a valid API I. + Should be formatted as **provider-name-version**. + schema: + type: string + name: + name: name + in: path + description: | + Name of the API + required: true + schema: + type: string + version: + name: version + in: path + description: | + Version of the API + required: true + schema: + type: string + apiName-Q: + name: name + in: query + description: | + Name of the API + schema: + type: string + apiVersion-Q: + name: version + in: query + description: | + Version of the API + schema: + type: string + apiProvider-Q: + name: providerName + in: query + description: | + Provider name of the API + schema: + type: string + documentId: + name: documentId + in: path + description: | + Document Identifier + required: true + schema: + type: string + applicationId: + name: applicationId + in: path + description: | + **Application Identifier** consisting of the UUID of the Application. + required: true + schema: + type: string + subscriptionId: + name: subscriptionId + in: path + description: | + Subscription Id + required: true + schema: + type: string + resourcePolicyId: + name: resourcePolicyId + in: path + description: | + registry resource Id + required: true + schema: + type: string + subscriptionId-Q: + name: subscriptionId + in: query + description: | + Subscription Id + required: true + schema: + type: string + operationPolicyId: + name: operationPolicyId + in: path + description: | + Operation policy Id + required: true + schema: + type: string + + # API Revision Identifier + # Specified as part of the path expression + revisionId: + name: revisionId + in: path + description: | + Revision ID of an API + required: true + schema: + type: string + + # API Revision Identifier + # Specified as part of the query string + revisionId-Q: + name: revisionId + in: query + description: | + Revision ID of an API + schema: + type: string + revisionNum-Q: + name: revisionNumber + in: query + description: | + Revision Number of an API + schema: + type: string + deploymentId: + name: deploymentId + in: path + description: | + Base64 URL encoded value of the name of an environment + required: true + schema: + type: string + policyName: + name: policyName + in: path + description: | + Tier name + required: true + schema: + type: string + policyName-Q: + name: policyName + in: query + description: | + Name of the policy + required: true + schema: + type: string + policyLevel: + name: policyLevel + in: path + description: | + List API or Application or Resource type policies. + required: true + schema: + type: string + enum: + - api + - subcription + policyLevel-Q: + name: policyLevel + in: query + description: | + List API or Application or Resource type policies. + required: true + schema: + type: string + enum: + - api + - subcription + limit: + name: limit + in: query + description: | + Maximum size of resource array to return. + schema: + type: integer + default: 25 + Accept: + name: Accept + in: header + description: | + Media types acceptable for the response. Default is application/json. + schema: + type: string + default: application/json + offset: + name: offset + in: query + description: | + Starting point within the complete list of items qualified. + schema: + type: integer + default: 0 + sortBy: + name: sortBy + in: query + description: | + Criteria for sorting. + schema: + type: string + default: createdTime + enum: + - apiName + - version + - createdTime + - status + sortOrder: + name: sortOrder + in: query + description: | + Order of sorting(ascending/descending). + schema: + type: string + default: desc + enum: + - asc + - desc + If-None-Match: + name: If-None-Match + in: header + description: | + Validator for conditional requests; based on the ETag of the formerly retrieved + variant of the resource. + schema: + type: string + If-Match: + name: If-Match + in: header + description: | + Validator for conditional requests; based on ETag. + schema: + type: string + scopeName: + name: scopeId + in: path + description: | + Scope name + required: true + schema: + type: string + scopeId: + name: scopeId + in: path + description: | + Scope Id consisting the UUID of the shared scope + required: true + schema: + type: string + threatProtectionPolicyId: + name: policyId + in: path + description: | + The UUID of a Policy + required: true + schema: + type: string + roleId: + name: roleId + in: path + description: | + The Base 64 URL encoded role name with domain. If the given role is in secondary user-store, role ID should be + derived as Base64URLEncode({user-store-name}/{role-name}). If the given role is in PRIMARY user-store, role ID + can be derived as Base64URLEncode(role-name) + required: true + schema: + type: string + requestedTenant: + name: X-WSO2-Tenant + in: header + description: | + For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be + retirieved from. + schema: + type: string + apiProductId: + name: apiProductId + in: path + description: | + **API Product ID** consisting of the **UUID** of the API Product. Using the **UUID** in the API call is recommended. + required: true + schema: + type: string + x-encoded: true + x-encoded: true + tenantDomain: + name: tenantDomain + in: path + description: | + The domain of a specific tenant + required: true + schema: + type: string + alertType: + name: alertType + in: path + description: The alert type. + required: true + schema: + type: string + configurationId: + name: configurationId + in: path + description: The alert configuration id. + required: true + schema: + type: string + tierQuotaType: + name: tierQuotaType + description: Filter the subscription base on tier quota type + in: query + schema: + type: string + envId: + name: envId + in: path + description: | + **Env ID** consisting of the **UUID** of the gateway environment. + required: true + schema: + type: string + apiProductId-Q: + name: apiProductId + in: query + description: | + **API Product ID** consisting of the **UUID** of the API Product. + The combination of the provider, name and the version of the API Product is also accepted as a valid API Product ID. + Should be formatted as **provider-name-version**. + required: true + schema: + type: string + requestBodies: + threatProtectionPolicy: + description: | + Threat protection policy request parameter + content: + application/json: + schema: + $ref: '#/components/schemas/ThreatProtectionPolicy' + required: true + securitySchemes: + OAuth2Security: + type: oauth2 + flows: + password: + tokenUrl: https://localhost:9443/oauth2/token + scopes: + openid: Authorize access to user details + apim:api_view: View API + apim:api_create: Create API + apim:api_delete: Delete API + apim:api_publish: Publish API + apim:api_manage: Manage all API related operations + apim:subscription_view: View Subscription + apim:subscription_block: Block Subscription + apim:subscription_manage: Manage all Subscription related operations + apim:threat_protection_policy_create: Create threat protection policies + apim:threat_protection_policy_manage: Update and delete threat protection policies + apim:document_create: Create API documents #deprecate + apim:document_manage: Create, update and delete API documents + apim:api_mediation_policy_manage: View, create, update and remove API specific mediation policies + apim:mediation_policy_view: View mediation policies + apim:mediation_policy_create: Create mediation policies + apim:mediation_policy_manage: Update and delete mediation policies + apim:common_operation_policy_view: View common operation policies + apim:common_operation_policy_manage: Add, Update and Delete common operation policies + apim:client_certificates_view: View client certificates + apim:client_certificates_add: Add client certificates + apim:client_certificates_update: Update and delete client certificates + apim:client_certificates_manage: View, create, update and remove client certificates + apim:ep_certificates_view: View backend endpoint certificates + apim:ep_certificates_add: Add backend endpoint certificates + apim:ep_certificates_update: Update and delete backend endpoint certificates + apim:ep_certificates_manage: View, create, update and remove endpoint certificates + apim:publisher_settings: Retrieve store settings + apim:pub_alert_manage: Get/ subscribe/ configure publisher alerts + apim:shared_scope_manage: Manage shared scopes + apim:app_import_export: Import and export applications related operations + apim:api_import_export: Import and export APIs related operations + apim:api_product_import_export: Import and export API Products related operations + apim:api_generate_key: Generate Internal Key + apim:admin: Manage all admin operations + apim:comment_view: Read permission to comments + apim:comment_write: Write permission to comments + apim:comment_manage: Read and Write comments + apim:tier_view: View throttling policies + apim:tier_manage: View, update and delete throttling policies + apim:api_list_view: View, Retrieve API list + apim:api_definition_view: View, Retrieve API definition