# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ################################################################################ openapi: 3.0.1 info: title: WSO2 API Manager - Admin description: | This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { "callbackUrl":"www.example.com", "clientName":"rest_api_admin", "owner":"admin", "grantType":"client_credentials password refresh_token", "saasApp":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H "Authorization: Basic Base64(admin_username:admin_password)" -H "Content-Type: application/json" \ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" \ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", "clientName": "rest_api_admin", "callBackURL": "www.example.com", "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", "isSaasApplication": true, "appOwner": "admin", "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.example.com\",\"client_name\":\"rest_api_admin\"}", "jsonAppAttribute": "{}", "tokenType": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d "grant_type=password&username=&password=&scope=" \ -H "Authorization: Basic base64(cliet_id:client_secret)" \ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \ -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ -d "grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view" ``` Shown below is a sample response to the above request. ``` { "access_token": "e79bda48-3406-3178-acce-f6e4dbdcbb12", "refresh_token": "a757795d-e69f-38b8-bd85-9aded677a97c", "scope": "apim:admin apim:tier_view", "token_type": "Bearer", "expires_in": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with "Run in Postman" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) contact: name: WSO2 url: https://wso2.com/api-manager/ email: architecture@wso2.com license: name: Apache 2.0 url: http://www.apache.org/licenses/LICENSE-2.0.html version: v4 servers: - url: https://apis.wso2.com/api/am/admin/v4 paths: ###################################################### # The "Content Search Results" Throttling Policies ###################################################### /throttling/policies/search: get: tags: - Unified Search summary: | Retrieve/Search Throttling Policies description: | This operation provides you a list of available Throttling Policies qualifying the given keyword match. parameters: - name: query in: query description: | **Search**. You can search by providing a keyword. Allowed to search by type and name only. schema: type: string responses: 200: description: | OK. List of qualifying Throttling Policies is returned. headers: Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ThrottlePolicyDetailsList' security: - OAuth2Security: - apim:admin - apim:tier_view - apim:admin_tier_view - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/search?query=type:sub"' operationId: throttlingPolicySearch ###################################################### # The "Application Throttling Policy Collection" resource API ###################################################### /throttling/policies/application: get: tags: - Application Policy (Collection) summary: Get all Application Throttling Policies description: | Retrieves all existing application throttling policies. parameters: - $ref: '#/components/parameters/Accept' responses: 200: description: | OK. Policies returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationThrottlePolicyList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view - apim:admin_tier_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application"' post: tags: - Application Policy (Collection) summary: Add an Application Throttling Policy description: | This operation can be used to add a new application level throttling policy. parameters: - $ref: '#/components/parameters/Content-Type' requestBody: description: | Application level policy object that should to be added content: application/json: schema: $ref: '#/components/schemas/ApplicationThrottlePolicy' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: Location: description: | Location of the newly created Policy object. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationThrottlePolicy' example: policyId: e0fd4a15-969e-4056-94c8-8a7b56f8103f policyName: 20PerMin displayName: 20PerMin description: Allows 20 request per minute isDeployed: true type: ApplicationThrottlePolicy defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 20 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application"' ###################################################### # The "Individual Application Throttling Policy" resource API ###################################################### /throttling/policies/application/{policyId}: get: tags: - Application Policy (Individual) summary: Get an Application Throttling Policy description: | Retrieves an application throttling policy. parameters: - $ref: '#/components/parameters/policyId' responses: 200: description: | OK. Policy returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationThrottlePolicy' example: policyId: e0fd4a15-969e-4056-94c8-8a7b56f8103f policyName: 20PerMin displayName: 20PerMin description: Allows 20 request per minute isDeployed: true type: ApplicationThrottlePolicy defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 20 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view - apim:admin_tier_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' put: tags: - Application Policy (Individual) summary: Update an Application Throttling policy description: | Updates an existing application level throttling policy. Upon a succesfull update, you will receive the updated application policy as the response. parameters: - $ref: '#/components/parameters/policyId' - $ref: '#/components/parameters/Content-Type' requestBody: description: | Policy object that needs to be modified content: application/json: schema: $ref: '#/components/schemas/ApplicationThrottlePolicy' required: true responses: 200: description: | OK. Policy updated. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationThrottlePolicy' example: policyId: e0fd4a15-969e-4056-94c8-8a7b56f8103f policyName: 20PerMin displayName: 20PerMin description: Allows 20 request per minute isDeployed: true type: ApplicationThrottlePolicy defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 20 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' delete: tags: - Application Policy (Individual) summary: Delete an Application Throttling policy description: | Deletes an application level throttling policy. parameters: - $ref: '#/components/parameters/policyId' responses: 200: description: | OK. Resource successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' ###################################################### # The "Subscription Throttling Policy Collection" resource API ###################################################### /throttling/policies/subscription: get: tags: - Subscription Policy (Collection) summary: Get all Subscription Throttling Policies description: | This operation can be used to retrieve all Subscription level throttling policies. parameters: - $ref: '#/components/parameters/Accept' responses: 200: description: | OK. Policies returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SubscriptionThrottlePolicyList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view - apim:admin_tier_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' post: tags: - Subscription Policy (Collection) summary: Add a Subscription Throttling Policy description: | This operation can be used to add a Subscription level throttling policy specifying the details of the policy in the payload. parameters: - $ref: '#/components/parameters/Content-Type' requestBody: description: | Subscripion level policy object that should to be added content: application/json: schema: $ref: '#/components/schemas/SubscriptionThrottlePolicy' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: Location: description: | Location of the newly created Policy object. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SubscriptionThrottlePolicy' example: policyId: 78c3ebff-176d-40d8-9377-fb3276528291 policyName: Gold displayName: Gold description: Allows 5000 requests per minute isDeployed: true graphQLMaxComplexity: 0 graphQLMaxDepth: 0 defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 5000 rateLimitCount: 0 customAttributes: [] stopOnQuotaReach: true billingPlan: FREE 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' ###################################################### # The "Individual Subscription Throttling Policy" resource API ###################################################### /throttling/policies/subscription/{policyId}: get: tags: - Subscription Policy (Individual) summary: Get a Subscription Policy description: | This operation can be used to retrieves subscription level throttling policy by specifying the Id of the policy as a path paramter parameters: - $ref: '#/components/parameters/policyId' responses: 200: description: | OK. Policy returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SubscriptionThrottlePolicy' example: policyId: 78c3ebff-176d-40d8-9377-fb3276528291 policyName: Gold displayName: Gold description: Allows 5000 requests per minute isDeployed: true graphQLMaxComplexity: 0 graphQLMaxDepth: 0 defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 5000 rateLimitCount: 0 customAttributes: [] stopOnQuotaReach: true billingPlan: FREE 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view - apim:admin_tier_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' put: tags: - Subscription Policy (Individual) summary: Update a Subscription Policy description: | Updates an existing subscription level throttling policy. parameters: - $ref: '#/components/parameters/policyId' - $ref: '#/components/parameters/Content-Type' requestBody: description: | Policy object that needs to be modified content: application/json: schema: $ref: '#/components/schemas/SubscriptionThrottlePolicy' required: true responses: 200: description: | OK. Policy updated. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SubscriptionThrottlePolicy' example: policyId: 78c3ebff-176d-40d8-9377-fb3276528291 policyName: Gold displayName: Gold description: Allows 5000 requests per minute isDeployed: true graphQLMaxComplexity: 0 graphQLMaxDepth: 0 defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 5000 rateLimitCount: 0 customAttributes: [] stopOnQuotaReach: true billingPlan: FREE 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' delete: tags: - Subscription Policy (Individual) summary: Delete a Subscription Policy description: | This operation can be used to delete a subscription level throttling policy by specifying the Id of the policy as a path paramter. parameters: - $ref: '#/components/parameters/policyId' responses: 200: description: | OK. Resource successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' ###################################################### # The "Custom Rules Collection" resource API ###################################################### /throttling/policies/custom: get: tags: - Custom Rules (Collection) summary: Get all Custom Rules description: | Retrieves all custom rules. **NOTE:** * Only super tenant users are allowed for this operation. parameters: - $ref: '#/components/parameters/Accept' responses: 200: description: | OK. Policies returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CustomRuleList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view - apim:admin_tier_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' post: tags: - Custom Rules (Collection) summary: Add a Custom Rule description: | Adds a new custom rule. **NOTE:** * Only super tenant users are allowed for this operation. parameters: - $ref: '#/components/parameters/Content-Type' requestBody: description: | Custom Rule object that should to be added content: application/json: schema: $ref: '#/components/schemas/CustomRule' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: Location: description: | Location of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CustomRule' example: policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 policyName: custom description: Allow 10 requests per minute for admin user isDeployed: true siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ \ ResultStream;" keyTemplate: $userId 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' ###################################################### # The "Individual Custom Rule" resource API ###################################################### /throttling/policies/custom/{ruleId}: get: tags: - Custom Rules (Individual) summary: Get a Custom Rule description: | Retrieves a custom rule. We need to provide the policy Id as a path parameter. **NOTE:** * Only super tenant users are allowed for this operation. parameters: - $ref: '#/components/parameters/ruleId' responses: 200: description: | OK. Policy returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CustomRule' example: policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 policyName: custom description: Allow 10 requests per minute for admin user isDeployed: true siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ \ ResultStream;" keyTemplate: $userId 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view - apim:admin_tier_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' put: tags: - Custom Rules (Individual) summary: Update a Custom Rule description: | Updates an existing custom rule. **NOTE:** * Only super tenant users are allowed for this operation. parameters: - $ref: '#/components/parameters/ruleId' - $ref: '#/components/parameters/Content-Type' requestBody: description: | Policy object that needs to be modified content: application/json: schema: $ref: '#/components/schemas/CustomRule' required: true responses: 200: description: | OK. Policy updated. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CustomRule' example: policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 policyName: custom description: Allow 10 requests per minute for admin user isDeployed: true siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ \ ResultStream;" keyTemplate: $userId 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' delete: tags: - Custom Rules (Individual) summary: Delete a Custom Rule description: | Delete a custom rule. We need to provide the Id of the policy as a path parameter. **NOTE:** * Only super tenant users are allowed for this operation. parameters: - $ref: '#/components/parameters/ruleId' responses: 200: description: | OK. Resource successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' ###################################################### # The "Advanced Throttling Policy Collection" resource API ###################################################### /throttling/policies/advanced: get: tags: - Advanced Policy (Collection) summary: Get all Advanced Throttling Policies description: | Retrieves all existing advanced throttling policies. parameters: - $ref: '#/components/parameters/Accept' responses: 200: description: | OK. Policies returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/AdvancedThrottlePolicyList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view - apim:admin_tier_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' post: tags: - Advanced Policy (Collection) summary: Add an Advanced Throttling Policy description: | Add a new advanced throttling policy. parameters: - $ref: '#/components/parameters/Content-Type' requestBody: description: | Advanced level policy object that should to be added content: application/json: schema: $ref: '#/components/schemas/AdvancedThrottlePolicy' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: Location: description: | Location of the newly created Advanced Throttling Policy. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/AdvancedThrottlePolicy' example: policyId: 4cf46441-a538-4f79-a499-ab81200c9bca policyName: 10KPerMin displayName: 10KPerMin description: Allows 10000 requests per minute isDeployed: true defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 10000 conditionalGroups: [] 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' ###################################################### # The "Individual Advanced Throttling Policy" resource API ###################################################### /throttling/policies/advanced/{policyId}: get: tags: - Advanced Policy (Individual) summary: Get an Advanced Throttling Policy description: | Retrieves an advanced throttling policy. parameters: - $ref: '#/components/parameters/policyId' responses: 200: description: | OK. Policy returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/AdvancedThrottlePolicy' example: policyId: 4cf46441-a538-4f79-a499-ab81200c9bca policyName: 10KPerMin displayName: 10KPerMin description: Allows 10000 requests per minute isDeployed: true defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 10000 conditionalGroups: [] 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view - apim:admin_tier_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' put: tags: - Advanced Policy (Individual) summary: Update an Advanced Throttling Policy description: | Updates an existing Advanced throttling policy. parameters: - $ref: '#/components/parameters/policyId' - $ref: '#/components/parameters/Content-Type' requestBody: description: | Policy object that needs to be modified content: application/json: schema: $ref: '#/components/schemas/AdvancedThrottlePolicy' required: true responses: 200: description: | OK. Policy updated. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/AdvancedThrottlePolicy' example: policyId: 4cf46441-a538-4f79-a499-ab81200c9bca policyName: 10KPerMin displayName: 10KPerMin description: Allows 10000 requests per minute isDeployed: true defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 10000 conditionalGroups: [] 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' delete: tags: - Advanced Policy (Individual) summary: Delete an Advanced Throttling Policy description: | Deletes an advanced throttling policy. parameters: - $ref: '#/components/parameters/policyId' responses: 200: description: | OK. Resource successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' ###################################################### # "Export Throttling Policy" resource API ###################################################### /throttling/policies/export: get: tags: - Import Export summary: Export a Throttling Policy description: | This operation can be used to export the details of a particular Throttling Policy. parameters: - name: policyId in: query description: UUID of the ThrottlingPolicy schema: type: string - name: name in: query description: | Throttling Policy Name schema: type: string - name: type in: query description: | Type of the Throttling Policy schema: type: string enum: - sub - app - api - global responses: 200: description: | OK. Export Successful. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ExportThrottlePolicy' example: type: rate-limiting policy subtype: application version: v4.1.0 data: policyId: cd828243-a0db-430c-97e9-9e41fd865d48 policyName: 50PerMin displayName: 50PerMin description: Allows 50 request per minute isDeployed: true type: ApplicationThrottlePolicy defaultLimit: type: BANDWIDTHLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 50 bandwidth: timeUnit: min unitTime: 5 dataAmount: 100 dataUnit: MB eventCount: timeUnit: min unitTime: 5 eventCount: 16 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/export?policyId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=Bronze&type=sub&format=YAML"' operationId: exportThrottlingPolicy #################################################################### # Import Throttling Policy #################################################################### /throttling/policies/import: post: tags: - Import Export summary: Import a Throttling Policy description: | This operation can be used to import a Throttling Policy parameters: - name: overwrite in: query description: | Update an existing throttlingpolicy with the same name required: false schema: type: boolean requestBody: content: multipart/form-data: schema: required: - file properties: file: type: string description: Json File format: binary required: true responses: 200: description: | Created. Throttling Policy Imported Successfully. 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tier_manage - apim:admin_tier_manage - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/import?overwrite=True"' operationId: importThrottlingPolicy ###################################################### # The "Deny Policy Collection" resource API ###################################################### /throttling/deny-policies: get: tags: - Deny Policies (Collection) summary: Get all Deny Policies description: | Retrieves all existing deny policies. parameters: - $ref: '#/components/parameters/Accept' - name: query in: query description: | **Search condition**. You can search in attributes by using **"conditionType:"** modifier and **"conditionValue:"** modifier. Eg. The entry "conditionType:API" will result in a match with blocking conditions only if the conditionType is "API". Similarly, "conditionValue:test/1.0.0" will result in a match with blocking conditions only if the conditionValue is "test/1.0.0". When you use "conditionType:API & conditionValue:test/1.0.0" as a combination, it will result in a match with blocking conditions only if both the conditionType is "API" and the conditionValue is "test/1.0.0". If query attribute is provided, this returns the blocking conditions that match the specified attributes. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) schema: type: string responses: 200: description: | OK. Deny Policies returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/BlockingConditionList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:bl_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policies"' post: tags: - Deny Policies (Collection) summary: Add a deny policy description: | Adds a new deny policy parameters: - $ref: '#/components/parameters/Content-Type' requestBody: description: | Blocking condition object that should to be added content: application/json: schema: $ref: '#/components/schemas/BlockingCondition' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: Location: description: | Location of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/BlockingCondition' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:admin - apim:bl_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policies"' ###################################################### # The "Individual Deny Policy" resource API ###################################################### /throttling/deny-policy/{conditionId}: get: tags: - Deny Policy (Individual) summary: Get a Deny Policy description: | Retrieves a Deny policy providing the condition Id parameters: - $ref: '#/components/parameters/conditionId' responses: 200: description: | OK. Condition returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/BlockingCondition' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:bl_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' delete: tags: - Deny Policy (Individual) summary: Delete a Deny Policy description: | Deletes an existing deny policy parameters: - $ref: '#/components/parameters/conditionId' responses: 200: description: | OK. Resource successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:bl_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' patch: tags: - Deny Policy (Individual) summary: Update a Deny Policy description: | Update a deny policy by Id parameters: - $ref: '#/components/parameters/conditionId' - $ref: '#/components/parameters/Content-Type' requestBody: description: | Blocking condition with updated status content: application/json: schema: $ref: '#/components/schemas/BlockingConditionStatus' required: true responses: 200: description: | OK. Resource successfully updated. content: application/json: schema: $ref: '#/components/schemas/BlockingCondition' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:bl_manage x-code-samples: - lang: Curl source: 'curl -k -X PATCH -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' ###################################################### # The "Application Collection" resource APIs ###################################################### /applications: get: tags: - Application (Collection) summary: | Retrieve/Search Applications description: | This operation can be used to retrieve list of applications owned by the given user, If no user is provided, the applications owned by the user associated with the provided access token will be returned. parameters: - $ref: '#/components/parameters/user' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/Accept' - name: name in: query description: | Application Name schema: type: string - name: tenantDomain in: query description: | Tenant domain of the applications to get. This has to be specified only if it is required to get applications of a tenant other than the requester's tenant. So, if not specified, the default will be set as the requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin users **only at a migration process**. schema: type: string - name: sortBy in: query schema: type: string enum: - name - owner default: name - name: sortOrder in: query schema: type: string enum: - asc - desc default: asc responses: 200: description: | OK. Application list returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationList' 400: $ref: '#/components/responses/BadRequest' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:app_settings_change - apim:app_owner_change - apim:app_import_export - apim:admin_application_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/applications"' ###################################################### # The "Individual Application" resource APIs ###################################################### /applications/{applicationId}: get: tags: - Applications summary: | Get the details of an Application description: | This operation can be used to get the details of an application by specifying its id. parameters: - $ref: '#/components/parameters/applicationId' responses: 200: description: | OK. Application details returned. content: application/json: schema: $ref: '#/components/schemas/Application' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:app_import_export - apim:admin_application_view x-code-samples: - lang: Curl source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' delete: tags: - Applications summary: | Delete an Application description: | This operation can be used to delete an application by specifying its id. parameters: - $ref: '#/components/parameters/applicationId' responses: 200: description: | OK. Resource successfully deleted. content: {} 202: description: | Accepted. The request has been accepted. headers: Location: description: | Location of the existing Application. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:app_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' /applications/{applicationId}/change-settings: post: tags: - Application operationId: updateApplicationSettings summary: Update Application Settings description: | This operation allows updating one or more settings of an application. parameters: - $ref: '#/components/parameters/applicationId' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/ApplicationUpdateRequest' responses: 200: description: Application updated successfully content: application/json: schema: $ref: '#/components/schemas/Application' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:app_settings_change x-code-samples: - lang: Curl source: | curl -k -X POST \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -d '{ "owner": "newOwner", "tokenType": "JWT" }' \ "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b" /applications/{applicationId}/change-owner: post: deprecated: true tags: - Application summary: Change Application Owner description: | **Deprecated.** This API will be removed in a future release. Use `/applications/{applicationId}/change-settings` instead. This operation is used to change the owner of an Application. In order to change the owner of an application, we need to pass the new application owner as a query parameter parameters: - name: owner in: query required: true schema: type: string - $ref: '#/components/parameters/applicationId' responses: 200: description: | OK. Application owner changed successfully. content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:app_owner_change x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b/change-owner?owner=admin"' ###################################################### # AI Service Providers resource APIs ###################################################### /ai-service-providers: get: tags: - AIServiceProviders summary: Get all AI Service providers description: | Get all AI Service providers responses: 200: description: | OK. AI Service providers returned content: application/json: schema: $ref: '#/components/schemas/AIServiceProviderSummaryResponseList' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' operationId: getAIServiceProviders post: tags: - AIServiceProviders summary: Add a AI Service provider description: | Add a new AI Service provider requestBody: description: | AI Service provider object that should to be added content: multipart/form-data: schema: $ref: '#/components/schemas/AIServiceProviderRequest' required: true responses: 201: description: | Created. Successful response with the newly created AI Service provider as entity in the body. content: application/json: schema: $ref: '#/components/schemas/AIServiceProviderResponse' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - apim:llm_provider_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer " -H "Content-Type: multipart/form-data" -F "name=AIServiceProviderName" -F "apiVersion=v1" -F "configurations={\"key\":\"value\"}" -F "apiDefinition=@api_definition_file.json" "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' operationId: addAIServiceProvider ###################################################### # The "Individual AI Service Provider" resource APIs ###################################################### /ai-service-providers/{aiServiceProviderId}: put: tags: - AIServiceProvider summary: Update an AI Service provider description: | Update a AI Service provider by AIServiceProviderId parameters: - $ref: '#/components/parameters/aiServiceProviderId' requestBody: description: | AI Service Provider object with updated information content: multipart/form-data: schema: $ref: '#/components/schemas/AIServiceProviderRequest' required: true responses: 200: description: | OK. AI Service Provider updated. content: application/json: schema: $ref: '#/components/schemas/AIServiceProviderResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:llm_provider_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" \ -F "name=UpdatedProviderName" \ -F "apiVersion=v2" \ -F "configurations={\"key\":\"value\"}" \ -F "apiDefinition=@api_definition.json" \ "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/{aiServiceProviderId}"' operationId: updateAIServiceProvider delete: tags: - AIServiceProvider summary: Delete a AI Service Provider description: | Delete a AI Service Provider by aiServiceProviderId parameters: - $ref: '#/components/parameters/aiServiceProviderId' responses: 200: description: | OK. AI Service provider successfully deleted. content: { } 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:llm_provider_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' operationId: deleteAIServiceProvider get: tags: - AIServiceProvider summary: Get AI Service Provider description: | Get a AI Service Provider parameters: - $ref: '#/components/parameters/aiServiceProviderId' responses: 200: description: | OK. OpenAPI specification content: application/json: schema: $ref: '#/components/schemas/AIServiceProviderResponse' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' operationId: getAIServiceProvider ###################################################### # LLM Providers resource APIs ###################################################### /llm-providers: get: deprecated: true tags: - LLMProviders summary: Get all LLM providers description: | Get all LLM providers responses: 200: description: | OK. LLM providers returned content: application/json: schema: $ref: '#/components/schemas/LLMProviderSummaryResponseList' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' operationId: getLLMProviders post: deprecated: true tags: - LLMProviders summary: Add a LLM provider description: | Add a new LLM provider requestBody: description: | LLM provider object that should to be added content: multipart/form-data: schema: required: - name - apiVersion - configurations - apiDefinition $ref: '#/components/schemas/LLMProviderRequest' required: true responses: 201: description: | Created. Successful response with the newly created LLM provider as entity in the body. content: application/json: schema: $ref: '#/components/schemas/LLMProviderResponse' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - apim:llm_provider_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' operationId: addLLMProvider ###################################################### # The "Individual LLM Provider" resource APIs ###################################################### /llm-providers/{llmProviderId}: put: deprecated: true tags: - LLMProvider summary: Update an LLM provider description: | Update a LLM provider by LLMProviderId parameters: - $ref: '#/components/parameters/llmProviderId' requestBody: description: | LLM Provider object with updated information content: multipart/form-data: schema: required: - apiDefinition $ref: '#/components/schemas/LLMProviderRequest' required: true responses: 200: description: | OK. LLM Provider updated. content: application/json: schema: $ref: '#/components/schemas/LLMProviderResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:llm_provider_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' operationId: updateLLMProvider delete: deprecated: true tags: - LLMProvider summary: Delete a LLM Provider description: | Delete a LLM Provider by llmProviderId parameters: - $ref: '#/components/parameters/llmProviderId' responses: 200: description: | OK. LLM provider successfully deleted. content: { } 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:llm_provider_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' operationId: deleteLLMProvider get: tags: - LLMProvider summary: Get LLM Provider description: | Get a LLM Provider parameters: - $ref: '#/components/parameters/llmProviderId' responses: 200: description: | OK. OpenAPI specification content: application/json: schema: $ref: '#/components/schemas/LLMProviderResponse' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' operationId: getLLMProvider ###################################################### # The "Environment" resource API ###################################################### /environments: get: tags: - Environments summary: Get all registered Environments description: | Get all Registered Environments responses: 200: description: | OK. Environments returned content: application/json: schema: $ref: '#/components/schemas/EnvironmentList' security: - OAuth2Security: - apim:admin - apim:environment_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/environments"' post: tags: - Environments summary: Add an Environment description: | Add a new gateway environment requestBody: description: | Environment object that should to be added content: application/json: schema: $ref: '#/components/schemas/Environment' required: true responses: 201: description: | Created. Successful response with the newly created environment as entity in the body. content: application/json: schema: $ref: '#/components/schemas/Environment' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - apim:environment_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments"' ###################################################### # The "Individual Environment" resource APIs ###################################################### /environments/{environmentId}: get: tags: - Environments summary: Get a Gateway Environment Configuration description: | Retrieve a single Gateway Environment Configuration. We should provide the Id of the Environment as a path parameter. parameters: - $ref: '#/components/parameters/environmentId' responses: 200: description: | OK. Gateway Environment Configuration returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Environment' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:environment_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/environments/8d263942-a6df-4cc2-a804-7a2525501450"' put: tags: - Environments summary: Update an Environment description: | Update a gateway Environment by environment Id parameters: - $ref: '#/components/parameters/environmentId' requestBody: description: | Environment object with updated information content: application/json: schema: $ref: '#/components/schemas/Environment' required: true responses: 200: description: | OK. Environment updated. content: application/json: schema: $ref: '#/components/schemas/Environment' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:environment_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' delete: tags: - Environments summary: Delete an Environment description: | Delete a Environment by Environment Id parameters: - $ref: '#/components/parameters/environmentId' responses: 200: description: | OK. Environment successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:environment_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' /environments/{environmentId}/gateways: get: tags: - Environments summary: Get Gateway Instances in a Gateway Environment description: | Retrieve list of gateway Instances in the gateway environment. parameters: - $ref: '#/components/parameters/environmentId' responses: 200: description: | OK. List of gateway Instances in the gateway environment returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/GatewayInstanceList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:environment_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/environments/8d263942-a6df-4cc2-a804-7a2525501450/gateways"' ###################################################### # The "Platform Gateways" resource API (platform / self-hosted gateway registration) ###################################################### /gateways: get: operationId: getPlatformGateways tags: - Platform Gateways summary: Get all platform gateways description: | Get all registered platform gateways for the organization. responses: 200: description: | OK. List of platform gateways returned (without registration tokens). content: application/json: schema: $ref: '#/components/schemas/GatewayList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/gateways"' post: operationId: createPlatformGateway tags: - Platform Gateways summary: Register a platform gateway description: | Register a new platform gateway. A registration token is generated and returned once in the response; store it (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the gateway to connect to the control plane WebSocket. The token is stored hashed and cannot be retrieved later. requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/CreatePlatformGatewayRequest' responses: 201: description: | Created. Gateway and registration token (returned once) in the response body. content: application/json: schema: $ref: '#/components/schemas/GatewayResponseWithToken' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/gateways"' /gateways/{gatewayId}/regenerate-token: post: operationId: regeneratePlatformGatewayToken tags: - Platform Gateways summary: Regenerate registration token for a platform gateway description: | Regenerate the registration token for an existing platform gateway. The old token is revoked and a new one is generated. Store the new token (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the gateway to reconnect to the control plane WebSocket. The token is returned only once. parameters: - name: gatewayId in: path description: Gateway UUID required: true schema: type: string responses: 200: description: | OK. Gateway and new registration token (returned once) in the response body. content: application/json: schema: $ref: '#/components/schemas/GatewayResponseWithToken' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/gateways/{gatewayId}/regenerate-token"' /gateways/{gatewayId}: put: operationId: updatePlatformGateway tags: - Platform Gateways summary: Update a platform gateway description: | Update platform gateway metadata. Request body must include all updatable fields (displayName, description, properties, permissions). Name and vhost cannot be changed. UI should send the full resource representation to align with PUT semantics. parameters: - name: gatewayId in: path description: Gateway UUID required: true schema: type: string requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/UpdatePlatformGatewayRequest' responses: 200: description: OK. Updated platform gateway in the response body. content: application/json: schema: $ref: '#/components/schemas/PlatformGatewayResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin delete: operationId: deletePlatformGateway tags: - Platform Gateways summary: Delete a platform gateway description: | Delete a platform gateway and all its references (tokens, instance mappings, revision deployment records, gateway environment, permissions). Fails with 409 if any API revisions are currently deployed to this gateway; undeploy all APIs from the gateway first. parameters: - name: gatewayId in: path description: Gateway UUID required: true schema: type: string responses: 200: description: OK. Gateway and all references removed. 404: $ref: '#/components/responses/NotFound' 409: description: Conflict. Cannot delete gateway while API revisions are deployed to it. content: application/json: schema: $ref: '#/components/schemas/Error' security: - OAuth2Security: - apim:admin ###################################################### # The "Organizations" resource API ###################################################### /organizations: get: tags: - Organizations summary: Get all registered Organizations description: | Get all Registered Organizations responses: 200: description: | OK. Organizations returned content: application/json: schema: $ref: '#/components/schemas/OrganizationList' security: - OAuth2Security: - apim:admin - apim:organization_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/organizations"' post: tags: - Organizations summary: Add an Organizations description: | Add a new organization requestBody: description: | Organization object that should to be added content: application/json: schema: $ref: '#/components/schemas/Organization' required: true responses: 201: description: | Created. Successful response with the newly created organization as entity in the body. content: application/json: schema: $ref: '#/components/schemas/Organization' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - apim:organization_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations"' ###################################################### # The "Individual Environment" resource APIs ###################################################### /organizations/{organizationId}: get: tags: - Organizations summary: Get an Organization description: | Get an organization by organization Id parameters: - $ref: '#/components/parameters/organizationId' responses: 200: description: | OK. Organization. content: application/json: schema: $ref: '#/components/schemas/Organization' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:organization_read x-code-samples: - lang: Curl source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' put: tags: - Organizations summary: Update an Organization description: | Update an organization by organization Id parameters: - $ref: '#/components/parameters/organizationId' requestBody: description: | Organization object with updated information content: application/json: schema: $ref: '#/components/schemas/Organization' required: true responses: 200: description: | OK. Organization updated. content: application/json: schema: $ref: '#/components/schemas/Organization' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:organization_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' delete: tags: - Organizations summary: Delete an Organization description: | Delete an organization by organization Id parameters: - $ref: '#/components/parameters/organizationId' responses: 200: description: | OK. Organization successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:organization_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' /me/organization-information: get: tags: - Users summary: Get the Organization information of the user description: | Using this operation, logged-in user can get their organization information. operationId: organizationInformation responses: 200: description: | OK. Key Manager list returned content: application/json: schema: $ref: '#/components/schemas/OrganizationInfo' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - apim:admin_settings x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/publisher/v4/me/organization"' ###################################################### # The Bot Detection Data API resources ###################################################### /bot-detection-data: get: tags: - Bot Detection Data summary: | Get all Bot Detected Data description: | Get all bot detected data operationId: getBotDetectionData responses: 200: description: | OK. Bot detected data returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/BotDetectionDataList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:bot_data x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/bot-detection-data"' ###################################################### # The "Monetization" resource APIs ###################################################### /monetization/publish-usage: post: tags: - Monetization (Collection) summary: Publish Usage Records description: | Publish usage records of monetized APIs responses: 200: description: Usage records successfully published. content: application/json: schema: $ref: '#/components/schemas/PublishStatus' 202: description: Request is sucessfully accepted for processing. content: application/json: schema: $ref: '#/components/schemas/PublishStatus' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:monetization_usage_publish x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage"' /monetization/publish-usage/status: get: tags: - Monetization (Collection) summary: Get the Status of Monetization Usage Publisher description: | Get the status of monetization usage publisher responses: 200: description: | OK. Status returned content: application/json: schema: $ref: '#/components/schemas/MonetizationUsagePublishInfo' security: - OAuth2Security: - apim:admin - apim:monetization_usage_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage/status"' ###################################################### # The "Workflow Collection" resource APIs ###################################################### /workflows: get: tags: - Workflow (Collection) summary: | Retrieve All Pending Workflow Processes description: | This operation can be used to retrieve list of workflow pending processes. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/Accept' - name: workflowType in: query description: | We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX. schema: type: string enum: - AM_APPLICATION_CREATION - AM_SUBSCRIPTION_CREATION - AM_USER_SIGNUP - AM_APPLICATION_REGISTRATION_PRODUCTION - AM_APPLICATION_REGISTRATION_SANDBOX - AM_SUBSCRIPTION_DELETION - AM_APPLICATION_DELETION - AM_API_STATE - AM_API_PRODUCT_STATE - AM_REVISION_DEPLOYMENT responses: 200: description: | OK. Workflow pendding process list returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:api_workflow_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/workflows"' /workflows/{externalWorkflowRef}: get: tags: - Workflows (Individual) summary: | Get Pending Workflow Details by External Workflow Reference description: | Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. parameters: - name: externalWorkflowRef in: path description: | from the externel workflow reference we decide what is the the pending request that the are requesting. required: true schema: type: string responses: 200: description: | OK. Requested Workflow Pending is returned content: application/json: schema: $ref: '#/components/schemas/WorkflowInfo' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:api_workflow_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/workflows/c43a325c-260b-4302-81cb-768eafaa3aed"' /workflows/update-workflow-status: post: tags: - Workflows (Individual) summary: Update Workflow Status description: | This operation can be used to approve or reject a workflow task. parameters: - $ref: '#/components/parameters/workflowReferenceId-Q' requestBody: description: | Workflow event that need to be updated content: application/json: schema: $ref: '#/components/schemas/Workflow' required: true responses: 200: description: | OK. Workflow request information is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Workflow' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:api_workflow_approve x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/workflows/update-workflow-status?workflowReferenceId=56e3a170-a7a7-45f8-b051-7e43a58a67e1"' ###################################################### # The Tenant Info resource API ###################################################### /tenant-info/{username}: get: tags: - Tenants summary: | Get Tenant Id of User description: | This operation is to get tenant id of the provided user operationId: getTenantInfoByUsername parameters: - name: username in: path description: | The state represents the current state of the tenant. Supported states are [ active, inactive] required: true schema: type: string default: john responses: 200: description: | OK. Tenant id of the user retrieved. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/TenantInfo' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tenantInfo x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/tenant-info/john"' ###################################################### # The Custom URL Info resource API ###################################################### /custom-urls/{tenantDomain}: get: tags: - Tenants summary: | Get Custom URL Info of a Tenant Domain description: | This operation is to get custom-url information of the provided tenant-domain operationId: getCustomUrlInfoByTenantDomain parameters: - name: tenantDomain in: path description: | The tenant domain name. required: true schema: type: string responses: 200: description: | OK. Custom url info of the tenant is retrieved. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CustomUrlInfo' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tenantInfo x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/custom-urls/wso2.com"' ###################################################### # The "Category Collection" resource API ###################################################### /api-categories: get: tags: - API Category (Collection) summary: Get all API Categories description: | Get all API categories responses: 200: description: | OK. Categories returned content: application/json: schema: $ref: '#/components/schemas/APICategoryList' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:api_category x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' post: tags: - API Category (Individual) summary: Add API Category description: | Add a new API category requestBody: description: | API Category object that should to be added content: application/json: schema: $ref: '#/components/schemas/APICategory' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. content: application/json: schema: $ref: '#/components/schemas/APICategory' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:api_category x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' ###################################################### # The "Individual Category" resource APIs ###################################################### /api-categories/{apiCategoryId}: put: tags: - API Category (Individual) summary: Update an API Category description: | Update an API Category by category Id parameters: - $ref: '#/components/parameters/apiCategoryId' requestBody: description: | API Category object with updated information content: application/json: schema: $ref: '#/components/schemas/APICategory' required: true responses: 200: description: | OK. Label updated. content: application/json: schema: $ref: '#/components/schemas/APICategory' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:api_category x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' delete: tags: - API Category (Individual) summary: Delete an API Category description: | Delete an API Category by API Category Id parameters: - $ref: '#/components/parameters/apiCategoryId' responses: 200: description: | OK. API Category successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:api_category x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' ###################################################### # The Admin settings List ###################################################### /settings: get: tags: - Settings summary: Retreive Admin Settings description: | Retreive admin settings responses: 200: description: | OK. Settings returned content: application/json: schema: $ref: '#/components/schemas/Settings' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:admin_settings x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/settings"' #################################################### # The Admin alert management resources #################################################### /alert-types: get: tags: - Alerts summary: | Get all Admin Alert Types description: | This operation is used to get the list of supportd alert types for the apim admin dashboard operationId: getAdminAlertTypes responses: 200: description: | OK. The list of admin alert types are returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/AlertTypesList' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:admin_alert_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/alert-types"' /alert-subscriptions: get: tags: - Alert Subscriptions summary: | Get Subscribed Alert Types description: | This operation is used to get the list of subscribed alert types by the user. operationId: getSubscribedAlertTypes responses: 200: description: | OK. The list of subscribed alert types are returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/AlertsSubscription' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:admin_alert_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' put: tags: - Alert Subscriptions summary: | Subscribe to an Admin Alert description: | This operation is used to subscribe to admin alerts operationId: subscribeToAlerts requestBody: description: The alerts list and the email list to subscribe. content: application/json: schema: $ref: '#/components/schemas/AlertsSubscription' required: true responses: 200: description: | OK. Successful response with the newly subscribed alerts. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/AlertsSubscription' 400: $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:admin_alert_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' delete: tags: - Alert Subscriptions summary: | Unsubscribe User from all Admin Alerts description: | This operation is used to unsubscribe the respective user from all the admin alert types. operationId: unsubscribeAllAlerts responses: 200: description: | OK. The user is unsubscribed from the alerts successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: {} 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:admin_alert_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' /alert-subscriptions/bot-detection: get: tags: - Bot Detection Alert Subscriptions summary: | Get Subscriptions for Bot Detection description: | Get the list of subscriptions which are subscribed to receive email alerts for bot detection operationId: getBotDetectionAlertSubscriptions responses: 200: description: | OK. The list of bot detection alert subscriptions are returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/BotDetectionAlertSubscriptionList' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:admin_alert_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' post: tags: - Bot Detection Alert Subscriptions summary: Subscribe for Bot Detection Alerts description: | Register a subscription for bot detection alerts operationId: subscribeForBotDetectionAlerts requestBody: description: | The email to register to receive bot detection alerts content: application/json: schema: $ref: '#/components/schemas/BotDetectionAlertSubscription' required: true responses: 200: description: | OK. Bot detection alert subscription is registered successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/BotDetectionAlertSubscription' 400: $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:admin_alert_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' /alert-subscriptions/bot-detection/{uuid}: delete: tags: - Bot Detection Alert Subscriptions summary: Unsubscribe from bot detection alerts. description: | Delete a Bot Detection Alert Subscription operationId: unsubscribeFromBotDetectionAlerts parameters: - name: uuid in: path description: uuid of the subscription required: true schema: type: string responses: 200: description: | OK. Bot detection alert subscription is deleted successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: {} 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:admin_alert_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection/7c9ee02d-37f5-4694-b99c-6d5641b28645"' ###################################################### # System scopes resource API ###################################################### /system-scopes/{scopeName}: get: tags: - System Scopes summary: Retrieve Scopes for a Particular User description: | This operation will return the scope list of particular user In order to get it, we need to pass the userId as a query parameter operationId: systemScopesScopeNameGet parameters: - name: username in: query schema: type: string - $ref: '#/components/parameters/scopeName' responses: 200: description: | OK. Particular scope exists for the given user. content: application/json: schema: $ref: '#/components/schemas/ScopeSettings' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:scope_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/YXBpbTpzdWJzY3JpYmU?username=john"' /system-scopes: get: tags: - System Scopes summary: | Get Role Scope Mappings description: | This operation is used to get the list of role scope mapping from tenant-conf for the apim admin dashboard operationId: systemScopesGet responses: 200: description: | OK. The list of role scope mappings are returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ScopeList' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:scope_manage - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' put: tags: - System Scopes summary: | Update Roles For Scope description: | This operation is used to update the roles for all scopes operationId: updateRolesForScope requestBody: description: | Scope list object with updated scope to role mappings content: application/json: schema: $ref: '#/components/schemas/ScopeList' required: true responses: 200: description: | OK. Successful response with the newly added roles. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ScopeList' 400: $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:scope_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' /system-scopes/role-aliases: get: tags: - System Scopes summary: Retrieve Role Alias Mappings description: | This operation can be used to retreive role alias mapping responses: 200: description: | OK. The list of role mappings are returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/RoleAliasList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:scope_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' put: tags: - System Scopes summary: Add a New Role Alias description: | This operation can be used to add a new role alias mapping for system scope roles requestBody: description: role-alias mapping content: application/json: schema: $ref: '#/components/schemas/RoleAliasList' required: true responses: 200: description: | OK. Role mapping alias returned content: application/json: schema: $ref: '#/components/schemas/RoleAliasList' 400: $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:scope_manage - apim:admin x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' ###################################################### # Roles resource APIs ###################################################### /roles/{roleId}: head: tags: - Roles summary: Check Whether Given Role Name already Exist description: | Using this operation, user can check a given role name exists or not. operationId: validateSystemRole parameters: - $ref: '#/components/parameters/roleId' responses: 200: description: OK. Requested role name exists. content: {} 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:role_manage x-code-samples: - lang: Curl source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/roles/SW50ZXJuYWwvcHVibGlzaGVyCQ"' ###################################################### # The Tenant Theme resource APIs ###################################################### /tenant-theme: get: tags: - Tenant Theme summary: Export a DevPortal Tenant Theme description: | This operation can be used to export a DevPortal tenant theme as a zip file. operationId: exportTenantTheme responses: 200: description: | OK. Tenant Theme Exported Successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/zip: schema: type: string format: binary 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tenant_theme_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme" > theme.zip' put: tags: - Tenant Theme summary: Import a DevPortal Tenant Theme description: | This operation can be used to import a DevPortal tenant theme. operationId: importTenantTheme requestBody: content: multipart/form-data: schema: required: - file properties: file: type: string description: | Zip archive consisting of tenant theme configuration format: binary required: true responses: 200: description: | Ok. Tenant Theme Imported Successfully. content: {} 403: $ref: '#/components/responses/Forbidden' 413: $ref: '#/components/responses/PayloadTooLarge' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tenant_theme_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@theme.zip "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme"' ###################################################### # Organization theme of Devportal related APIs ###################################################### /org-themes: get: operationId: getOrgThemes summary: Retrieve UUIDs of org-theme contents description: Returns the UUIDs of org-theme contents and their publish status. parameters: - name: publish in: query description: Filter themes based on published status required: false schema: type: boolean responses: 200: description: List of org themes content: application/json: schema: type: array items: $ref: '#/components/schemas/ContentPublishStatusResponse' 404: $ref: '#/components/responses/NotFound' 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tenant_theme_manage x-code-samples: - lang: Curl source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/org-themes?publish=true"' post: operationId: importOrgTheme summary: Import org theme description: Imports a drafted zip of an org theme to APIM. requestBody: required: true content: multipart/form-data: schema: required: - file properties: file: type: string description: | The org-content.zip file format: binary responses: 200: description: Successfully imported 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 403: $ref: '#/components/responses/Forbidden' 413: $ref: '#/components/responses/PayloadTooLarge' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tenant_theme_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F "file=@org-content.zip" "https://127.0.0.1:9443/api/am/admin/v4/org-themes"' /org-themes/{id}/content: get: operationId: getOrgThemeContent summary: Retrieve org theme as zip description: Returns the org theme as a zip file for the given ID. parameters: - name: id in: path required: true schema: type: string responses: 200: description: Returns the org theme zip content: application/zip: schema: type: string format: binary 404: $ref: '#/components/responses/NotFound' 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tenant_theme_manage x-code-samples: - lang: Curl source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/org-themes/{id}/content" -o org-content.zip' /org-themes/{id}: delete: operationId: deleteOrgTheme summary: Delete an org theme description: Deletes the org theme for the given ID. parameters: - name: id in: path required: true schema: type: string responses: 200: description: Successfully deleted 404: $ref: '#/components/responses/NotFound' 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tenant_theme_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/org-themes/{id}"' /org-themes/{id}/status: post: operationId: updateOrgThemeStatus summary: Update publish status of an org theme description: Publishes or unpublishes an org theme to the dev portal. parameters: - name: id in: path required: true schema: type: string requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/ContentPublishStatus" responses: 200: description: Successfully updated status 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tenant_theme_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d ''{"ACTION": "PUBLISH"}'' "https://127.0.0.1:9443/api/am/admin/v4/org-themes/{id}/status"' ###################################################### # The Tenant config resource APIs ###################################################### /tenant-config: get: tags: - Tenant Config summary: Export a tenant-Config. description: | This operation can be used to export a tenant-config.json used in deployment. operationId: exportTenantConfig responses: 200: description: | OK. Tenant config Exported Successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: string 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/tenant-config" > tenant-config.json' put: tags: - Tenant Config summary: Update a tenant-config. description: | This operation can be used to update tenant-config. operationId: updateTenantConfig requestBody: description: tenant-config content: application/json: schema: type: string required: true responses: 200: description: | OK. Role mapping alias returned content: application/json: schema: type: object 403: $ref: '#/components/responses/Forbidden' 413: $ref: '#/components/responses/PayloadTooLarge' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/tenant-config"' ###################################################### # The Tenant config schema resource APIs ###################################################### /tenant-config-schema: get: tags: - Tenant Config Schema summary: Export a tenant-Config-Schema. description: | This operation can be used to export a tenant-config-schema.json used in deployment. operationId: exportTenantConfigSchema responses: 200: description: | OK. Tenant config schema exported successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: string 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/tenant-config-schema" > tenant-config-schema.json' ###################################################### # The "Key Manager Collection" resource API ###################################################### /key-managers: get: tags: - Key Manager (Collection) summary: Get all Key managers description: | Get all Key managers responses: 200: description: | OK. KeyManagers returned content: application/json: schema: $ref: '#/components/schemas/KeyManagerList' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' post: tags: - Key Manager (Collection) summary: Add a new API Key Manager description: | Add a new API Key Manager requestBody: description: | Key Manager object that should to be added content: application/json: schema: $ref: '#/components/schemas/KeyManager' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. content: application/json: schema: $ref: '#/components/schemas/KeyManager' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' ###################################################### # The "Individual KeyManager" resource APIs ###################################################### /key-managers/{keyManagerId}: get: tags: - Key Manager (Individual) summary: Get a Key Manager Configuration description: | Retrieve a single Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. parameters: - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. KeyManager Configuration returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/KeyManager' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' put: tags: - Key Manager (Individual) summary: Update a Key Manager description: | Update a Key Manager by keyManager id parameters: - $ref: '#/components/parameters/keyManagerId' requestBody: description: | Key Manager object with updated information content: application/json: schema: $ref: '#/components/schemas/KeyManager' required: true responses: 200: description: | OK. Label updated. content: application/json: schema: $ref: '#/components/schemas/KeyManager' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' delete: tags: - Key Manager (Individual) summary: Delete a Key Manager description: | Delete a Key Manager by keyManager id parameters: - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. Key Manager successfully deleted. content: { } 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:admin_operations x-code-samples: - lang: Shell source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' ###################################################### # The "Global Key Manager Collection" resource API ###################################################### /global-key-managers: get: tags: - Global Key Manager (Collection) summary: Get all Global Key managers description: | Get all Global Key managers responses: 200: description: | OK. KeyManagers returned content: application/json: schema: $ref: '#/components/schemas/KeyManagerList' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Shell source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' post: tags: - Global Key Manager (Collection) summary: Add a new Global Key Manager description: | Add a new Global Key Manager requestBody: description: | Key Manager object that should to be added content: application/json: schema: $ref: '#/components/schemas/KeyManager' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. content: application/json: schema: $ref: '#/components/schemas/KeyManager' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Shell source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' ###################################################### # The "Global Individual KeyManager" resource APIs ###################################################### /global-key-managers/{keyManagerId}: get: tags: - Global Key Manager (Individual) summary: Get a Global Key Manager Configuration description: | Retrieve a single Global Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. parameters: - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. KeyManager Configuration returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/KeyManager' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Shell source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' put: tags: - Global Key Manager (Individual) summary: Update a Global Key Manager description: | Update a Global Key Manager by keyManager id parameters: - $ref: '#/components/parameters/keyManagerId' requestBody: description: | Key Manager object with updated information content: application/json: schema: $ref: '#/components/schemas/KeyManager' required: true responses: 200: description: | OK. Label updated. content: application/json: schema: $ref: '#/components/schemas/KeyManager' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Shell source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' delete: tags: - Global Key Manager (Individual) summary: Delete a Global Key Manager description: | Delete a Global Key Manager by keyManager id parameters: - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. Key Manager successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' /key-managers/discover: post: tags: - Key Manager (Collection) summary: Retrieve Well-known information from Key Manager Well-known Endpoint description: | Retrieve well-known information from key manager's well-known endpoint requestBody: content: multipart/form-data: schema: properties: url: type: string description: Well-Known Endpoint type: type: string description: | Key Manager Type default: "false" responses: 200: description: | OK. KeyManagers returned content: application/json: schema: $ref: '#/components/schemas/KeyManagerWellKnownResponse' security: - OAuth2Security: - apim:admin - apim:admin_operations - apim:keymanagers_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F "type=WSO2-IS" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/discover"' /key-managers/{keyManagerId}/api-usages: get: tags: - Key Manager (Individual) summary: Retrieve Key Manager Usages (APIs) description: | Retrieves a list of APIs that are specifically utilizing the Key Manager identified by the provided ID. The Key Manager ID should be provided as a path parameter. parameters: - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. KeyManager API usages returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/KeyManagerAPIUsages' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:admin_operations x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450/api-usages"' /key-managers/{keyManagerId}/app-usages: get: tags: - Key Manager (Individual) summary: Retrieve Key Manager Usages (Appilcations) description: | Retrieves a list of Applications that are specifically utilizing the Key Manager identified by the provided ID. The Key Manager ID should be provided as a path parameter. parameters: - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. KeyManager application usages returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/KeyManagerAppUsages' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:admin_operations x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450/app-usages"' ###################################################### # The "API Collection" resource APIs ###################################################### /apis: get: tags: - APIs summary: | Retrieve/Search APIs description: | This operation provides you a list of available APIs qualifying under a given search condition. Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - name: query in: query description: | **Search and get all apis in admin portal**. You can search by proving a keyword. schema: type: string - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. List of qualifying APIs is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SearchResultList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:api_provider_change x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis"' operationId: getAllAPIs ###################################################### # Change Api Provider ###################################################### /apis/{apiId}/change-provider: post: tags: - Api Provider Change summary: Update the api provider description: | Update the api provider operationId: providerNamePost parameters: - name: provider in: query required: true schema: type: string - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Api Provider updated. headers: Content-Type: description: | The content type of the body. schema: type: string 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - apim:api_provider_change x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" "https://127.0.0.1:9443/api/am/admin/v4/provider/admin/apis/33662a62-8db1-4d75-af08-afd63c6bd0b4/change-provider?provider=user1"' ###################################################### # The "Transaction Count" resource API ###################################################### /transaction-count: get: tags: - "Transaction Records" summary: "Get transaction count" description: "This endpoint retrieves the transaction count based on various filter parameters." parameters: - name: "startTime" in: "query" description: "Start time for the transaction count retrieval" required: true schema: type: "string" - name: "endTime" in: "query" description: "End time for the transaction count retrieval" required: true schema: type: "string" responses: 200: description: "Transaction count retrieved successfully" content: application/json: schema: $ref: "#/components/schemas/TransactionCount" default: description: "Unexpected error" content: application/json: schema: $ref: "#/components/schemas/Error" security: - OAuth2Security: - apim:admin ###################################################### # Export API Consumption Data ###################################################### /export-consumption: get: tags: - Consumption summary: | Export API Consumption Data description: | This operation provides a ZIP archive containing API consumption/usage data for a given date range. parameters: - name: fromDate in: query description: | Start date of the export range (inclusive). Format: YYYY-MM-DD. required: true schema: type: string - name: toDate in: query description: | End date of the export range (inclusive). Format: YYYY-MM-DD. required: true schema: type: string responses: 200: description: | OK. Consumption data exported successfully as a ZIP file. headers: Content-Disposition: description: | Indicates the filename for the download (e.g., consumption-report.zip). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/zip: schema: type: string format: binary 400: $ref: '#/components/responses/BadRequest' 401: $ref: '#/components/responses/Unauthorized' 403: $ref: '#/components/responses/Forbidden' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: | curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" \ "https://127.0.0.1:9443/api/am/admin/v4/export-consumption?fromDate=2026-01-01&toDate=2026-03-31" \ > consumption-report.zip operationId: exportConsumptionData ###################################################### # The "Label Collection" resource API ###################################################### /labels: get: tags: - Labels (Collection) summary: Get all Labels description: | Get all Labels responses: 200: description: | OK. Labels returned content: application/json: schema: $ref: '#/components/schemas/LabelList' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/labels"' operationId: getAllLabels post: tags: - Label (Individual) summary: Add a new Label description: | Add a new Label requestBody: description: | Label object that should to be added content: application/json: schema: $ref: '#/components/schemas/Label' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. content: application/json: schema: $ref: '#/components/schemas/Label' 400: $ref: '#/components/responses/BadRequest' 409: $ref: '#/components/responses/Conflict' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels"' operationId: createLabel ###################################################### # The "Individual Label" resource APIs ###################################################### /labels/{labelId}: put: tags: - Label (Individual) summary: Update a Label description: | Update a Label by label id parameters: - $ref: '#/components/parameters/labelId' requestBody: description: | Label object with updated information content: application/json: schema: $ref: '#/components/schemas/Label' required: true responses: 200: description: | OK. Label updated. content: application/json: schema: $ref: '#/components/schemas/Label' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' operationId: updateLabel delete: tags: - Label (Individual) summary: Delete a Label description: | Delete a Label by label id parameters: - $ref: '#/components/parameters/labelId' responses: 200: description: | OK. Label successfully deleted. content: {} 409: $ref: '#/components/responses/Conflict' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' operationId: deleteLabel ###################################################### # The "Label Usage Individual" resource API ###################################################### /labels/{labelId}/usage: get: tags: - Label (Individual) summary: Get a Label Usage description: | Retrieve a single Label Usage. We should provide the Id of the Label as a path parameter. parameters: - $ref: '#/components/parameters/labelId' responses: 200: description: | OK. Label Usage returned content: application/json: schema: $ref: '#/components/schemas/LabelUsage' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779/usage"' operationId: getLabelUsage ###################################################### # The "API Key Collection" resource API ###################################################### /api-keys: get: tags: - APIKeys summary: Get all API Keys description: | Retrieve all API Keys. operationId: getAllAPIKeys responses: 200: description: | OK. API keys returned. content: application/json: schema: $ref: '#/components/schemas/APIKeyList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X GET "https://127.0.0.1:9443/api/am/admin/v4/api-keys"' /api-keys/revoke: post: tags: - APIKeys summary: Revoke an API Key description: | Revoke an API Key for the API operationId: revokeAPIKeyFromAdmin requestBody: description: | API key revoke object content: application/json: schema: $ref: '#/components/schemas/APIKeyRevokeRequest' required: true responses: 200: description: | OK. Api key revoked successfully. content: { } 400: $ref: '#/components/responses/BadRequest' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-keys/ght65523-7650-4255-84fa-6cb171c1f779/d7cf8523-9180-4255-84fa-6cb171c1f779/PRODUCTION/revoke"' components: schemas: Error: title: Error object returned with 4XX HTTP status required: - code - message type: object properties: code: type: integer description: Error code format: int64 message: type: string description: Error message. description: type: string description: | A detail description about the error message. moreInfo: type: string description: | Preferably an url with more details about the error. error: type: array description: | If there are more than one error list them out. For example, list out validation errors by each field. items: $ref: '#/components/schemas/ErrorListItem' ErrorListItem: title: Description of individual errors that may have occurred during a request. required: - code - message type: object properties: code: type: string description: Error code message: type: string description: | Description about individual errors occurred ContentPublishStatus: type: object properties: action: type: string enum: - PUBLISH - UNPUBLISH example: action: PUBLISH ContentPublishStatusResponse: type: object properties: id: type: string description: UUID of the org-theme published: type: boolean description: Publish status of the org-theme ThrottlePolicyList: title: Throttle Policy List type: object properties: count: type: integer description: | Number of Throttling Policies returned. example: 1 list: type: array items: $ref: '#/components/schemas/ThrottlePolicy' pagination: $ref: '#/components/schemas/Pagination' ThrottlePolicyDetailsList: title: Policy List type: object properties: count: type: integer description: | Number of Throttling Policies returned. example: 1 list: type: array items: $ref: '#/components/schemas/ThrottlePolicyDetails' ThrottlePolicyDetails: title: Generic Policy required: - policyName type: object properties: policyId: type: integer description: Id of policy readOnly: true example: 3 uuid: type: string description: UUId of policy readOnly: true example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 policyName: maxLength: 60 minLength: 1 type: string description: Name of policy example: 30PerMin displayName: type: string description: Display name of the policy example: 30PerMin maxLength: 512 description: maxLength: 1024 type: string description: Description of the policy example: Allows 30 request per minute isDeployed: type: boolean description: Indicates whether the policy is deployed successfully or not. default: false type: type: string description: Indicates the type of throttle policy ThrottlePolicy: title: Generic Throttling Policy required: - policyName type: object properties: policyId: type: string description: Id of policy readOnly: true example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 policyName: maxLength: 60 minLength: 1 type: string description: Name of policy example: 30PerMin displayName: type: string description: Display name of the policy example: 30PerMin maxLength: 512 description: maxLength: 1024 type: string description: Description of the policy example: Allows 30 request per minute isDeployed: type: boolean description: Indicates whether the policy is deployed successfully or not. default: false type: type: string description: Indicates the type of throttle policy discriminator: propertyName: type ExportThrottlePolicy: title: Export Throttling Policy type : object properties: type: type: string subtype: type: string version: type: string data: type: object AdvancedThrottlePolicyInfo: title: Advanced Throttling Policy allOf: - $ref: '#/components/schemas/ThrottlePolicy' - type: object properties: defaultLimit: $ref: '#/components/schemas/ThrottleLimit' AdvancedThrottlePolicy: title: Advanced Throttling Policy allOf: - $ref: '#/components/schemas/ThrottlePolicy' - required: - defaultLimit type: object properties: defaultLimit: $ref: '#/components/schemas/ThrottleLimit' conditionalGroups: type: array description: | Group of conditions which allow adding different parameter conditions to the throttling limit. items: $ref: '#/components/schemas/ConditionalGroup' AdvancedThrottlePolicyList: title: Advanced Throttling Policy List type: object properties: count: type: integer description: | Number of Advanced Throttling Policies returned. example: 1 list: type: array items: $ref: '#/components/schemas/AdvancedThrottlePolicyInfo' ApplicationThrottlePolicy: title: Application Throttling Policy allOf: - $ref: '#/components/schemas/ThrottlePolicy' - required: - defaultLimit type: object properties: defaultLimit: $ref: '#/components/schemas/ThrottleLimit' burstLimit: $ref: '#/components/schemas/BurstLimit' ApplicationThrottlePolicyList: title: Application Level Throttling Policy List type: object properties: count: type: integer description: | Number of Application Throttling Policies returned. example: 1 list: type: array items: $ref: '#/components/schemas/ApplicationThrottlePolicy' SubscriptionThrottlePolicy: title: Subscription Throttling Policy allOf: - $ref: '#/components/schemas/ThrottlePolicy' - $ref: '#/components/schemas/GraphQLQuery' - required: - defaultLimit type: object properties: defaultLimit: $ref: '#/components/schemas/ThrottleLimit' monetization: $ref: '#/components/schemas/MonetizationInfo' rateLimitCount: type: integer description: Burst control request count example: 10 rateLimitTimeUnit: type: string description: Burst control time unit example: min subscriberCount: type: integer description: Number of subscriptions allowed example: 10 customAttributes: type: array description: | Custom attributes added to the Subscription Throttling Policy example: [] items: $ref: '#/components/schemas/CustomAttribute' stopOnQuotaReach: type: boolean description: | This indicates the action to be taken when a user goes beyond the allocated quota. If checked, the user's requests will be dropped. If unchecked, the requests will be allowed to pass through. default: false billingPlan: type: string description: | define whether this is Paid or a Free plan. Allowed values are FREE or COMMERCIAL. example: FREE permissions: $ref: '#/components/schemas/SubscriptionThrottlePolicyPermission' SubscriptionThrottlePolicyPermission: title: SubscriptionThrottlePolicyPermission required: - permissionType - roles type: object properties: permissionType: type: string example: deny enum: - ALLOW - DENY roles: type: array example: - Internal/everyone items: type: string GraphQLQuery: title: GraphQL Query type: object properties: graphQLMaxComplexity: type: integer description: Maximum Complexity of the GraphQL query example: 400 graphQLMaxDepth: type: integer description: Maximum Depth of the GraphQL query example: 10 SubscriptionThrottlePolicyList: title: Subscription Level Throttling Policy List type: object properties: count: type: integer description: | Number of Subscription Throttling Policies returned. example: 1 list: type: array items: $ref: '#/components/schemas/SubscriptionThrottlePolicy' CustomRule: title: Custom Rule allOf: - $ref: '#/components/schemas/ThrottlePolicy' - required: - keyTemplate - siddhiQuery type: object properties: siddhiQuery: type: string description: Siddhi query which represents the custom throttling policy example: | FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super' ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\nINSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1 min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled, expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into ResultStream; keyTemplate: type: string description: The specific combination of attributes that are checked in the policy. example: $userId CustomRuleList: title: Custom Rule List type: object properties: count: type: integer description: | Number of Custom Rules returned. example: 1 list: type: array items: $ref: '#/components/schemas/CustomRule' ConditionalGroup: title: Conditional Groups for Throttling required: - conditions - limit type: object properties: description: type: string description: Description of the Conditional Group conditions: type: array description: | Individual throttling conditions. They can be defined as either HeaderCondition, IPCondition, JWTClaimsCondition, QueryParameterCondition Please see schemas of each of those throttling condition in Definitions section. example: | [ { "type": "HEADERCONDITION", "invertCondition": false, "headerCondition": { "headerName": "Host", "headerValue": "10.100.7.77" } }, { "type": "IPCONDITION", "invertCondition": false, "ipCondition": { "ipConditionType": "IPSPECIFIC", "specificIP": "10.100.1.22", "startingIP": null, "endingIP": null } }, { "type": "QUERYPARAMETERCONDITION", "invertCondition": false, "queryParameterCondition": { "parameterName": "name", "parameterValue": "admin" } }, { "type": "JWTCLAIMSCONDITION", "invertCondition": true, "jwtClaimsCondition": { "claimUrl": "claimUrl0", "attribute": "claimAttr0" } } ] items: $ref: '#/components/schemas/ThrottleCondition' limit: $ref: '#/components/schemas/ThrottleLimit' ThrottleCondition: title: Throttling Conditions required: - type type: object properties: type: type: string description: | Type of the throttling condition. Allowed values are "HEADERCONDITION", "IPCONDITION", "JWTCLAIMSCONDITION" and "QUERYPARAMETERCONDITION". enum: - HEADERCONDITION - IPCONDITION - JWTCLAIMSCONDITION - QUERYPARAMETERCONDITION invertCondition: type: boolean description: | Specifies whether inversion of the condition to be matched against the request. **Note:** When you add conditional groups for advanced throttling policies, this paramater should have the same value ('true' or 'false') for the same type of conditional group. default: false headerCondition: $ref: '#/components/schemas/HeaderCondition' ipCondition: $ref: '#/components/schemas/IPCondition' jwtClaimsCondition: $ref: '#/components/schemas/JWTClaimsCondition' queryParameterCondition: $ref: '#/components/schemas/QueryParameterCondition' description: Conditions used for Throttling HeaderCondition: title: HTTP Header based throttling condition required: - headerName - headerValue type: object properties: headerName: type: string description: Name of the header headerValue: type: string description: Value of the header IPCondition: title: IP based throttling condition type: object properties: ipConditionType: type: string description: Type of the IP condition. Allowed values are "IPRANGE" and "IPSPECIFIC" enum: - IPRANGE - IPSPECIFIC specificIP: type: string description: Specific IP when "IPSPECIFIC" is used as the ipConditionType startingIP: type: string description: Staring IP when "IPRANGE" is used as the ipConditionType endingIP: type: string description: Ending IP when "IPRANGE" is used as the ipConditionType JWTClaimsCondition: title: JWT claim attibute based throttling condition required: - attribute - claimUrl type: object properties: claimUrl: type: string description: JWT claim URL attribute: type: string description: Attribute to be matched QueryParameterCondition: title: Query parameter based throttling condition required: - parameterName - parameterValue type: object properties: parameterName: type: string description: Name of the query parameter parameterValue: type: string description: Value of the query parameter to be matched ThrottleLimitBase: title: Throttle Limit Base required: - timeUnit - unitTime type: object properties: timeUnit: type: string description: Unit of the time. Allowed values are "sec", "min", "hour", "day" example: min unitTime: type: integer description: Time limit that the throttling limit applies. example: 10 ThrottleLimit: title: Throttle Limit required: - type type: object properties: type: type: string description: | Type of the throttling limit. Allowed values are "REQUESTCOUNTLIMIT", "BANDWIDTHLIMIT", "EVENTCOUNTLIMIT" and "AIAPIQUOTALIMIT". Please see schemas of "RequestCountLimit", "BandwidthLimit", "EventCountLimit" and "AIAPIQuotaLimit" throttling limit types in Definitions section. example: REQUESTCOUNTLIMIT enum: - REQUESTCOUNTLIMIT - BANDWIDTHLIMIT - EVENTCOUNTLIMIT - AIAPIQUOTALIMIT requestCount: $ref: '#/components/schemas/RequestCountLimit' bandwidth: $ref: '#/components/schemas/BandwidthLimit' eventCount: $ref: '#/components/schemas/EventCountLimit' aiApiQuota: $ref: '#/components/schemas/AIAPIQuotaLimit' BurstLimit: title: Burst Limit object type: object properties: rateLimitCount: type: integer description: Burst control request count example: 10 rateLimitTimeUnit: type: string description: Burst control time unit example: min MonetizationInfo: title: API monetization details object required: - properties type: object properties: monetizationPlan: type: string description: Flag to indicate the monetization plan example: FixedRate enum: - FIXEDRATE - DYNAMICRATE properties: type: object additionalProperties: type: string description: Map of custom properties related to each monetization plan BandwidthLimit: title: Bandwidth Limit object allOf: - $ref: '#/components/schemas/ThrottleLimitBase' - required: - dataAmount - dataUnit type: object properties: dataAmount: type: integer description: Amount of data allowed to be transfered format: int64 example: 1000 dataUnit: type: string description: Unit of data allowed to be transfered. Allowed values are "KB", "MB" and "GB" example: KB RequestCountLimit: title: Request Count Limit object allOf: - $ref: '#/components/schemas/ThrottleLimitBase' - required: - requestCount type: object properties: requestCount: type: integer description: Maximum number of requests allowed format: int64 example: 30 AIAPIQuotaLimit: title: AI API Quota Limit object allOf: - $ref: '#/components/schemas/ThrottleLimitBase' - required: - requestCount type: object properties: requestCount: type: integer description: Maximum number of requests allowed format: int64 example: 300 totalTokenCount: type: integer description: Maximum number of total tokens allowed format: int64 example: 800 promptTokenCount: type: integer description: Maximum number of prompt tokens allowed format: int64 example: 400 completionTokenCount: type: integer description: Maximum number of completion tokens allowed format: int64 example: 500 EventCountLimit: title: Event Count Limit object allOf: - $ref: '#/components/schemas/ThrottleLimitBase' - required: - eventCount type: object properties: eventCount: type: integer description: Maximum number of events allowed format: int64 example: 3000 BlockingCondition: title: Blocking Conditions required: - conditionType - conditionValue type: object properties: conditionId: type: string description: Id of the blocking condition example: b513eb68-69e8-4c32-92cf-852c101363cf conditionType: type: string description: Type of the blocking condition example: IP enum: - API - APPLICATION - IP - IPRANGE - USER conditionValue: type: object properties: {} description: Value of the blocking condition example: fixedIp: 192.168.1.1 invert: false conditionStatus: type: boolean description: Status of the blocking condition example: true description: Blocking Conditions BlockingConditionList: title: Blocking Conditions List type: object properties: count: type: integer description: | Number of Blocking Conditions returned. example: 1 list: type: array items: $ref: '#/components/schemas/BlockingCondition' BlockingConditionStatus: title: Blocking Conditions Status required: - conditionStatus type: object properties: conditionId: type: string description: Id of the blocking condition example: b513eb68-69e8-4c32-92cf-852c101363cf conditionStatus: type: boolean description: Status of the blocking condition example: true description: Blocking Conditions Status CustomAttribute: title: Name-Value pair required: - name - value type: object properties: name: type: string description: Name of the custom attribute example: customAttr1 value: type: string description: Value of the custom attribute example: value1 ApplicationList: title: Application List type: object properties: count: type: integer description: | Number of applications returned. example: 1 list: type: array items: $ref: '#/components/schemas/ApplicationInfo' pagination: $ref: '#/components/schemas/Pagination' ApplicationInfo: title: Application info object with basic application details type: object properties: applicationId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorApp owner: type: string example: admin tokenType: type: string enum: - OAUTH - JWT createdTime: type: string readOnly: true example: "1651555310208" keyManagers: type: array items: $ref: '#/components/schemas/KeyManagerInfo' status: type: string example: APPROVED groupId: type: string example: "" Application: title: Application object with all the application details type: object properties: applicationId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorApp throttlingPolicy: type: string example: Unlimited description: type: string example: Sample calculator application tokenType: type: string enum: - OAUTH - JWT description: | Type of the access token generated for this application. **OAUTH:** A UUID based access token which is issued by default. **JWT:** A self-contained, signed JWT based access token. **Note:** This can be only used in Microgateway environments. default: JWT example: JWT status: type: string example: APPROVED default: "" groups: type: array items: type: string example: "" subscriptionCount: type: integer attributes: type: object additionalProperties: type: string example: External Reference ID, Billing Tier subscriptionScopes: type: array items: $ref: '#/components/schemas/ScopeInfo' owner: description: | Application created user type: string example: admin ScopeInfo: title: API Scope info object with scope details type: object properties: key: type: string example: admin_scope name: type: string example: admin scope roles: type: array items: type: string description: Allowed roles for the scope example: ["manager","developer"] description: type: string description: Description of the scope APIInfoList: title: API Info List type: object properties: count: type: integer description: | Number of API Info objects returned. example: 1 list: type: array items: $ref: '#/components/schemas/APIInfo' APIInfo: title: API info object with basic API details type: object properties: name: type: string description: The name of the API. example: PizzaShackAPI displayName: type: string example: PizzaShack API description: | Display name of the API. This is the name that will be displayed in the Publisher and DevPortal. If not provided, the name will be used as the display name. version: type: string description: The version of the API example: 1.0.0 provider: type: string description: The provider of the API example: admin Environment: title: Environment required: - name - vhosts type: object properties: id: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 name: maxLength: 255 minLength: 1 pattern: '^[a-zA-Z0-9_-]+$' type: string example: us-region displayName: maxLength: 255 minLength: 1 type: string example: US Region provider: type: string example: wso2 type: type: string default: hybrid example: hybrid gatewayType: type: string example: Regular default: Regular description: maxLength: 1023 type: string example: Gateway environment in US Region isReadOnly: type: boolean example: false default: false deprecated: true mode: type: string enum: - READ_ONLY - READ_WRITE - WRITE_ONLY example: READ_WRITE default: WRITE_ONLY description: | The mode of the environment. This indicates whether the environment is in read-only or read-write mode. **READ_ONLY:** The environment is in read-only mode. API cannot be deployed, only discovery is possible. **READ_WRITE:** The environment is in read-write mode. APIs can be deployed and discovered. **WRITE_ONLY:** The environment is in write-only mode/ APIs only can be deployed. apiDiscoveryScheduledWindow: type: integer description: | The time window in minutes to schedule the API discovery task. This is used to discover APIs from the API Gateway and update the API list in the environment. default: 60 vhosts: type: array minItems: 1 items: $ref: '#/components/schemas/VHost' endpointURIs: type: array items: $ref: '#/components/schemas/GatewayEnvironmentProtocolURI' additionalProperties: type: array items: $ref: '#/components/schemas/AdditionalProperty' permissions: type: object properties: permissionType: type: string example: ALLOW default: PUBLIC enum: - PUBLIC - ALLOW - DENY roles: type: array items: type: string example: Internal/everyone status: type: string readOnly: true description: For platform gateway environments (gatewayType APIPlatform), connection status to the control plane (Active or Inactive). example: Active default: Active enum: - Active - Inactive vhost: type: string format: uri readOnly: true description: For platform gateway environments, the gateway URL (e.g. https://host:9443). Same as Platform Gateways API; only set when this environment represents a platform gateway. example: https://mg.wso2.com platformGatewayVersions: type: array readOnly: true description: API Platform Gateway versions from config. Set for deploy targets so UI can show version choices in the quick-start guide. items: type: string example: "1.0.0" EnvironmentList: title: Environment List type: object properties: count: type: integer description: | Number of Environments returned. example: 1 list: type: array items: $ref: '#/components/schemas/Environment' GatewayInstanceList: title: Gateway instance list type: object properties: count: type: integer description: | Number of Gateway Instances returned. example: 1 list: type: array items: $ref: '#/components/schemas/GatewayInstance' GatewayInstance: title: Gateway instance in the gateway environment type: object required: - gatewayId properties: gatewayId: type: string example: "Env1_1372344" lastActive: type: string example: "2025-06-26T06:47:50Z" status: type: string example: ACTIVE default: ACTIVE enum: - ACTIVE - EXPIRED ApplicationUpdateRequest: type: object description: Request body to update application attributes properties: owner: type: string description: The new owner of the application tokenType: type: string description: The type of token for the application (e.g., JWT) enum: - JWT CreatePlatformGatewayRequest: title: Create Platform Gateway Request description: Request body for creating a platform gateway (name, displayName, vhost as URL, optional properties). Same property name as platform API; type is URL. required: - name - displayName - vhost type: object properties: name: type: string pattern: '^[a-z0-9-]+$' minLength: 3 maxLength: 64 description: URL-friendly gateway identifier (lowercase alphanumeric with hyphens, unique per organization) example: prod-gateway-01 displayName: type: string minLength: 1 maxLength: 128 description: Human-readable gateway name example: Production Gateway 01 description: type: string maxLength: 1023 description: Optional description vhost: type: string format: uri description: Gateway URL (e.g. https://mg.example.com:9443). Same name as platform API; type is URL. Server persists host internally. example: https://mg.wso2.com properties: type: object additionalProperties: true description: Custom key-value properties for the gateway example: {"region": "us-west", "tier": "premium"} permissions: type: object description: Gateway visibility permissions configuration properties: permissionType: type: string enum: [PUBLIC, ALLOW, DENY] default: PUBLIC description: | Permission type for gateway visibility: - PUBLIC: Gateway is visible to all users - ALLOW: Gateway is visible only to specified roles - DENY: Gateway is hidden from specified roles roles: type: array items: type: string description: List of roles for ALLOW/DENY permission types example: ["admin", "publisher"] example: permissionType: ALLOW roles: ["admin", "publisher"] UpdatePlatformGatewayRequest: title: Update Platform Gateway Request description: | Request body for PUT /gateways/{gatewayId}. Per PUT semantics, send the full resource representation. Name and vhost are immutable (server validates they match the existing gateway). required: - name - displayName - vhost type: object properties: name: type: string pattern: '^[a-z0-9-]+$' minLength: 3 maxLength: 64 description: Gateway identifier (immutable; must match existing). Required for PUT full representation. vhost: type: string format: uri description: Gateway URL (immutable; must match existing). Same name as platform API; type is URL. Example https://mg.wso2.com example: https://mg.wso2.com displayName: type: string minLength: 1 maxLength: 128 description: Human-readable gateway name example: Production Gateway 01 description: type: string maxLength: 1023 description: Optional description properties: type: object additionalProperties: true description: Custom key-value properties for the gateway example: {"region": "us-west", "tier": "premium"} permissions: type: object description: Gateway visibility permissions (on-prem extension) properties: permissionType: type: string enum: [PUBLIC, ALLOW, DENY] default: PUBLIC roles: type: array items: type: string description: List of roles for ALLOW/DENY permission types PlatformGatewayResponse: title: Platform Gateway Response description: Platform gateway response (without registration token). Used for list and get. type: object properties: id: type: string readOnly: true description: Gateway UUID name: type: string displayName: type: string description: type: string properties: type: object additionalProperties: true description: Custom key-value properties vhost: type: string format: uri readOnly: true description: Gateway URL (e.g. https://host or https://host:9443). Same name as platform API; type is URL. isActive: type: boolean readOnly: true description: Indicates if the gateway is currently connected to the control plane via WebSocket permissions: type: object description: Gateway visibility permissions configuration properties: permissionType: type: string enum: [PUBLIC, ALLOW, DENY] default: PUBLIC description: | Permission type for gateway visibility: - PUBLIC: Gateway is visible to all users - ALLOW: Gateway is visible only to specified roles - DENY: Gateway is hidden from specified roles roles: type: array items: type: string description: List of roles for ALLOW/DENY permission types createdAt: type: string format: date-time readOnly: true updatedAt: type: string format: date-time readOnly: true GatewayResponseWithToken: title: Gateway Response With Token description: Platform gateway response including the one-time registration token (POST create or regenerate-token). allOf: - $ref: '#/components/schemas/PlatformGatewayResponse' - type: object properties: registrationToken: type: string description: | Registration token (returned only once on create or regenerate). Use as api-key when connecting the gateway to the control plane WebSocket. Store e.g. as GATEWAY_REGISTRATION_TOKEN. GatewayList: title: Gateway List type: object properties: count: type: integer description: Number of platform gateways returned list: type: array items: $ref: '#/components/schemas/PlatformGatewayResponse' Organization: title: Organization required: - externalOrganizationId type: object properties: organizationId: type: string example: ece92bdc-e1e6-325c-b6f4-656208a041e9 readOnly: true description: | UUID of the organization. externalOrganizationId: type: string example: ece92bdc-e1e6-325c-b6f4-656208a041e9 description: | External id of the organization. parentOrganizationId: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 description: | UUID of the parent organization if there is any. displayName: maxLength: 255 minLength: 1 type: string example: My Organization description: maxLength: 1023 type: string example: My Organization Description OrganizationList: title: Organization List type: object properties: count: type: integer description: | Number of Organizationa returned. example: 1 list: type: array items: $ref: '#/components/schemas/Organization' AIServiceProviderRequest: title: AIServiceProvider required: - name - apiVersion - configurations - apiDefinition type: object properties: name: maxLength: 255 minLength: 1 type: string example: OpenAI apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 description: maxLength: 1023 type: string example: OpenAI LLM multipleModelProviderSupport: type: string description: | Indicates whether the AI Service Provider supports multiple model providers. If true, the AI Service Provider can support multiple model providers. If false, the AI Service Provider supports only one model provider. default: "false" configurations: type: string description: LLM Provider configurations apiDefinition: type: string description: OpenAPI specification format: binary modelProviders: type: string ModelProvider: title: Model Provider type: object required: - name - models properties: models: type: array items: type: string example: "gpt-4o" name: type: string example: OpenAI AIServiceProviderResponse: title: AIServiceProviderResponse type: object properties: id: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 name: maxLength: 255 minLength: 1 type: string example: OpenAI apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 builtInSupport: type: boolean description: Is built-in support multipleModelProviderSupport: type: boolean description: | Indicates whether the AI Service Provider supports multiple model providers. If true, the AI Service Provider can support multiple model providers. If false, the AI Service Provider supports only one model provider. description: maxLength: 1023 type: string example: OpenAI LLM configurations: type: string description: LLM Provider configurations apiDefinition: type: string description: OpenAPI specification modelProviders: type: array description: List of model providers supported by the AI Service Provider items: $ref: '#/components/schemas/ModelProvider' deprecated: type: boolean description: Indicates if the LLM provider is deprecated example: false AIServiceProviderSummaryResponse: title: AIServiceProviderSummaryResponse type: object required: - name - apiVersion properties: id: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 name: maxLength: 255 minLength: 1 type: string example: open-ai apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 builtInSupport: type: boolean description: Is built-in support description: maxLength: 1023 type: string example: OpenAI LLM Provider deprecated: type: boolean description: Indicates if the LLM provider is deprecated example: false AIServiceProviderSummaryResponseList: title: AIServiceProviderSummaryResponseList type: object properties: count: type: integer description: | Number of LLM Providers returned. example: 1 list: type: array items: $ref: '#/components/schemas/AIServiceProviderSummaryResponse' LLMProviderRequest: title: LLMProvider type: object properties: name: maxLength: 255 minLength: 1 type: string example: OpenAI apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 description: maxLength: 1023 type: string example: OpenAI LLM configurations: type: string description: LLM Provider configurations apiDefinition: type: string description: OpenAPI specification format: binary modelList: type: string description: List of models supported by the LLM Provider as a stringified JSON array LLMProviderResponse: title: LLMProviderResponse type: object properties: id: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 name: maxLength: 255 minLength: 1 type: string example: OpenAI apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 builtInSupport: type: boolean description: Is built-in support description: maxLength: 1023 type: string example: OpenAI LLM configurations: type: string description: LLM Provider configurations apiDefinition: type: string description: OpenAPI specification modelList: type: array items: type: string description: List of models supported by the LLM Provider LLMProviderSummaryResponse: title: LLMProviderSummaryResponse type: object properties: id: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 name: maxLength: 255 minLength: 1 type: string example: open-ai apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 builtInSupport: type: boolean description: Is built-in support description: maxLength: 1023 type: string example: OpenAI LLM Provider LLMProviderSummaryResponseList: title: LLMProviderSummaryResponseList type: object properties: count: type: integer description: | Number of LLM Providers returned. example: 1 list: type: array items: $ref: '#/components/schemas/LLMProviderSummaryResponse' VHost: title: Virtual Host required: - host type: object properties: host: maxLength: 255 minLength: 1 type: string example: mg.wso2.com httpContext: maxLength: 255 minLength: 0 # TODO (renuka) check this regex: not allowed: (_ .) and allowed: (- /) pattern: '^\/?([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])*$' type: string example: pets httpPort: type: integer example: 80 httpsPort: type: integer example: 443 wsPort: type: integer example: 9099 wsHost: type: string example: mg.wso2.com wssPort: type: integer example: 8099 wssHost: type: string example: mg.wso2.com AdditionalProperty: title: Additional Gateway Properties type: object properties: key: type: string example: Organization value: type: string example: wso2 GatewayEnvironmentProtocolURI: title: Gateway Environment protocols and URIs required: - protocol - endpointURI type: object properties: protocol: type: string example: default endpointURI: type: string example: default PublishStatus: title: Usage publish status type: object properties: status: type: string description: Status of the usage publish request example: successfull message: type: string description: detailed message of the status example: Records published successfully MonetizationUsagePublishInfo: title: Usage publish status type: object properties: state: type: string description: State of usage publish job example: RUNNING status: type: string description: Status of usage publish job example: SUCCESSFULL startedTime: type: string description: Timestamp of the started time of the Job example: "1599196134000" lastPublsihedTime: type: string description: Timestamp of the last published time example: "1599196134000" Workflow: title: workflow required: - status type: object properties: status: type: string description: | This attribute declares whether this workflow task is approved or rejected. example: APPROVED enum: - APPROVED - REJECTED attributes: type: object additionalProperties: type: string description: | Custom attributes to complete the workflow task example: {} description: type: string example: Approve workflow request. TenantInfo: title: Tenant information type: object properties: username: type: string example: john tenantDomain: type: string example: carbon.super tenantId: type: integer example: -1234 description: The tenant information of the user CustomUrlInfo: title: Custom url information type: object properties: tenantDomain: type: string example: carbon.super tenantAdminUsername: type: string example: john@foo.com enabled: type: boolean example: true devPortal: type: object properties: url: type: string example: http://example.com description: The custom url information of the tenant domain APICategory: title: API Category required: - name type: object properties: id: type: string readOnly: true example: 01234567-0123-0123-0123-012345678901 name: maxLength: 255 minLength: 1 type: string example: Finance description: maxLength: 1024 type: string example: Finance related APIs numberOfAPIs: type: integer readOnly: true example: 1 APICategoryList: title: API Category List type: object properties: count: type: integer description: | Number of API categories returned. example: 1 list: type: array items: $ref: '#/components/schemas/APICategory' FileInfo: title: File Information including meta data type: object properties: relativePath: type: string description: relative location of the file (excluding the base context and host of the Admin API) example: api-categories/01234567-0123-0123-0123-012345678901/thumbnail mediaType: type: string description: media-type of the file example: image/jpeg Settings: title: Settings type: object properties: scopes: type: array items: type: string gatewayTypes: type: array items: type: string IsJWTEnabledForLoginTokens: type: boolean default: false orgAccessControlEnabled: type: boolean description: | Is Organization-based access control configuration enabled example: true keyManagerConfiguration: type: array items: type: object properties: type: type: string example: default displayName: type: string example: default defaultConsumerKeyClaim: type: string example: azp defaultScopesClaim: type: string example: scope authConfigurations: type: array items: $ref: '#/components/schemas/KeyManagerConfiguration' configurations: type: array items: $ref: '#/components/schemas/KeyManagerConfiguration' endpointConfigurations: type: array items: $ref: '#/components/schemas/KeyManagerConfiguration' configurationConstraints: type: array items: $ref: '#/components/schemas/ConfigurationConstraint' gatewayConfiguration: type: array items: type: object properties: type: type: string example: default displayName: type: string example: default supportedModes: type: array items: type: string example: 'READ_WRITE' configurations: type: array items: $ref: '#/components/schemas/GatewayConfiguration' defaultHostnameTemplate: type: string example: '{apiId}.execute-api.{region}.amazonaws.com' analyticsEnabled: type: boolean description: To determine whether analytics is enabled or not example: false transactionCounterEnable: type: boolean description: To determine whether the transaction counter is enabled or not example: false isGatewayNotificationEnabled: type: boolean description: Is Gateway Notification Enabled default: false platformGatewayVersions: type: array description: API Platform Gateway versions for the quick-start guide. items: type: string example: "1.0.0" consumptionExportEnabled: type: boolean description: Whether the ConsumptionDataExportService OSGi service is available example: false ScopeList: title: Scope Role Mapping List type: object properties: count: type: integer description: | Number of scopes available for tenant. readOnly: true example: 60 list: type: array items: $ref: '#/components/schemas/Scope' Scope: title: Scope Role type: object properties: tag: type: string description: | Portal name. example: publisher name: type: string description: | Scope name. example: apim:api_publish description: type: string description: | About scope. example: Publish API roles: type: array description: | Roles for the particular scope. example: - admin - Internal/publisher items: type: string KeyManagerWellKnownResponse: title: Key Manager Well-Known Response. type: object properties: valid: type: boolean example: true default: false value: $ref: '#/components/schemas/KeyManager' KeyManager: title: Key Manager required: - name - type type: object properties: id: type: string readOnly: true example: 01234567-0123-0123-0123-012345678901 name: maxLength: 100 minLength: 1 type: string example: WSO2 Identity Server displayName: maxLength: 100 type: string description: | display name of Key Manager to show in UI example: WSO2 Identity Server type: maxLength: 45 minLength: 1 type: string example: WSO2-IS description: maxLength: 256 type: string example: This is a key manager for Developers wellKnownEndpoint: type: string description: | Well-Known Endpoint of Identity Provider. example: "" introspectionEndpoint: type: string example: https://localhost:9444/oauth2/introspect deprecated: true clientRegistrationEndpoint: type: string example: https://localhost:9444/keymanager-operations/dcr/register deprecated: true tokenEndpoint: type: string example: https://localhost:9444/oauth2/token deprecated: true displayTokenEndpoint: type: string example: https://localhost:9444/oauth2/token deprecated: true revokeEndpoint: type: string example: https://localhost:9444/oauth2/revoke deprecated: true displayRevokeEndpoint: type: string example: https://localhost:9444/oauth2/revoke deprecated: true userInfoEndpoint: type: string example: https://localhost:9444/oauth2/userinfo?schema=openid deprecated: true authorizeEndpoint: type: string example: https://localhost:9444/oauth2/authorize deprecated: true endpoints: type: array items: $ref: '#/components/schemas/KeyManagerEndpoint' certificates: type: object properties: type: type: string enum: - JWKS - PEM value: type: string issuer: type: string example: https://localhost:9444/services alias: type: string description: | The alias of Identity Provider. If the tokenType is EXCHANGED, the alias value should be inclusive in the audience values of the JWT token example: https://localhost:9443/oauth2/token scopeManagementEndpoint: type: string example: https://wso2is.com:9444/api/identity/oauth2/v1.0/scopes deprecated: true availableGrantTypes: type: array items: type: string example: client_credentials enableTokenGeneration: type: boolean example: true enableTokenEncryption: type: boolean example: false default: false enableTokenHashing: type: boolean example: false default: false enableMapOAuthConsumerApps: type: boolean example: false default: false enableOAuthAppCreation: type: boolean example: false default: false enableProvisionedAppValidation: type: boolean example: true default: true enableSelfValidationJWT: type: boolean example: true default: true claimMapping: type: array items: $ref: '#/components/schemas/ClaimMappingEntry' consumerKeyClaim: type: string example: azp scopesClaim: type: string example: scp tokenValidation: type: array items: $ref: '#/components/schemas/TokenValidation' enabled: type: boolean example: true global: type: boolean example: true additionalProperties: type: object properties: {} example: self_validate_jwt: true Username: admin Password: admin permissions: type: object properties: permissionType: type: string example: ALLOW default: PUBLIC enum: - PUBLIC - ALLOW - DENY roles: type: array items: type: string example: Internal/subscriber tokenType: type: string description: The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED, DIRECT and BOTH. example: EXCHANGED default: DIRECT enum: - EXCHANGED - DIRECT - BOTH allowedOrganizations: type: array items: type: string KeyManagerEndpoint: title: Key Manager Endpoint. required: - name - value type: object properties: name: type: string example: 'token_endpoint' value: type: string example: 'https://localhost:9443/oauth2/token' KeyManagerInfo: title: Key Manager Info required: - name - type type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: WSO2 IS type: type: string example: IS description: type: string example: This is a key manager for Developers enabled: type: boolean example: true isGlobal: type: boolean example: true isUsed: type: boolean example: true tokenType: type: string description: The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED, DIRECT and BOTH. example: EXCHANGED default: DIRECT enum: - EXCHANGED - DIRECT - BOTH KeyManagerConfiguration: title: Key Manager Configuration type: object properties: name: type: string example: consumer_key label: type: string example: Consumer Key type: type: string example: select required: type: boolean example: true mask: type: boolean example: true multiple: type: boolean example: true tooltip: type: string example: Enter username to connect to key manager default: type: object properties: { } example: admin values: type: array items: type: object properties: { } updateDisabled: type: boolean description: Indicates that this configuration field cannot be modified once the Key Manager is created. default: false example: true ConfigurationConstraint: title: Configurable Configuration Constraints type: object properties: name: type: string example: application_access_token_expiry_time label: type: string example: Access Token Expiry type: type: string example: input multiple: type: boolean example: true tooltip: type: string example: Define the valid range for token expiration in seconds. constraintType: type: string example: RANGE values: type: array items: type: object properties: { } default: type: object properties: { } GatewayConfiguration: title: Gateway Configuration type: object properties: name: type: string example: consumer_key label: type: string example: Consumer Key type: type: string example: select required: type: boolean example: true mask: type: boolean example: true multiple: type: boolean example: true tooltip: type: string example: Enter username default: type: object properties: {} example: admin values: type: array items: type: object properties: {} KeyManagerList: title: Key Manager List type: object properties: count: type: integer description: | Number of Key managers returned. example: 1 list: type: array items: $ref: '#/components/schemas/KeyManagerInfo' KeyManagerAppUsages: title: Key Manager Application Usages. required: - applicationCount - applications type: object properties: applicationCount: type: integer description: The total count of applications. applications: type: array items: $ref: '#/components/schemas/ApplicationInfoKeyManager' ApplicationInfoKeyManager: type: object properties: name: type: string description: The name of the application. uuid: type: string description: The UUID of the application. organizationId: type: string nullable: true description: The ID of the organization to which the application belongs. owner: type: string description: The owner of the application. organization: type: string description: The organization of the application. required: - name - uuid - owner - organization KeyManagerAPIUsages: title: Key Manager API Usages. required: - apiCount - apis type: object properties: apiCount: type: integer description: The total count of APIs. apis: type: array items: $ref: '#/components/schemas/APIInfoKeyManager' APIInfoKeyManager: type: object properties: id: type: string description: The ID of the API. type: type: string description: The type of the entry (e.g., "API"). name: type: string description: The name of the API. transportType: type: string description: The transport type of the API. description: type: string nullable: true description: The description of the API. context: type: string description: The context of the API. version: type: string description: The version of the API. provider: type: string description: The provider of the API. status: type: string description: The status of the API. thumbnailUri: type: string nullable: true description: The URI of the thumbnail of the API. advertiseOnly: type: boolean description: Indicates if the API is advertised only. keyManagerEntry: type: string description: The key manager entry related to the API. required: - id - name - version - provider ClaimMappingEntry: title: Claim Mapping Configuration type: object properties: remoteClaim: type: string example: http://idp.org/username localClaim: type: string example: http://wso2.org/username TokenValidation: title: Token handling Configuration type: object properties: id: type: integer enable: type: boolean example: false default: true type: type: string enum: - REFERENCE - JWT - CUSTOM value: type: object properties: {} ScopeSettings: title: Settings type: object properties: name: type: string example: apim:subscribe AlertTypesList: title: Alert Types List type: object properties: count: type: integer description: The number of alerts example: 3 alerts: type: array items: $ref: '#/components/schemas/AlertType' AlertType: title: Alert Type type: object properties: id: type: string description: The alert Id example: "1" name: type: string description: The name of the alert. example: AbnormalResponseTime AlertsSubscription: title: Alerts Subscription type: object properties: alerts: type: array items: $ref: '#/components/schemas/AlertType' emailList: type: array items: type: string format: email example: admin@wso2.com BotDetectionAlertSubscriptionList: title: Bot Detection Alert Subscription List type: object properties: count: type: integer description: | Number of Bot Detection Alert Subscriptions returned. example: 3 list: type: array items: $ref: '#/components/schemas/BotDetectionAlertSubscription' BotDetectionAlertSubscription: title: Bot Detection Alert Subscription required: - email type: object properties: uuid: type: string description: UUID of the subscription example: urn:uuid:1ed6d2de-29df-4fed-a96a-46d2329dce65 email: type: string description: email example: abc@gmail.com WorkflowList: title: WorkflowList type: object properties: count: type: integer description: | Number of workflow processes returned. example: 1 next: type: string description: | Link to the next subset of resources qualified. Empty if no more resources are to be returned. example: /workflows?limit=1&offset=2&user= previous: type: string description: | Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. example: /workflows?limit=1&offset=0&user= list: type: array items: $ref: '#/components/schemas/WorkflowInfo' WorkflowInfo: title: Workflow info object with basic workflow details type: object properties: workflowType: type: string description: | Type of the Workflow Request. It shows which type of request is it. example: APPLICATION_CREATION enum: - APPLICATION_CREATION - SUBSCRIPTION_CREATION - USER_SIGNUP - APPLICATION_REGISTRATION_PRODUCTION - APPLICATION_REGISTRATION_SANDBOX - APPLICATION_DELETION - API_STATE - API_PRODUCT_STATE - SUBSCRIPTION_DELETION - SUBSCRIPTION_UPDATE - REVISION_DEPLOYMENT - APPLICATION_UPDATE workflowStatus: type: string description: | Show the Status of the the workflow request whether it is approved or created. example: APPROVED enum: - APPROVED - CREATED createdTime: type: string description: | Time of the the workflow request created. example: 2020-02-10 10:10:19.704 updatedTime: type: string description: | Time of the the workflow request updated. example: 2020-02-10 10:10:19.704 referenceId: type: string description: | Workflow external reference is used to identify the workflow requests uniquely. example: 5871244b-d6f3-466e-8995-8accd1e64303 properties: type: object properties: {} description: type: string description: | description is a message with basic details about the workflow request. example: Approve application [APP1] creation request from application creator - admin with throttling tier - 10MinPer WorkflowResponse: title: workflow Response required: - workflowStatus type: object properties: workflowStatus: type: string description: | This attribute declares whether this workflow task is approved or rejected. example: APPROVED enum: - CREATED - APPROVED - REJECTED - REGISTERED jsonPayload: type: string description: | Attributes that returned after the workflow execution BotDetectionDataList: title: Bot Detection Data List type: object properties: count: type: integer description: | Number of Bot Detection Data returned. example: 1 list: type: array items: $ref: '#/components/schemas/BotDetectionData' BotDetectionData: title: Bot Detection Data type: object properties: recordedTime: type: integer description: The time of detection format: int64 example: 1591734138413 messageID: type: string description: The message ID example: urn:uuid:1ed6d2de-29df-4fed-a96a-46d2329dce65 apiMethod: type: string description: The api method example: GET headerSet: type: string description: The header set example: '[Accept=*/*, Host=localhost:8243, User-Agent=curl/7.58.0]' messageBody: type: string description: The content of the message body example: clientIp: type: string description: The IP of the client example: 127.0.0.1 OrganizationInfo: title: Organization Info type: object properties: organizationId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: My Organization RoleAliasList: title: Role alias list type: object properties: count: type: integer description: The number of role aliases example: 1 list: type: array items: $ref: '#/components/schemas/RoleAlias' RoleAlias: title: Role alias type: object properties: role: type: string description: The original role example: Internal/subscriber aliases: type: array description: The role mapping for role alias example: - Subscriber - Internal/subscriber items: type: string Pagination: title: Pagination type: object properties: offset: type: integer example: 0 limit: type: integer example: 1 total: type: integer example: 10 next: type: string description: | Link to the next subset of resources qualified. Empty if no more resources are to be returned. example: "" previous: type: string description: | Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. example: "" PaginationApis: title: Pagination type: object properties: offset: type: integer example: 0 limit: type: integer example: 1 total: type: integer example: 10 next: type: string description: | Link to the next subset of resources qualified. Empty if no more resources are to be returned. previous: type: string description: | Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. SearchResultList: title: Unified Search Result List type: object properties: apis: type: array items: $ref: '#/components/schemas/ApiResult' count: type: integer description: | Number of results returned. example: 1 pagination: $ref: '#/components/schemas/Pagination' ApiResult: type: object properties: provider: type: string name: type: string version: type: string id: type: string TransactionCount: type: object properties: count: type: integer example: 120 Label: title: Label required: - name type: object properties: id: type: string readOnly: true example: d7cf8523-9180-4255-84fa-6cb171c1f779 name: maxLength: 255 minLength: 1 type: string example: Health description: maxLength: 1024 type: string example: Health related APIs LabelList: title: Label List type: object properties: count: type: integer description: Number of labels returned. example: 1 list: type: array description: List of labels. items: $ref: '#/components/schemas/Label' pagination: $ref: '#/components/schemas/Pagination' LabelUsage: title: Label Usage type: object properties: apis: type: object description: | List of APIs associated with the label. properties: count: type: integer description: Number of APIs associated with the label. example: 1 list: type: array description: List of APIs associated with the label. items: $ref: '#/components/schemas/ApiResult' APIKey: title: API Key details to invoke APIs type: object properties: keyUUID: type: string description: The UUID of the API key keyName: type: string description: API Key name example: Test_Key apiName: type: string description: API Name example: NotificationsAPI applicationName: type: string description: Application Name example: DefaultApplication keyType: type: string description: Application Key Type example: PRODUCTION enum: - PRODUCTION - SANDBOX user: type: string description: Owner of the Application example: Bob issuedOn: type: integer format: int64 description: Created time in Unix epoch milliseconds example: 1599196134000 validityPeriod: type: integer format: int64 example: 3600 lastUsed: type: integer format: int64 nullable: true description: Last used time in Unix epoch milliseconds example: 1599196134000 APIKeyList: title: API Keys List type: object properties: count: type: integer description: | Number of API keys returned. example: 1 list: type: array items: $ref: '#/components/schemas/APIKey' APIKeyRevokeRequest: title: API Key revoke request object type: object required: - keyUUID properties: keyUUID: type: string description: The UUID of the API key responses: BadRequest: description: Bad Request. Invalid request or validation error. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 400 message: Bad Request description: Invalid request or validation error moreInfo: "" error: [] Conflict: description: Conflict. Specified resource already exists. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 409 message: Conflict description: Specified resource already exists moreInfo: "" error: [] Forbidden: description: Forbidden. The request must be conditional but no condition has been specified. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 403 message: Forbidden description: The request must be conditional but no condition has been specified moreInfo: "" error: [] InternalServerError: description: Internal Server Error. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 500 message: Internal Server Error description: The server encountered an internal error. Please contact administrator. moreInfo: "" error: [] NotAcceptable: description: Not Acceptable. The requested media type is not supported. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 406 message: Not Acceptable description: The requested media type is not supported moreInfo: "" error: [] NotFound: description: Not Found. The specified resource does not exist. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 404 message: Not Found description: The specified resource does not exist moreInfo: "" error: [] PayloadTooLarge: description: Payload Too Large. Request entity is larger than limits defined by server. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 413 message: Payload Too Large description: Request entity is larger than limits defined by server moreInfo: "" error: [] PreconditionFailed: description: Precondition Failed. The request has not been performed because one of the preconditions is not met. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 412 message: Precondition Failed description: The request has not been performed because one of the preconditions is not met moreInfo: "" error: [] Unauthorized: description: Unauthorized. The user is not authorized. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 401 message: Unauthorized description: The user is not authorized moreInfo: "" error: [] UnsupportedMediaType: description: Unsupported Media Type. The entity of the request was not in a supported format. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 415 message: Unsupported media type description: The entity of the request was not in a supported format moreInfo: "" error: [] parameters: If-None-Match: name: If-None-Match in: header description: | Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource. schema: type: string requestedTenant: name: X-WSO2-Tenant in: header description: | For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be retirieved from. schema: type: string sortBy: name: sortBy in: query description: | Criteria for sorting. schema: type: string default: createdTime enum: - apiName - version - createdTime - status sortOrder: name: sortOrder in: query description: | Order of sorting(ascending/descending). schema: type: string default: desc enum: - asc - desc username: name: username in: query description: | username of the new application owner required: true schema: type: string scopeName: name: scopeName in: path description: | Base64 URL encoded value of the scope name to be validated required: true schema: type: string environmentId: name: environmentId in: path description: | Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded required: true schema: type: string organizationId: name: organizationId in: path description: | Organization UUID required: true schema: type: string llmProviderId: name: llmProviderId in: path description: | LLM Provider UUID required: true schema: type: string aiServiceProviderId: name: aiServiceProviderId in: path description: | AI Service Provider UUID required: true schema: type: string policyId: name: policyId in: path description: | Thorttle policy UUID required: true schema: type: string ruleId: name: ruleId in: path description: | Custom rule UUID required: true schema: type: string applicationId: name: applicationId in: path description: | Application UUID required: true schema: type: string conditionId: name: conditionId in: path description: | Blocking condition identifier required: true schema: type: string Accept: name: Accept in: header description: | Media types acceptable for the response. Default is application/json. schema: type: string default: application/json Content-Type: name: Content-Type in: header description: | Media type of the entity in the body. Default is application/json. required: true schema: type: string default: application/json limit: name: limit in: query description: | Maximum size of resource array to return. schema: type: integer default: 25 offset: name: offset in: query description: | Starting point within the complete list of items qualified. schema: type: integer default: 0 user: name: user in: query description: | username of the application creator schema: type: string workflowReferenceId-Q: name: workflowReferenceId in: query description: | Workflow reference id required: true schema: type: string apiCategoryId: name: apiCategoryId in: path description: | API Category UUID required: true schema: type: string keyManagerId: name: keyManagerId in: path description: | Key Manager UUID required: true schema: type: string roleId: name: roleId in: path description: | The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be derived as Base64URLEncode({user-store-name}/{role-name}). required: true schema: type: string apiId: name: apiId in: path description: | **API ID** consisting of the **UUID** of the API. required: true schema: type: string labelId: name: labelId in: path description: | Label UUID required: true schema: type: string keyType: name: keyType in: path description: | **Application Key Type** standing for the type of the keys (i.e. Production or Sandbox). required: true schema: type: string enum: - PRODUCTION - SANDBOX securitySchemes: OAuth2Security: type: oauth2 flows: password: tokenUrl: https://localhost:9443/oauth2/token scopes: openid: Authorize access to user details apim:policies_import_export: Export and import policies related operations apim:admin: Manage all admin operations apim:tier_view: View throttling policies apim:tier_manage: Update and delete throttling policies apim:admin_tier_view: View throttling policies apim:admin_tier_manage: Update and delete throttling policies apim:bl_view: View deny policies apim:bl_manage: Update and delete deny policies apim:mediation_policy_view: View mediation policies apim:mediation_policy_create: Create and update mediation policies apim:app_owner_change: Retrieve and manage applications apim:app_settings_change: Change Application Settings apim:app_import_export: Import and export applications related operations apim:api_import_export: Import and export APIs related operations apim:api_product_import_export: Import and export API Products related operations apim:environment_manage: Manage gateway environments apim:environment_read: Retrieve gateway environments apim:monetization_usage_publish: Retrieve and publish Monetization related usage records apim:api_workflow_approve: Manage workflows apim:bot_data: Retrieve bot detection data apim:tenantInfo: Retrieve tenant related information apim:tenant_theme_manage: Manage tenant themes apim:admin_operations: Manage API categories and Key Managers related operations apim:api_category: Manage API categories apim:admin_settings: Retrieve admin settings apim:admin_alert_manage: Manage admin alerts apim:api_workflow_view: Retrive workflow requests apim:scope_manage: Manage system scopes apim:role_manage: Manage system roles apim:admin_application_view: View Applications apim:keymanagers_manage: Manage Key Managers apim:api_provider_change: Retrieve and manage applications apim:llm_provider_manage: Manage LLM Providers apim:gov_policy_read: Retrieve governance policies apim:gov_policy_manage: Manage governance policies apim:gov_result_read: Retrieve governance results apim:gov_rule_read: Retrieve governance rules apim:gov_rule_manage: Manage governance rules apim:organization_manage: Manage Organizations apim:organization_read: Read Organizations