# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ################################################################################ openapi: 3.0.1 info: title: WSO2 API Manager - Publisher API description: | This document specifies a **RESTful API** for WSO2 **API Manager** - **Publisher**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1/src/main/resources/publisher-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Publisher REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A Sample payload is shown below. ``` { "callbackUrl":"www.google.lk", "clientName":"rest_api_publisher", "owner":"admin", "grantType":"client_credentials password refresh_token", "saasApp":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H "Authorization: Basic Base64(admin_username:admin_password)" -H "Content-Type: application/json" \ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" \ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", "clientName": "rest_api_publisher", "callBackURL": "www.google.lk", "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", "isSaasApplication": true, "appOwner": "admin", "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.google.lk\",\"client_name\":\"rest_api123\"}", "jsonAppAttribute": "{}", "tokenType": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for publisher REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorization** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d "grant_type=password&username=&password=" \ -H "Authorization: Basic base64(cliet_id:client_secret)" \ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \ -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ -d "grant_type=password&username=admin&password=admin&scope=apim:api_view apim:api_create" ``` Shown below is a sample response to the above request. ``` { "access_token": "e79bda48-3406-3178-acce-f6e4dbdcbb12", "refresh_token": "a757795d-e69f-38b8-bd85-9aded677a97c", "scope": "apim:api_create apim:api_view", "token_type": "Bearer", "expires_in": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with "Run in Postman" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-7fbaad97-7fb9-43ae-b6f2-13b63f2867d7) contact: name: WSO2 url: https://wso2.com/api-manager/ email: architecture@wso2.com license: name: Apache 2.0 url: http://www.apache.org/licenses/LICENSE-2.0.html version: v4 servers: - url: https://apis.wso2.com/api/am/publisher/v4 security: - OAuth2Security: - apim:api_view paths: ###################################################### # The "API Collection" resource APIs ###################################################### /apis: get: tags: - APIs summary: | Retrieve/Search APIs description: | This operation provides you a list of available APIs qualifying under a given search condition. Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/requestedTenant' - name: query in: query description: | **Search condition**. You can search in attributes by using an **":"** modifier. Eg. "provider:wso2" will match an API if the provider of the API contains "wso2". "provider:"wso2"" will match an API if the provider of the API is exactly "wso2". "status:PUBLISHED" will match an API if the API is in PUBLISHED state. Also you can use combined modifiers Eg. name:pizzashack version:v1 will match an API if the name of the API is pizzashack and version is v1. Supported attribute modifiers are [**version, context, name, status, description, provider, api-category, tags, doc, contexttemplate, lcstate, content, type, label, enablestore, thirdparty**] If no advanced attribute modifier has been specified, the API names containing the search term will be returned as a result. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) schema: type: string - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/Accept' responses: 200: description: | OK. List of qualifying APIs is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:api_import_export - apim:api_list_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis"' operationId: getAllAPIs post: tags: - APIs summary: Create a New API description: | This operation can be used to create a new API specifying the details of the API in the payload. The new API will be in `CREATED` state. There is a special capability for a user who has `APIM Admin` permission such that he can create APIs on behalf of other users. For that he can to specify `"provider" : "some_other_user"` in the payload so that the API's creator will be shown as `some_other_user` in the UI. parameters: - name: openAPIVersion in: query description: Open api version schema: type: string default: v3 enum: - v2 - v3 requestBody: description: API object that needs to be added content: application/json: schema: $ref: '#/components/schemas/API' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis"' operationId: createAPI ####################################################### # The "API Design Assistant - Chat" resource APIs ####################################################### /design-assistant/chat: post: tags: - API Design Assistant summary: Generate API Specifications with API Design Assistant description: | Generates API specifications based on natural language input. Key features: - Converts text descriptions into structured API specifications - Provides QoS suggestions and other improvements - Supports session-based API generation requestBody: description: Input for API specification generation required: true content: application/json: schema: $ref: '#/components/schemas/DesignAssistantChatQuery' responses: 200: description: Successful API specification generation content: application/json: schema: $ref: '#/components/schemas/DesignAssistantChatResponse' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d "{\"text\": \"create an API for a banking transaction.\", \"sessionId\": \"1234567890\"}" "https://127.0.0.1:9443/api/am/publisher/v4/design-assistant/chat"' operationId: designAssistantChat ###################################################################### # The "API Design Assistant - Generate API Payloads" resource APIs ###################################################################### /design-assistant/generate-api-payload: post: tags: - API Design Assistant summary: Create API Payload with API Design Assistant description: | Creates an API payload using the stored specification. requestBody: description: Input for API payload creation required: true content: application/json: schema: $ref: '#/components/schemas/DesignAssistantGenAPIPayload' responses: 200: description: API payload successfully created. content: application/json: schema: $ref: '#/components/schemas/DesignAssistantAPIPayloadResponse' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d "{\"sessionId\": \"1234567890\"}" "https://127.0.0.1:9443/api/am/publisher/v4/design-assistant/generate-api-payload"' operationId: designAssistantApiPayloadGen ###################################################### # The "Individual API" resource APIs ###################################################### /apis/{apiId}: get: tags: - APIs summary: Get Details of an API description: | Using this operation, you can retrieve complete details of a single API. You need to provide the Id of the API to retrive it. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:api_import_export - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f"' operationId: getAPI put: tags: - APIs summary: Update an API description: | This operation can be used to update an existing API. But the properties `name`, `version`, `context`, `provider`, `state` will not be changed by this operation. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' requestBody: description: API object that needs to be added content: application/json: schema: $ref: '#/components/schemas/API' required: true responses: 200: description: | OK. Successful response with updated API object headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f"' operationId: updateAPI delete: tags: - APIs summary: Delete an API description: | This operation can be used to delete an existing API proving the Id of the API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: {} 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_delete - apim:api_manage - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f"' operationId: deleteAPI /apis/{apiId}/topics: put: tags: - APIs summary: Update Topics of an Async API description: This operation can be used to update topics of an existing async API. operationId: updateTopics parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' requestBody: description: API object that needs to be added content: application/json: schema: $ref: '#/components/schemas/TopicList' required: true responses: 200: description: | OK. Successful response with updated API object headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f/topics"' /apis/{apiId}/sequence-backend/{type}/content: get: tags: - APIs summary: Get Sequence of Custom Backend description: This operation can be used to get Sequence of the Custom Backend operationId: getSequenceBackendContent parameters: - name: type in: path description: | Type of the Endpoint. SANDBOX or PRODUCTION required: true schema: maxLength: 15 type: string - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Requested API Custom Backend is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/xml: schema: type: string format: binary 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:api_import_export - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f/custom-backend/7a2298c4-c915-483f-8fac-38c73301631f/content"' /apis/{apiId}/sequence-backend/{type}: delete: tags: - APIs summary: Delete Sequence Backend of the API description: This operation can be used to remove the Sequence Backend of the API operationId: sequenceBackendDelete parameters: - name: type in: path description: | Type of the Endpoint. SANDBOX or PRODUCTION required: true schema: maxLength: 15 type: string - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Resource successfully deleted. content: { } 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_delete - apim:api_manage - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f/custom-backend/7a2298c4-c915-483f-8fac-38c73301631f"' /apis/{apiId}/sequence-backend: get: tags: - APIs summary: Get Sequence Backends of the API description: This operation can be used to get Sequence Backend data of the API operationId: getSequenceBackendData parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Requested API Sequence Backend is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SequenceBackendList' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:api_import_export - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f/custom-backend/7a2298c4-c915-483f-8fac-38c73301631f"' put: tags: - APIs summary: Upload Sequence Sequence as the Endpoint of the API description: This operation can be used to change the endpoint of the API to Sequence Backend operationId: sequenceBackendUpdate parameters: - $ref: '#/components/parameters/apiId' requestBody: content: multipart/form-data: schema: properties: sequence: type: string description: The sequence that needs to be uploaded. format: binary type: type: string description: Type of the Endpoint responses: 200: description: | OK. Successful response with updated API object headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f/custom-backend"' /apis/{apiId}/reimport-service: put: tags: - APIs summary: Update the Service that is used to create the API description: This operation can be used to re-import the Service used to create the API operationId: reimportServiceFromCatalog parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Successful response with updated API object headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/ecb5b300-422d-4ee8-88d2-364a0a122238/reimport-service"' /apis/{apiId}/swagger: get: tags: - APIs summary: Get Swagger Definition description: | This operation can be used to retrieve the swagger definition of an API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested swagger document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: string example: "" 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:api_definition_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f/swagger"' operationId: getAPISwagger put: tags: - APIs summary: Update Swagger Definition description: | This operation can be used to update the swagger definition of an existing API. Swagger definition to be updated is passed as a form data parameter `apiDefinition`. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' requestBody: content: multipart/form-data: schema: properties: apiDefinition: type: string description: Swagger definition of the API url: type: string description: Swagger definition URL of the API file: type: string description: Swagger definitio as a file format: binary responses: 200: description: | OK. Successful response with updated Swagger definition headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: string example: "" 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F apiDefinition=@swagger.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/swagger"' operationId: updateAPISwagger /apis/{apiId}/generate-mock-scripts: post: tags: - APIs summary: Generate Mock Response Payloads description: | This operation can be used to generate mock responses from examples of swagger definition of an API. operationId: generateMockScripts parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested swagger document of the API is returned with example responses headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: string example: "" 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f/generate-mock-scripts"' /apis/{apiId}/generated-mock-scripts: get: tags: - APIs summary: Get Generated Mock Response Payloads description: | This operation can be used to get generated mock responses from examples of swagger definition of an API. operationId: getGeneratedMockScriptsOfAPI parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested swagger document of the API is returned with example responses headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/MockResponsePayloadList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f/generated-mock-scripts"' /apis/{apiId}/resource-policies: get: tags: - API Resource Policies summary: Get the Resource Policy(inflow/outflow) Definitions description: | This operation can be used to retrieve conversion policy resource definitions of an API. parameters: - $ref: '#/components/parameters/apiId' - name: resourcePath in: query description: Resource path of the resource policy definition schema: type: string - name: verb in: query description: HTTP verb of the resource path of the resource policy definition schema: type: string - name: sequenceType in: query description: sequence type of the resource policy resource definition required: true schema: type: string - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. List of resource policy definitions of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ResourcePolicyList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/resource-policies?resourcePath=checkPhoneNumber&verb=post&sequenceType=in"' operationId: getAPIResourcePolicies /apis/{apiId}/resource-policies/{resourcePolicyId}: get: tags: - API Resource Policies summary: Get the Resource Policy(inflow/outflow) Definition for a Given Resource Identifier. description: | This operation can be used to retrieve conversion policy resource definitions of an API given the resource identifier. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/resourcePolicyId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested resource policy definition of the API is returned for the given resource identifier. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ResourcePolicyInfo' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/resource-policies/8efc32a4-c7f1-4bee-b860-b7566e2bc0d5"' operationId: getAPIResourcePoliciesByPolicyId put: tags: - API Resource Policies summary: Update the Resource Policy(inflow/outflow) Definition for the Given Resource Identifier description: | This operation can be used to update the resource policy(inflow/outflow) definition for the given resource identifier of an existing API. resource policy definition to be updated is passed as a body parameter `content`. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/resourcePolicyId' - $ref: '#/components/parameters/If-Match' requestBody: description: Content of the resource policy definition that needs to be updated content: application/json: schema: $ref: '#/components/schemas/ResourcePolicyInfo' required: true responses: 200: description: | OK. Successful response with updated the resource policy definition headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ResourcePolicyInfo' 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/resource-policies/8efc32a4-c7f1-4bee-b860-b7566e2bc0d5"' operationId: updateAPIResourcePoliciesByPolicyId /apis/{apiId}/thumbnail: get: tags: - APIs summary: Get Thumbnail Image description: | This operation can be used to download a thumbnail image of an API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Thumbnail image returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/thumbnail"' operationId: getAPIThumbnail put: tags: - APIs summary: Upload a Thumbnail Image description: | This operation can be used to upload a thumbnail image of an API. The thumbnail to be uploaded should be given as a form data parameter `file`. operationId: updateAPIThumbnail parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' requestBody: content: multipart/form-data: schema: required: - file properties: file: type: string description: Image to upload format: binary required: true responses: 200: description: | OK. Image updated headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the uploaded thumbnail image of the API. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/FileInfo' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@image.jpeg "https://127.0.0.1:9443/api/am/publisher/v4/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/thumbnail"' /apis/{apiId}/subscription-policies: get: tags: - APIs summary: | Get Details of the Subscription Throttling Policies of an API description: | This operation can be used to retrieve details of the subscription throttling policy of an API by specifying the API Id. `X-WSO2-Tenant` header can be used to retrive API subscription throttling policies that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/isAiApi' - $ref: '#/components/parameters/organizationID' responses: 200: description: | OK. Throttling Policy returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ThrottlingPolicy' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/2fd14eb8-b828-4013-b448-0739d2e76bf7/subscription-policies"' operationId: getAPISubscriptionPolicies /apis/copy-api: post: tags: - APIs summary: Create a New API Version description: | This operation can be used to create a new version of an existing API. The new version is specified as `newVersion` query parameter. New API will be in `CREATED` state. parameters: - name: newVersion in: query description: Version of the new API. required: true schema: maxLength: 30 type: string - name: defaultVersion in: query description: Specifies whether new API should be added as default version. schema: type: boolean default: false - name: serviceVersion in: query description: Version of the Service that will used in creating new version schema: type: string required: false - $ref: '#/components/parameters/apiId-Q' responses: 201: description: | Created. Successful response with the newly created API as entity in the body. Location header contains URL of newly created API. headers: Location: description: | The URL of the newly created API. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/copy-api?newVersion=2.0&defaultVersion=false&apiId=2fd14eb8-b828-4013-b448-0739d2e76bf7"' operationId: createNewAPIVersion /apis/change-lifecycle: post: tags: - API Lifecycle summary: Change API Status description: | This operation is used to change the lifecycle of an API. Eg: Publish an API which is in `CREATED` state. In order to change the lifecycle, we need to provide the lifecycle `action` as a query parameter. For example, to Publish an API, `action` should be `Publish`. Note that the `Re-publish` action is available only after calling `Block`. Some actions supports providing additional paramters which should be provided as `lifecycleChecklist` parameter. Please see parameters table for more information. parameters: - name: action in: query description: | The action to demote or promote the state of the API. Supported actions are [ **Publish**, **Deploy as a Prototype**, **Demote to Created**, **Block**, **Deprecate**, **Re-Publish**, **Retire** ] required: true schema: type: string enum: - Publish - Deploy as a Prototype - Demote to Created - Block - Deprecate - Re-Publish - Retire - name: lifecycleChecklist in: query description: |2 Supported checklist items are as follows. 1. **Deprecate old versions after publishing the API**: Setting this to true will deprecate older versions of a particular API when it is promoted to Published state from Created state. 2. **Requires re-subscription when publishing the API**: If you set this to true, users need to re subscribe to the API although they may have subscribed to an older version. You can specify additional checklist items by using an **"attribute:"** modifier. Eg: "Deprecate old versions after publishing the API:true" will deprecate older versions of a particular API when it is promoted to Published state from Created state. Multiple checklist items can be given in "attribute1:true, attribute2:false" format. **Sample CURL :** curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -X POST "https://localhost:9443/api/am/publisher/v4/apis/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish&lifecycleChecklist=Deprecate%20old%20versions%20after%20publishing%20the%20API%3Atrue,Requires%20re-subscription%20when%20publishing%20the%20API%3Afalse" schema: type: string - $ref: '#/components/parameters/apiId-Q' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Lifecycle changed successfully. headers: ETag: description: | Entity Tag of the changed API. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the API lifecycle has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 202: description: | Accepted. The request has been accepted. content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_publish - apim:api_manage - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish"' operationId: changeAPILifecycle /apis/{apiId}/lifecycle-history: get: tags: - API Lifecycle summary: Get Lifecycle State Change History of the API. description: | This operation can be used to retrieve Lifecycle state change history of the API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Lifecycle state change history returned successfully. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string content: application/json: schema: $ref: '#/components/schemas/LifecycleHistory' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-history"' operationId: getAPILifecycleHistory /apis/{apiId}/lifecycle-state: get: tags: - API Lifecycle summary: Get Lifecycle State Data of the API. description: | This operation can be used to retrieve Lifecycle state data of the API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Lifecycle state data returned successfully. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/LifecycleState' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state"' operationId: getAPILifecycleState /apis/{apiId}/lifecycle-state/pending-tasks: delete: tags: - API Lifecycle summary: Delete Pending Lifecycle State Change Tasks description: | This operation can be used to remove pending lifecycle state change requests that are in pending state parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Lifecycle state change pending task removed successfully. content: {} 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state/pending-tasks"' operationId: deleteAPILifecycleStatePendingTasks ###################################################### # The "API Revisions" resource API ###################################################### /apis/{apiId}/revisions: #-------------------------------------------- # List available revisions of an API #-------------------------------------------- get: tags: - API Revisions summary: List Revisions description: | List available revisions of an API operationId: getAPIRevisions parameters: - $ref: '#/components/parameters/apiId' - name: query in: query schema: type: string responses: 200: description: | OK. List of API revisions are returned. content: application/json: schema: $ref: '#/components/schemas/APIRevisionList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_manage - apim:api_publish - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions?query=deployed:true"' #-------------------------------------------- # Create a new API revision #-------------------------------------------- post: tags: - API Revisions summary: Create API Revision description: | Create a new API revision operationId: createAPIRevision parameters: - $ref: '#/components/parameters/apiId' requestBody: description: API object that needs to be added content: application/json: schema: $ref: '#/components/schemas/APIRevision' responses: 201: description: | Created. Successful response with the newly created APIRevision object as the entity in the body. content: application/json: schema: $ref: '#/components/schemas/APIRevision' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions"' ###################################################### # The "API Revisions" individual resource API ###################################################### /apis/{apiId}/revisions/{revisionId}: #-------------------------------------------- # Get a revision #-------------------------------------------- get: tags: - API Revisions summary: Retrieve Revision description: | Retrieve a revision of an API (This resource is not supported in the current release) operationId: getAPIRevision parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/revisionId' responses: 200: description: | OK. An API revision is returned. content: application/json: schema: $ref: '#/components/schemas/APIRevision' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' #-------------------------------------------- # Delete a revision #-------------------------------------------- delete: tags: - API Revisions summary: Delete Revision description: | Delete a revision of an API operationId: deleteAPIRevision parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/revisionId' responses: 200: description: | OK. List of remaining API revisions are returned. content: application/json: schema: $ref: '#/components/schemas/APIRevisionList' 204: description: | No Content. Successfully deleted the revision 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' /apis/{apiId}/deployments: #-------------------------------------------- # List available deployed revision deployment details of an API #-------------------------------------------- get: tags: - API Revisions summary: List Deployments description: | List available deployed revision deployment details of an API operationId: getAPIRevisionDeployments parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. List of deployed revision deployment details are returned. content: application/json: schema: $ref: '#/components/schemas/APIRevisionDeploymentList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments"' /apis/{apiId}/deployments/{deploymentId}: #-------------------------------------------- # Change Display On Devportal Field #-------------------------------------------- put: tags: - API Revisions summary: Update Deployment description: | Update deployment devportal visibility operationId: updateAPIDeployment parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/deploymentId' requestBody: description: Deployment object that needs to be updated content: application/json: schema: $ref: '#/components/schemas/APIRevisionDeployment' responses: 200: description: | Created. Successful response with the newly updated APIRevisionDeployment List object as the entity in the body. content: application/json: schema: $ref: '#/components/schemas/APIRevisionDeployment' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments/UHJvZHVjdGlvbiBhbmQgU2FuZGJveA"' /apis/{apiId}/deploy-revision: #-------------------------------------------- # Deploy a revision #-------------------------------------------- post: tags: - API Revisions summary: Deploy Revision description: | Deploy a revision operationId: deployAPIRevision parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/revisionId-Q' requestBody: description: Deployment object that needs to be added content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' responses: 200: description: | Created. Successful response with the newly deployed APIRevisionDeployment List object as the entity in the body. content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' /apis/{apiId}/undeploy-revision: #-------------------------------------------- # Un-Deploy a revision from deployed gateway #-------------------------------------------- post: tags: - API Revisions summary: UnDeploy Revision description: | UnDeploy a revision operationId: undeployAPIRevision parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/revisionId-Q' - $ref: '#/components/parameters/revisionNum-Q' - name: allEnvironments in: query schema: type: boolean default: false requestBody: description: Deployment object that needs to be added content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' responses: 200: description: | OK. 201: description: | Created. Successful response with the newly undeployed APIRevisionDeploymentList object as the entity in the body. content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/undeploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' /apis/{apiId}/restore-revision: #-------------------------------------------------------- # Restore a revision to the current API of the API #-------------------------------------------------------- post: tags: - API Revisions summary: Restore API Revision description: | Restore a revision to the current API of the API operationId: restoreAPIRevision parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/revisionId-Q' responses: 201: description: | Restored. Successful response with the newly restored API object as the entity in the body. content: application/json: schema: $ref: '#/components/schemas/API' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/restore-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' /apis/{apiId}/cancel-revision-workflow/{revisionId}/{envName}: #-------------------------------------------------------- # Cancel a pending revision deployment workflow task given revision id and environment name #-------------------------------------------------------- delete: tags: - API Revisions summary: Delete Pending Revision Deployment Workflow Tasks description: | This operation can be used to remove pending revision deployment requests that are in pending state parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/revisionId' - $ref: '#/components/parameters/envName' responses: 200: description: | OK. Revision deployment pending task removed successfully. content: { } 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_publish - apim:api_manage - apim:api_create x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/cancel-revision-workflow/e0824883-3e86-403a-aec1-22bbc454eb7c/Default"' operationId: deleteAPIRevisionDeploymentPendingTask /apis/import-service: post: tags: - APIs summary: Import a Service from Service Catalog description: This operation can be used to create an API from a Service from Service Catalog operationId: importServiceFromCatalog parameters: - name: serviceKey in: query required: true schema: type: string description: ID of service that should be imported from Service Catalog example: Pizzashack-1.0.0 requestBody: content: application/json: schema: '$ref': '#/components/schemas/API' responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains the URL of the newly created entity. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/import-service?serviceKey=Pizzashack-1.0.0"' /apis/{apiId}/comments: get: tags: - Comments summary: Retrieve API Comments description: | Get a list of Comments that are already added to APIs operationId: getAllCommentsOfAPI parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/includeCommenterInfo' responses: 200: description: | OK. Comments list is returned. content: application/json: schema: $ref: '#/components/schemas/CommentList' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:comment_view - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/publisher/v4/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments"' post: tags: - Comments summary: Add an API Comment operationId: addCommentToAPI parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/parentCommentID' requestBody: description: | Comment object that should to be added content: application/json: schema: title: Post request body type: object properties: content: type: string maxLength: 512 description: | Content of the comment example: This is a comment category: type: string description: | Category of the comment example: general required: - content required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string Location: description: | Location to the newly created Comment. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Comment' 400: $ref: '#/components/responses/BadRequest' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 415: $ref: '#/components/responses/UnsupportedMediaType' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:comment_write - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/publisher/v4/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments"' /apis/{apiId}/comments/{commentId}: get: tags: - Comments summary: Get Details of an API Comment description: | Get the individual comment given by a username for a certain API. operationId: getCommentOfAPI parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/includeCommenterInfo' - $ref: '#/components/parameters/replyLimit' - $ref: '#/components/parameters/replyOffset' responses: 200: description: | OK. Comment returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Comment' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:comment_view - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/publisher/v4/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' patch: tags: - Comments summary: Edit a comment description: | Edit the individual comment operationId: editCommentOfAPI parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/apiId' requestBody: description: | Comment object that should to be updated content: application/json: schema: title: Patch request body type: object properties: content: type: string maxLength: 512 description: | Content of the comment example: This is a comment category: type: string description: | Category of the comment example: general required: true responses: 200: description: | OK. Comment updated. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string Location: description: | Location to the newly created Comment. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Comment' 400: $ref: '#/components/responses/BadRequest' 401: $ref: '#/components/responses/Unauthorized' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 415: $ref: '#/components/responses/UnsupportedMediaType' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:comment_write - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -X PATCH -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/publisher/v4/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' delete: tags: - Comments summary: Delete an API Comment description: | Remove a Comment operationId: deleteComment parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: {} 401: $ref: '#/components/responses/Unauthorized' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 405: description: | MethodNotAllowed. Request method is known by the server but is not supported by the target resource. content: {} 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:comment_write - apim:comment_manage - apim:admin # special scope added to moderate other comments as well x-code-samples: - lang: Curl source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/publisher/v4/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" /apis/{apiId}/comments/{commentId}/replies: get: tags: - Comments summary: Get replies of a comment description: | Get replies of a comment operationId: getRepliesOfComment parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/includeCommenterInfo' responses: 200: description: | OK. Comment returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CommentList' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:comment_view - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/publisher/v4/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4/replies"' /apis/{apiId}/mcp-servers-usage: get: tags: - APIs summary: Retrieve MCP Server(s) that uses the given API description: | This operation can be used to retrieve/identify MCP Server(s) that uses the API given by the `apiId` parameter. parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. List of qualifying MCP Servers returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/MCPServerMetadataList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/e93fb282-b456-48fc-8981-003fb89086ae/mcp-servers-usage"' operationId: getMCPServerUsage /mcp-servers/validate-mcp-server: post: tags: - Validation summary: Validate a third-party MCP Server description: > This operation can be used to validate a `url` of a third party mcp server requestBody: description: Object containing validation input parameters required: true content: application/json: schema: $ref: '#/components/schemas/MCPServerValidationRequest' responses: 200: description: > OK. MCP Server validation result is returned. headers: Content-Type: description: The content type of the response body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/MCPServerValidationResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/validate-mcp-server" \ -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" \ -H "Content-Type: application/json" \ -d "{ "url": "https://example.com/mcp", "securityInfo": { "isSecure": true, "header": "Authorization", "value": "Bearer some-token" } }"' operationId: validateThirdPartyMCPServer /mcp-servers/generate-from-openapi: post: tags: - MCP Servers summary: | Create a MCP server using an OpenAPI definition. description: | This operation can be used to create a MCP server using the OpenAPI definition. Provide either `url` or `file` to specify the definition. Specify additionalProperties with **at least** API's name, version, context and endpointConfig. requestBody: content: multipart/form-data: schema: properties: file: type: string description: Definition to upload as a file format: binary url: type: string description: Definition url additionalProperties: type: string description: Additional attributes specified as a stringified JSON with MCP Server's schema responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/MCPServer' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@openapi.json -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/generate-from-openapi"' operationId: createMCPServerFromOpenAPI /mcp-servers/generate-from-mcp-server: post: tags: - MCP Servers summary: | Create an MCP server by proxying a third-party MCP Server description: | This operation can be used to create a MCP server using a third party MCP Server. Specify additionalProperties with **at least** API's name, version, context and endpointConfig. requestBody: content: application/json: schema: title: MCP Server Proxy Request type: object required: - url - additionalProperties - securityInfo properties: url: type: string description: Definition url additionalProperties: $ref: '#/components/schemas/MCPServer' securityInfo: $ref: '#/components/schemas/SecurityInfo' responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/MCPServer' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X POST "https://127.0.0.1:9443/api/am/publisher/v3/mcp-servers/generate-from-mcp-server" \ -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" \ -H "Content-Type: application/json" \ -d "{ "url": "https://example.com/mcp", "additionalProperties": { "name": "books", "context": "/books", "version": "1.0.0" }, "securityInfo": { "isSecure": true, "header": "Authorization", "value": "Bearer some-token" } }"' operationId: createMCPServerProxy /mcp-servers/generate-from-api: post: tags: - MCP Servers summary: Create a New MCP Server description: | This operation can be used to create a new MCP server using an existing API. parameters: - name: openAPIVersion in: query description: Open API version schema: type: string default: v3 enum: - v2 - v3 requestBody: description: API object that needs to be added content: application/json: schema: $ref: '#/components/schemas/MCPServer' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/MCPServer' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/generate-from-api"' operationId: createMCPServerFromAPI /mcp-servers: get: tags: - MCP Servers summary: | Retrieve/Search MCP Servers description: | This operation provides you a list of available MCP servers qualifying under a given search condition. Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details, you need to use **Get details of an MCP server** operation. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/requestedTenant' - name: query in: query description: | **Search condition**. You can search in attributes by using an **":"** modifier. Eg. "provider:wso2" will match an MCP server if the provider of the API contains "wso2". "provider:"wso2"" will match an API if the provider of the API is exactly "wso2". "status:PUBLISHED" will match an API if the API is in PUBLISHED state. Also you can use combined modifiers Eg. name:pizzashack version:v1 will match an API if the name of the API is pizzashack and version is v1. Supported attribute modifiers are [**version, context, name, status, description, provider, api-category, tags, doc, contexttemplate, lcstate, content, type, label, enablestore, thirdparty**] If no advanced attribute modifier has been specified, the API names containing the search term will be returned as a result. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) schema: type: string - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/Accept' responses: 200: description: | OK. List of qualifying APIs is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: { } 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_manage - apim:mcp_server_import_export - apim:mcp_server_list_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers"' operationId: getAllMCPServers /mcp-servers/{mcpServerId}: get: tags: - MCP Servers summary: Get Details of an MCP Server description: | Using this operation, you can retrieve complete details of a single API. You need to provide the Id of the API to retrieve it. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested MCP Server is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/MCPServer' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: { } 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_manage - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/7a2298c4-c905-403f-8fac-38c73301631f"' operationId: getMCPServer put: tags: - MCP Servers summary: Update a MCP Server description: | This operation can be used to update an existing MCP Server. But the properties `name`, `version`, `context`, `provider`, `state` will not be changed by this operation. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/If-Match' requestBody: description: API object that needs to be added content: application/json: schema: $ref: '#/components/schemas/MCPServer' required: true responses: 200: description: | OK. Successful response with updated API object headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/MCPServer' 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/7a2298c4-c905-403f-8fac-38c73301631f"' operationId: updateMCPServer delete: tags: - MCP Servers summary: Delete a MCP Server description: | This operation can be used to delete a MCP server by providing the Id of the MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: { } 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_delete - apim:mcp_server_manage - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/7a2298c4-c905-403f-8fac-38c73301631f"' operationId: deleteMCPServer /mcp-servers/{mcpServerId}/revisions: get: tags: - MCP Server Revisions summary: List Revisions description: | List available revisions of a MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - name: query in: query schema: type: string responses: 200: description: | OK. List of MCP server revisions are returned. content: application/json: schema: $ref: '#/components/schemas/APIRevisionList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions?query=deployed:true"' operationId: getMCPServerRevisions post: tags: - MCP Server Revisions summary: Create MCP Server Revision description: | Create a new MCP Server revision parameters: - $ref: '#/components/parameters/mcpServerId' requestBody: description: API object that needs to be added content: application/json: schema: $ref: '#/components/schemas/APIRevision' responses: 201: description: | Created. Successful response with the newly created APIRevision object as the entity in the body. content: application/json: schema: $ref: '#/components/schemas/APIRevision' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions"' operationId: createMCPServerRevision /mcp-servers/{mcpServerId}/revisions/{revisionId}: get: tags: - MCP Server Revisions summary: Retrieve revision of a MCP Server. description: | Retrieve a revision of a MCP server operationId: getMCPServerRevision parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/revisionId' responses: 200: description: | OK. A MCP server revision is returned. content: application/json: schema: $ref: '#/components/schemas/APIRevision' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' delete: tags: - MCP Server Revisions summary: Delete a MCP Server Revision description: | Delete a revision of a MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/revisionId' responses: 200: description: | OK. List of remaining MCP servers revisions are returned. content: application/json: schema: $ref: '#/components/schemas/APIRevisionList' 204: description: | No Content. Successfully deleted the revision 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' operationId: deleteMCPServerRevision /mcp-servers/{mcpServerId}/restore-revision: post: tags: - MCP Server Revisions summary: Restore a MCP Server Revision description: | Restore a revision to the current MCP server operationId: restoreMCPServerRevision parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/revisionId-Q' responses: 201: description: | Restored. Successful response with the newly restored API object as the entity in the body. content: application/json: schema: $ref: '#/components/schemas/MCPServer' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/restore-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' /mcp-servers/{mcpServerId}/backends: get: tags: - MCP Server Backends summary: Get a list of backends of a MCP Server description: | This operation can be used to get a list of backends of a MCP server by the MCP Server UUID. parameters: - $ref: '#/components/parameters/mcpServerId' responses: 200: description: | OK. A list of Backend objects are returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/BackendList' 500: $ref: '#/components/responses/InternalServerError' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/96077508-fd01-4fae-bc64-5de0e2baf43c/backends"' operationId: getMCPServerBackends /mcp-servers/{mcpServerId}/backends/{backendId}: get: tags: - MCP Server Backends summary: Get backends of a MCP Server description: | This operation can be used to get a backend of a MCP Server parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/backendId' responses: 200: description: | OK. Backend object is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Backend' 500: $ref: '#/components/responses/InternalServerError' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/96077508-fd01-4fae-bc64-5de0e2baf43c/backends/13092607-ed01-4fa1-bc64-5da0e2abe92c"' operationId: getMCPServerBackend put: tags: - MCP Server Backends summary: Update a backend of a MCP Server description: | This operation can be used to update a backend of a MCP Server parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/backendId' requestBody: description: Backend object with updated details content: application/json: schema: $ref: '#/components/schemas/Backend' responses: 200: description: | OK. Updated Backend is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Backend' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 415: $ref: '#/components/responses/UnsupportedMediaType' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/96077508-fd01-4fae-bc64-5de0e2baf43c/backends/13092607-ed01-4fa1-bc64-5da0e2abe92c"' operationId: updateMCPServerBackend /mcp-servers/{mcpServerId}/deploy-revision: post: tags: - MCP Server Revisions summary: Deploy Revision description: | Deploy a revision of a MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/revisionId-Q' requestBody: description: Deployment object that needs to be added content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' responses: 200: description: | Created. Successful response with the newly deployed APIRevisionDeployment List object as the entity in the body. content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' operationId: deployMCPServerRevision /mcp-servers/{mcpServerId}/undeploy-revision: post: tags: - MCP Server Revisions summary: UnDeploy Revision of a MCP Server description: | UnDeploy a revision of a MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/revisionId-Q' - $ref: '#/components/parameters/revisionNum-Q' - name: allEnvironments in: query schema: type: boolean default: false requestBody: description: Deployment object that needs to be added content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' responses: 200: description: | OK. 201: description: | Created. Successful response with the newly undeployed APIRevisionDeploymentList object as the entity in the body. content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/undeploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' operationId: undeployMCPServerRevision /mcp-servers/{mcpServerId}/deployments: get: tags: - MCP Server Revisions summary: List Deployments description: | List available deployed revision deployment details of a MCP Server parameters: - $ref: '#/components/parameters/mcpServerId' responses: 200: description: | OK. List of deployed revision deployment details are returned. content: application/json: schema: $ref: '#/components/schemas/APIRevisionDeploymentList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments"' operationId: getMCPServerRevisionDeployments /mcp-servers/{mcpServerId}/deployments/{deploymentId}: put: tags: - MCP Server Revisions summary: Update Deployment description: | Update deployment devportal visibility parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/deploymentId' requestBody: description: Deployment object that needs to be updated content: application/json: schema: $ref: '#/components/schemas/APIRevisionDeployment' responses: 200: description: | Created. Successful response with the newly updated APIRevisionDeployment List object as the entity in the body. content: application/json: schema: $ref: '#/components/schemas/APIRevisionDeployment' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage - apim:mcp_server_publish x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments/UHJvZHVjdGlvbiBhbmQgU2FuZGJveA"' operationId: updateMCPServerDeployment /mcp-servers/copy-mcp-server: post: tags: - MCP Servers summary: Create a New MCP Server Version description: | This operation can be used to create a new version of an existing MCP server. The new version is specified as `newVersion` query parameter. New MCP server will be in `CREATED` state. parameters: - name: newVersion in: query description: Version of the new MCP server. required: true schema: maxLength: 30 type: string - name: defaultVersion in: query description: Specifies whether new MCP server should be added as default version. schema: type: boolean default: false - name: serviceVersion in: query description: Version of the Service that will used in creating new version schema: type: string required: false - $ref: '#/components/parameters/mcpServerId-Q' responses: 201: description: | Created. Successful response with the newly created MCP server as entity in the body. Location header contains URL of newly created MCP server. headers: Location: description: | The URL of the newly created API. schema: type: string content: application/json: schema: $ref: '#/components/schemas/MCPServer' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/copy-mcp-server?newVersion=2 .0&defaultVersion=false&apiId=2fd14eb8-b828-4013-b448-0739d2e76bf7"' operationId: createNewMCPServerVersion /mcp-servers/change-lifecycle: post: tags: - MCP Server Lifecycle summary: Change MCP Server Status description: | This operation is used to change the lifecycle of a MCP server. Eg: Publish a MCP server which is in `CREATED` state. In order to change the lifecycle, we need to provide the lifecycle `action` as a query parameter. For example, to Publish an MCP server, `action` should be `Publish`. Note that the `Re-publish` action is available only after calling `Block`. Some actions supports providing additional parameters which should be provided as `lifecycleChecklist` parameter. Please see parameters table for more information. parameters: - name: action in: query description: | The action to demote or promote the state of the MCP server. Supported actions are [ **Publish**, **Deploy as a Prototype**, **Demote to Created**, **Block**, **Deprecate**, **Re-Publish**, **Retire** ] required: true schema: type: string enum: - Publish - Deploy as a Prototype - Demote to Created - Block - Deprecate - Re-Publish - Retire - name: lifecycleChecklist in: query description: |2 Supported checklist items are as follows. 1. **Deprecate old versions after publishing the MCP server**: Setting this to true will deprecate older versions of a particular API when it is promoted to Published state from Created state. 2. **Requires re-subscription when publishing the MCP server**: If you set this to true, users need to re subscribe to the MCP server although they may have subscribed to an older version. You can specify additional checklist items by using an **"attribute:"** modifier. Eg: "Deprecate old versions after publishing the MCP server:true" will deprecate older versions of a particular MCP server when it is promoted to Published state from Created state. Multiple checklist items can be given in "attribute1:true, attribute2:false" format. **Sample CURL :** curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -X POST "https://localhost:9443/api/am/publisher/v4/apis/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish&lifecycleChecklist=Deprecate%20old%20versions%20after%20publishing%20the%20API%3Atrue,Requires%20re-subscription%20when%20publishing%20the%20API%3Afalse" schema: type: string - $ref: '#/components/parameters/mcpServerId-Q' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Lifecycle changed successfully. headers: ETag: description: | Entity Tag of the changed API. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the API lifecycle has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 202: description: | Accepted. The request has been accepted. content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_publish - apim:mcp_server_manage - apim:mcp_server_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish"' operationId: changeMCPServerLifecycle /mcp-servers/{mcpServerId}/lifecycle-history: get: tags: - MCP Server Lifecycle summary: Get Lifecycle State Change History of a MCP Server description: | This operation can be used to retrieve Lifecycle state change history of a MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Lifecycle state change history returned successfully. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string content: application/json: schema: $ref: '#/components/schemas/LifecycleHistory' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: { } 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_publish - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-history"' operationId: getMCPServerLifecycleHistory /mcp-servers/{mcpServerId}/lifecycle-state: get: tags: - MCP Server Lifecycle summary: Get Lifecycle State Data of a MCP server. description: | This operation can be used to retrieve Lifecycle state data of a MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Lifecycle state data returned successfully. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/LifecycleState' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: { } 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_publish - apim:mcp_server_create - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state"' operationId: getMCPServerLifecycleState /mcp-servers/{mcpServerId}/lifecycle-state/pending-tasks: delete: tags: - MCP Server Lifecycle summary: Delete Pending Lifecycle State Change Tasks description: | This operation can be used to remove pending lifecycle state change requests that are in pending state parameters: - $ref: '#/components/parameters/mcpServerId' responses: 200: description: | OK. Lifecycle state change pending task removed successfully. content: { } 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_publish - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state/pending-tasks"' operationId: deleteMCPServerLifecycleStatePendingTasks /mcp-servers/{mcpServerId}/documents: get: tags: - MCP Server Documents summary: Get a List of Documents of a MCP Server description: | This operation can be used to retrieve a list of documents belonging to a MCP server by providing the ID of the MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Document list is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/DocumentList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: { } 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_publish - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/5bca47e1-8233-46a5-9295-525dca337f33/documents"' operationId: getMCPServerDocuments post: tags: - MCP Server Documents summary: Add a New Document to a MCP server description: | This operation can be used to add a new documentation to a MCP server. This operation only adds the metadata of a document. To add the actual content we need to use **Upload the content of an MCP server document ** MCP server once we obtain a document Id by this operation. parameters: - $ref: '#/components/parameters/mcpServerId' requestBody: description: Document object that needs to be added content: application/json: schema: $ref: '#/components/schemas/Document' required: true responses: 201: description: | Created. Successful response with the newly created Document object as entity in the body. Location header contains URL of newly added document. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | Location to the newly created Document. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:mcp_server_publish - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/5bca47e1-8233-46a5-9295-525dca337f33/documents"' operationId: addMCPServerDocument /mcp-servers/{mcpServerId}/documents/{documentId}: get: tags: - MCP Server Documents summary: Get a Document of a MCP Server description: | This operation can be used to retrieve a particular document's metadata associated with a MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Document returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: { } 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_publish - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' operationId: getMCPServerDocument put: tags: - MCP Server Documents summary: Update a Document of a MCP Server description: | This operation can be used to update metadata of an MCP server's document. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-Match' requestBody: description: Document object that needs to be added content: application/json: schema: $ref: '#/components/schemas/Document' required: true responses: 200: description: | OK. Document updated headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the updated document. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_publish - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' operationId: updateMCPServerDocument delete: tags: - MCP Server Documents summary: Delete a Document of a MCP Server description: | This operation can be used to delete a document associated with a MCP server. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: { } 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_publish - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' operationId: deleteMCPServerDocument /mcp-servers/{mcpServerId}/documents/{documentId}/content: get: tags: - MCP Server Documents summary: Get the Content of a MCP Server Document description: | This operation can be used to retrieve the content of a MCP server's document. The document can be of 3 types. In each cases responses are different. 1. **Inline type**: The content of the document will be retrieved in `text/plain` content type _Sample cURL_ : `curl -k -H "Authorization:Bearer 579f0af4-37be-35c7-81a4-f1f1e9ee7c51" -F inlineContent=@"docs.txt" -X POST "https://localhost:9443/api/am/publisher/v4/mcp-servers/995a4972-3178-4b17-a374-756e0e19127c/documents/43c2bcce-60e7-405f-bc36-e39c0c5e189e/content` 2. **FILE type**: The file will be downloaded with the related content type (eg. `application/pdf`) 3. **URL type**: The client will recieve the URL of the document as the Location header with the response with - `303 See Other` parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. File or inline content returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: { } 303: description: | See Other. Source can be retrieved from the URL specified at the Location header. headers: Location: description: | The Source URL of the document. schema: type: string content: { } 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: { } 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_publish - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3/content"' operationId: getMCPServerDocumentContent post: tags: - MCP Server Documents summary: Upload the Content of a MCP Server Document description: | This operation can be used to upload a file or add inline content to a MCP server document. **IMPORTANT:** * Either **file** or **inlineContent** form data parameters should be specified at one time. * Document's source type should be **FILE** in order to upload a file to the document using **file** parameter. * Document's source type should be **INLINE** in order to add inline content to the document using **inlineContent** parameter. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-Match' requestBody: content: multipart/form-data: schema: properties: file: type: string description: Document to upload format: binary inlineContent: type: string description: Inline content of the document responses: 200: description: | OK. Document updated headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the updated content of the document. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_publish - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F file=@sample.pdf "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3/content"' operationId: addMCPServerDocumentContent /mcp-servers/{mcpServerId}/documents/validate: post: tags: - MCP Server Documents summary: Check Whether a Document with the Provided Name Exist description: | This operation can be used to verify the document name exists or not. parameters: - $ref: '#/components/parameters/mcpServerId' - name: name in: query description: | The name of the document which needs to be checked for the existence. required: true schema: type: string - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Successful response if the document name exists. 400: $ref: '#/components/responses/BadRequest' 404: description: | Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage - apim:document_manage - apim:document_create x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/validate?name=CalculatorDoc"' operationId: validateMCPServerDocument /mcp-servers/import: post: tags: - Import Export summary: Import a MCP Server description: | This operation can be used to import a MCP server. parameters: - name: preserveProvider in: query description: | Preserve Original Provider of the MCP server. This is the user choice to keep or replace the MCP server provider required: false schema: type: boolean - name: rotateRevision in: query description: | Once the revision max limit reached, undeploy and delete the earliest revision and create a new revision required: false schema: type: boolean - name: overwrite in: query description: | Whether to update the MCP server or not. This is used when updating already existing MCP servers required: false schema: type: boolean - name: preservePortalConfigurations in: query description: | Preserve Portal Configurations. This is used to preserve the portal configurations of the MCP server required: false schema: type: boolean - name: dryRun in: query description: | Dry Run. This is used to validate the MCP server without importing it required: false schema: type: boolean default: false - $ref: '#/components/parameters/Accept' requestBody: content: multipart/form-data: schema: required: - file properties: file: type: string description: Zip archive consisting on exported MCP Server configuration format: binary responses: 200: description: | Created. API Imported Successfully. content: "text/plain": schema: type: string example: API Imported Successfully "application/json": schema: $ref: '#/components/schemas/ImportAPIResponse' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:mcp_server_import_export - apim:admin x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@admin-PizzaShackAPI-1.0.0.zip "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/import?preserveProvider=false&overwrite=false"' operationId: importMCPServer /mcp-servers/export: get: tags: - Import Export summary: Export a MCP Server description: | This operation can be used to export the details of a particular MCP server as a zip file. parameters: - name: mcpServerId in: query description: UUID of the MCP server schema: type: string - name: name in: query description: | API Name schema: type: string - name: version in: query description: | Version of the MCP Server schema: type: string - name: revisionNumber in: query description: | Revision number of the API artifact schema: type: string - name: providerName in: query description: | Provider name of the MCP Server schema: type: string - name: format in: query description: | Format of output documents. Can be YAML or JSON. schema: type: string enum: - JSON - YAML - name: preserveStatus in: query description: | Preserve MCP Server Status during export schema: type: boolean - name: latestRevision in: query description: | Export the latest revision of the MCP server schema: type: boolean default: false - name: gatewayEnvironment in: query description: | Gateway environment of the exported MCP servers schema: type: string - name: preserveCredentials in: query description: | Preserve endpoint configuration credentials required: false schema: type: boolean responses: 200: description: | OK. Export Successful. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/zip: schema: type: string format: binary 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_publish - apim:mcp_server_create - apim:mcp_server_import_export - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/export?apiId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=PizzaShackAPI&version=1.0&provider=admin&format=YAML" > exportAPI.zip' operationId: exportMCPServer /mcp-servers/{mcpServerId}/subscription-policies: get: tags: - MCP Servers summary: | Get Details of the Subscription Throttling Policies of a MCP Server description: | This operation can be used to retrieve details of the subscription throttling policy of a MCP server by specifying the API Id. `X-WSO2-Tenant` header can be used to retrive MCP server subscription throttling policies that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/isAiApi' - $ref: '#/components/parameters/organizationID' responses: 200: description: | OK. Throttling Policy returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ThrottlingPolicy' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: { } 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:mcp_server_view - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/2fd14eb8-b828-4013-b448-0739d2e76bf7/subscription-policies"' operationId: getMCPServerSubscriptionPolicies /mcp-servers/validate-openapi: post: tags: - Validation summary: Validate an OpenAPI Definition of a API description: | This operation can be used to validate an OpenAPI definition and retrieve a summary. Provide either `url` or `file` to specify the definition. parameters: - name: returnContent in: query description: | Specify whether to return the full content of the OpenAPI definition in the response. This is only applicable when using url based validation schema: type: boolean default: false requestBody: content: multipart/form-data: schema: properties: url: type: string description: OpenAPI definition url file: type: string description: OpenAPI definition as a file format: binary inlineAPIDefinition: type: string description: Inline content of the OpenAPI definition responses: 200: description: | OK. API definition validation information is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/OpenAPIDefinitionValidationResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@openapi.json "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/validate-openapi"' operationId: validateOpenAPIDefinitionOfMCPServer /mcp-servers/validate-endpoint: post: tags: - Validation summary: Check Whether Given Endpoint URL is Valid description: | Using this operation, it is possible check whether the given MCP server URL is a valid url parameters: - name: endpointUrl in: query description: API endpoint url required: true schema: type: string - name: apiId in: query description: API ID consisting of the UUID of the MCP server schema: type: string responses: 200: description: | OK. API definition validation information is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApiEndpointValidationResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/validate-endpoint?apiId=e0824883-3e86-403a-aec1 -22bbc454eb7c&endpointUrl=https%3A%2F%2Flocalhost%3A9443%2Fam%2Fsample%2Fpizzashack%2Fv1%2Fapi%2F"' operationId: validateMCPServerEndpoint /mcp-servers/validate: post: tags: - Validation summary: Check Given API Context Name already Exists description: | Using this operation, you can check a given API context is already used. You need to provide the context name you want to check. parameters: - name: query in: query description: | **Search condition**. You can search in attributes by using an **":"** modifier. Eg. "name:wso2" will match an MCP server if the provider of the API is exactly "wso2". Supported attribute modifiers are [** version, context, name **] If no advanced attribute modifier has been specified, search will match the given query string against MCP server Name. required: true schema: type: string - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. API definition validation information is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: { } 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:mcp_server_create - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/validate?query=name%3Awso2"' operationId: validateMCPServer /mcp-servers/{mcpServerId}/generate-key: post: tags: - MCP Servers summary: Generate internal API Key to invoke MCP Server. description: | This operation can be used to generate internal api key which used to invoke MCP Server. parameters: - $ref: '#/components/parameters/mcpServerId' responses: 200: description: | OK. apikey generated. content: application/json: schema: $ref: '#/components/schemas/APIKey' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_generate_key - apim:mcp_server_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/7a2298c4-c905-403f-8fac-38c73301631f/generate-key"' operationId: generateInternalAPIKeyMCPServer /mcp-servers/{mcpServerId}/comments: get: tags: - Comments summary: Retrieve MCP Server Comments description: | Get a list of Comments that are already added to MCP Server parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/includeCommenterInfo' responses: 200: description: | OK. Comments list is returned. content: application/json: schema: $ref: '#/components/schemas/CommentList' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:mcp_server_view - apim:comment_view - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/publisher/v4/mcp-servers/e93fb282-b456-48fc-8981-003fb89086ae/comments"' operationId: getAllCommentsOfMCPServer post: tags: - Comments summary: Add an MCP Server Comment parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/parentCommentID' requestBody: description: | Comment object that should to be added content: application/json: schema: $ref: '#/components/schemas/CommentRequest' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string Location: description: | Location to the newly created Comment. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Comment' 400: $ref: '#/components/responses/BadRequest' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 415: $ref: '#/components/responses/UnsupportedMediaType' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:comment_write - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/publisher/v4/mcp-servers/e93fb282-b456-48fc-8981-003fb89086ae/comments"' operationId: addCommentToMCPServer /mcp-servers/{mcpServerId}/comments/{commentId}: get: tags: - Comments summary: Get Details of an API Comment description: | Get the individual comment given by a username for a certain MCP Server. parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/includeCommenterInfo' - $ref: '#/components/parameters/replyLimit' - $ref: '#/components/parameters/replyOffset' responses: 200: description: | OK. Comment returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Comment' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:mcp_server_view - apim:comment_view - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/publisher/v4/mcp-servers/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' operationId: getCommentOfMCPServer patch: tags: - Comments summary: Edit a comment description: | Edit the individual comment parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/mcpServerId' requestBody: description: | Comment object that should to be updated content: application/json: schema: $ref: '#/components/schemas/CommentRequest' required: true responses: 200: description: | OK. Comment updated. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string Location: description: | Location to the newly created Comment. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Comment' 400: $ref: '#/components/responses/BadRequest' 401: $ref: '#/components/responses/Unauthorized' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 415: $ref: '#/components/responses/UnsupportedMediaType' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:comment_write - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -X PATCH -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/publisher/v4/mcp-servers/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' operationId: editCommentOfMCPServer delete: tags: - Comments summary: Delete a MCP Server Comment description: | Remove a Comment parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: { } 401: $ref: '#/components/responses/Unauthorized' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 405: description: | MethodNotAllowed. Request method is known by the server but is not supported by the target resource. content: { } 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:comment_write - apim:comment_manage - apim:admin x-code-samples: - lang: Curl source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/publisher/v4/mcp-servers/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" operationId: deleteCommentOfMCPServer /mcp-servers/{mcpServerId}/comments/{commentId}/replies: get: tags: - Comments summary: Get replies of a comment description: | Get replies of a comment parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/includeCommenterInfo' responses: 200: description: | OK. Comment returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CommentList' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:mcp_server_view - apim:comment_view - apim:comment_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/publisher/v4/mcp-servers/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4/replies"' operationId: getRepliesOfCommentOfMCPServer /mcp-servers/{mcpServerId}/cancel-revision-workflow/{revisionId}/{envName}: delete: tags: - MCP Server Revisions summary: Delete Pending Revision Deployment Workflow Tasks description: | This operation can be used to remove pending revision deployment requests that are in pending state parameters: - $ref: '#/components/parameters/mcpServerId' - $ref: '#/components/parameters/revisionId' - $ref: '#/components/parameters/envName' responses: 200: description: | OK. Revision deployment pending task removed successfully. content: { } 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:mcp_server_publish - apim:mcp_server_manage - apim:mcp_server_create x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/mcp-servers/890a4f4d-09eb-4877-a323-57f6ce2ed79b/cancel-revision-workflow/e0824883-3e86-403a-aec1-22bbc454eb7c/Default"' operationId: deleteMCPServerRevisionDeploymentPendingTask /apis/import-openapi: post: tags: - APIs summary: Import an OpenAPI Definition description: | This operation can be used to create an API from an OpenAPI definition. Provide either `url` or `file` to specify the definition. Specify additionalProperties with **at least** API's name, version, context and endpointConfig. operationId: importOpenAPIDefinition requestBody: content: multipart/form-data: schema: properties: file: type: string description: Definition to upload as a file format: binary url: type: string description: Definition url additionalProperties: type: string description: Additional attributes specified as a stringified JSON with API's schema inlineAPIDefinition: type: string description: Inline content of the OpenAPI definition responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@openapi.json -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/import-openapi"' /apis/import-wsdl: post: tags: - APIs summary: Import a WSDL Definition description: | This operation can be used to create an API using a WSDL definition. Provide either `url` or `file` to specify the definition. WSDL can be speficied as a single file or a ZIP archive with WSDLs and reference XSDs etc. Specify additionalProperties with **at least** API's name, version, context and endpointConfig. operationId: importWSDLDefinition requestBody: content: multipart/form-data: schema: properties: file: type: string description: | WSDL definition as a file or archive **Sample cURL to Upload WSDL File** curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@api.wsdl -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/import-wsdl" **Sample cURL to Upload WSDL Archive** curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file="@wsdl.zip;type=application/zip" -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/import-wsdl" format: binary url: type: string description: WSDL Definition url additionalProperties: type: string description: Additional attributes specified as a stringified JSON with API's schema implementationType: type: string description: | If 'SOAP' is specified, the API will be created with only one resource 'POST /*' which is to be used for SOAP operations. If 'HTTP_BINDING' is specified, the API will be created with resources using HTTP binding operations which are extracted from the WSDL. default: SOAP enum: - SOAPTOREST - SOAP responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@api.wsdl -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/import-wsdl"' /apis/import-graphql-schema: post: tags: - APIs summary: Import a GraphQL SDL description: | This operation can be used to create api from api definition.APIMgtDAOTest API definition is GraphQL Schema parameters: - name: If-Match in: header description: | Validator for conditional requests; based on ETag. schema: type: string requestBody: content: multipart/form-data: schema: properties: type: type: string description: Definition type to upload file: type: string description: Definition to uploads a file format: binary url: type: string description: Definition url schema: type: string description: Definition schema additionalProperties: type: string description: Additional attributes specified as a stringified JSON with API's schema responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@schema.graphql -F additionalProperties=@data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/import-graphql-schema"' operationId: importGraphQLSchema /apis/validate-openapi: post: tags: - Validation summary: Validate an OpenAPI Definition description: | This operation can be used to validate an OpenAPI definition and retrieve a summary. Provide either `url` or `file` to specify the definition. operationId: validateOpenAPIDefinition parameters: - name: returnContent in: query description: | Specify whether to return the full content of the OpenAPI definition in the response. This is only applicable when using url based validation schema: type: boolean default: false requestBody: content: multipart/form-data: schema: properties: url: type: string description: OpenAPI definition url file: type: string description: OpenAPI definition as a file format: binary inlineAPIDefinition: type: string description: Inline content of the OpenAPI definition responses: 200: description: | OK. API definition validation information is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/OpenAPIDefinitionValidationResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@openapi.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/validate-openapi"' /apis/validate-endpoint: post: tags: - Validation summary: Check Whether Given Endpoint URL is Valid description: | Using this operation, it is possible check whether the given API endpoint url is a valid url operationId: validateEndpoint parameters: - name: endpointUrl in: query description: API endpoint url required: true schema: type: string - name: apiId in: query description: API ID consisting of the UUID of the API schema: type: string responses: 200: description: | OK. API definition validation information is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApiEndpointValidationResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/validate-endpoint?apiId=e0824883-3e86-403a-aec1-22bbc454eb7c&endpointUrl=https%3A%2F%2Flocalhost%3A9443%2Fam%2Fsample%2Fpizzashack%2Fv1%2Fapi%2F"' /apis/validate: post: tags: - Validation summary: Check Given API Context Name already Exists description: | Using this operation, you can check a given API context is already used. You need to provide the context name you want to check. operationId: validateAPI parameters: - name: query in: query description: | **Search condition**. You can search in attributes by using an **":"** modifier. Eg. "name:wso2" will match an API if the provider of the API is exactly "wso2". Supported attribute modifiers are [** version, context, name **] If no advanced attribute modifier has been specified, search will match the given query string against API Name. required: true schema: type: string - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. API definition validation information is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/validate?query=name%3Awso2"' /apis/validate-wsdl: post: tags: - Validation summary: Validate a WSDL Definition description: | This operation can be used to validate a WSDL definition and retrieve a summary. Provide either `url` or `file` to specify the definition. operationId: validateWSDLDefinition requestBody: content: multipart/form-data: schema: properties: url: type: string description: Definition url file: type: string description: Definition to upload as a file format: binary responses: 200: description: | OK. API definition validation information is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WSDLValidationResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@api.wsdl "https://127.0.0.1:9443/api/am/publisher/v4/apis/validate-wsdl"' /apis/validate-graphql-schema: post: tags: - Validation summary: Validate a GraphQL SDL description: | This operation can be used to validate a graphQL definition and retrieve a summary. parameters: - name: useIntrospection in: query description: | Specify whether to use Introspection to obtain the GraphQL Schema schema: type: boolean default: false requestBody: content: multipart/form-data: schema: properties: file: type: string description: Definition to upload as a file format: binary url: type: string description: Definition to upload using url required: true responses: 200: description: | OK. API definition validation information is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/GraphQLValidationResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@schema.graphql "https://127.0.0.1:9443/api/am/publisher/v4/apis/validate-graphql-schema"' operationId: validateGraphQLSchema /apis/{apiId}/graphql-schema: get: tags: - GraphQL Schema (Individual) summary: Get the Schema of a GraphQL API description: | This operation can be used to retrieve the Schema definition of a GraphQL API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested GraphQL Schema DTO object belongs to the API headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/GraphQLSchema' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/e0824883-3e86-403a-aec1-22bbc454eb7c/graphql-schema"' operationId: getAPIGraphQLSchema put: tags: - GraphQL Schema summary: Add a Schema to a GraphQL API description: | This operation can be used to add a GraphQL Schema definition to an existing GraphQL API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' requestBody: content: multipart/form-data: schema: required: - schemaDefinition properties: schemaDefinition: type: string description: schema definition of the GraphQL API required: true responses: 200: description: | OK. Successful response with updated schema definition headers: ETag: description: | Entity Tag of the response resource. Used by cache, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F schemaDefinition=@schema.graphql "https://127.0.0.1:9443/api/am/publisher/v4/apis/e0824883-3e86-403a-aec1-22bbc454eb7c/graphql-schema"' operationId: updateAPIGraphQLSchema /apis/{apiId}/amznResourceNames: get: tags: - AWS Lambda (Individual) summary: Retrieve the ARNs of AWS Lambda Functions description: | This operation can be use to retrieve ARNs of AWS Lambda function for a given AWS credentials. parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Requested ARN List of the API is returned headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: string example: |- { "count": "2", "list": [ "arn:aws:lambda:us-west-2:123456789012:function:my-function1", "arn:aws:lambda:us-west-2:123456789012:function:my-function2" ] } 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/e0824883-3e86-403a-aec1-22bbc454eb7c/amznResourceNames"' operationId: getAmazonResourceNamesOfAPI /apis/{apiId}/monetize: post: tags: - API Monetization summary: Configure Monetization for a Given API description: | This operation can be used to configure monetization for a given API. parameters: - $ref: '#/components/parameters/apiId' requestBody: description: Monetization data object content: application/json: schema: $ref: '#/components/schemas/APIMonetizationInfo' required: true responses: 201: description: | OK. Monetization status changed successfully. content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/monetize' operationId: addAPIMonetization /apis/{apiId}/monetization: get: tags: - API Monetization summary: Get Monetization Status for each Tier in a Given API description: | This operation can be used to get monetization status for each tier in a given API parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Monetization status for each tier returned successfully. content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/monetization"' operationId: getAPIMonetization /apis/{apiId}/revenue: get: tags: - API Monetization summary: Get Total Revenue Details of a Given Monetized API with Meterd Billing description: | This operation can be used to get details of total revenue details of a given monetized API with meterd billing. parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Details of a total revenue returned. headers: ETag: description: Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: Date and time the resource has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIRevenue' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/revenue"' operationId: getAPIRevenue /apis/{apiId}/documents: get: tags: - API Documents summary: Get a List of Documents of an API description: | This operation can be used to retrieve a list of documents belonging to an API by providing the id of the API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Document list is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/DocumentList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:document_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/e0824883-3e86-403a-aec1-22bbc454eb7c/documents"' operationId: getAPIDocuments post: tags: - API Documents summary: Add a New Document to an API description: | This operation can be used to add a new documentation to an API. This operation only adds the metadata of a document. To add the actual content we need to use **Upload the content of an API document ** API once we obtain a document Id by this operation. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' requestBody: description: Document object that needs to be added content: application/json: schema: $ref: '#/components/schemas/Document' required: true responses: 201: description: | Created. Successful response with the newly created Document object as entity in the body. Location header contains URL of newly added document. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | Location to the newly created Document. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:document_create #deprecate - apim:document_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents"' operationId: addAPIDocument /apis/{apiId}/documents/{documentId}: get: tags: - API Documents summary: Get a Document of an API description: | This operation can be used to retrieve a particular document's metadata associated with an API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Document returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:document_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5"' operationId: getAPIDocumentByDocumentId put: tags: - API Documents summary: Update a Document of an API description: | This operation can be used to update metadata of an API's document. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-Match' requestBody: description: Document object that needs to be added content: application/json: schema: $ref: '#/components/schemas/Document' required: true responses: 200: description: | OK. Document updated headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the updated document. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:document_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @doc.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5"' operationId: updateAPIDocument delete: tags: - API Documents summary: Delete a Document of an API description: | This operation can be used to delete a document associated with an API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:document_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5"' operationId: deleteAPIDocument /apis/{apiId}/documents/{documentId}/content: get: tags: - API Documents summary: Get the Content of an API Document description: | This operation can be used to retrive the content of an API's document. The document can be of 3 types. In each cases responses are different. 1. **Inline type**: The content of the document will be retrieved in `text/plain` content type _Sample cURL_ : `curl -k -H "Authorization:Bearer 579f0af4-37be-35c7-81a4-f1f1e9ee7c51" -F inlineContent=@"docs.txt" -X POST "https://localhost:9443/api/am/publisher/v4/apis/995a4972-3178-4b17-a374-756e0e19127c/documents/43c2bcce-60e7-405f-bc36-e39c0c5e189e/content` 2. **FILE type**: The file will be downloaded with the related content type (eg. `application/pdf`) 3. **URL type**: The client will recieve the URL of the document as the Location header with the response with - `303 See Other` parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. File or inline content returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/octet-stream: schema: type: string 303: description: | See Other. Source can be retrived from the URL specified at the Location header. headers: Location: description: | The Source URL of the document. schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:document_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content"' operationId: getAPIDocumentContentByDocumentId post: tags: - API Documents summary: Upload the Content of an API Document description: | Thid operation can be used to upload a file or add inline content to an API document. **IMPORTANT:** * Either **file** or **inlineContent** form data parameters should be specified at one time. * Document's source type should be **FILE** in order to upload a file to the document using **file** parameter. * Document's source type should be **INLINE** in order to add inline content to the document using **inlineContent** parameter. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-Match' requestBody: content: multipart/form-data: schema: properties: file: type: string description: Document to upload format: binary inlineContent: type: string description: Inline content of the document responses: 200: description: | OK. Document updated headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the updated content of the document. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:document_create #deprecate - apim:document_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@sample.pdf "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content"' operationId: addAPIDocumentContent /apis/{apiId}/documents/validate: post: tags: - API Documents summary: Check Whether a Document with the Provided Name Exist description: | This operation can be used to verify the document name exists or not. operationId: validateDocument parameters: - $ref: '#/components/parameters/apiId' - name: name in: query description: | The name of the document which needs to be checked for the existance. required: true schema: type: string - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Successful response if the document name exists. 400: $ref: '#/components/responses/BadRequest' 404: description: | Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:document_manage - apim:document_create #deprecate x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/documents/validate?name=CalculatorDoc"' /apis/{apiId}/wsdl-info: get: tags: - APIs summary: Get WSDL Meta Information description: | This operation can be used to retrieve the WSDL meta information of an API. It states whether the API is a SOAP API. If the API is a SOAP API, it states whether it has a single WSDL or a WSDL archive. operationId: getWSDLInfoOfAPI parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Requested WSDL meta information of the API is returned content: application/json: schema: $ref: '#/components/schemas/WSDLInfo' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/wsdl-info"' /apis/{apiId}/wsdl: get: tags: - APIs summary: Get WSDL definition description: | This operation can be used to retrieve the WSDL definition of an API. It can be either a single WSDL file or a WSDL archive. The type of the WSDL of the API is indicated at the "wsdlInfo" element of the API payload definition. operationId: getWSDLOfAPI parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested WSDL document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/wsdl"' put: tags: - APIs summary: Update WSDL Definition description: | This operation can be used to update the WSDL definition of an existing API. WSDL to be updated can be passed as either "url" or "file". Only one of "url" or "file" can be used at the same time. "file" can be specified as a single WSDL file or as a zip file which has a WSDL and its dependencies (eg: XSDs) operationId: updateWSDLOfAPI parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' requestBody: content: multipart/form-data: schema: properties: file: type: string description: WSDL file or archive to upload format: binary url: type: string description: WSDL Definition url responses: 200: description: | OK. Successful response with updated WSDL definition headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (This is not supported by WSO2 API Manager as of yet). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (This is not supported by WSO2 API Manager as of yet). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@api.wsdl "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/wsdl"' /apis/{apiId}/graphql-policies/complexity: get: tags: - GraphQL Policies summary: Get the Complexity-Related Details of an API description: | This operation can be used to retrieve complexity-related details belonging to an API by providing the API ID. parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Requested complexity details returned. headers: Content-Type: description: | The content of the body. schema: type: string default: application/json content: application/json: schema: $ref: '#/components/schemas/GraphQLQueryComplexityInfo' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/graphql-policies/complexity"' operationId: getGraphQLPolicyComplexityOfAPI put: tags: - GraphQL Policies summary: Update Complexity-Related Details of an API description: | This operation can be used to update complexity-related details belonging to an API by providing the API ID. parameters: - $ref: '#/components/parameters/apiId' requestBody: description: Role-depth mapping that needs to be added content: application/json: schema: $ref: '#/components/schemas/GraphQLQueryComplexityInfo' responses: 200: description: | Created. Complexity details created successfully. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/graphql-policies/complexity"' operationId: updateGraphQLPolicyComplexityOfAPI /apis/{apiId}/graphql-policies/complexity/types: get: tags: - GraphQL Policies summary: Retrieve Types and Fields of a GraphQL Schema description: | This operation can be used to retrieve all types and fields of the GraphQL Schema by providing the API ID. parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Types and fields returned successfully. headers: Content-Type: description: | The content of the body. schema: type: string default: application/json content: application/json: schema: $ref: '#/components/schemas/GraphQLSchemaTypeList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/graphql-policies/complexity/types"' operationId: getGraphQLPolicyComplexityTypesOfAPI /apis/{apiId}/resource-paths: get: tags: - APIs summary: Get Resource Paths of an API description: | This operation can be used to retrieve resource paths defined for a specific API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. ResourcePaths returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ResourcePathList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/resource-paths"' operationId: getAPIResourcePaths /organizations: get: tags: - Organizations summary: Get all registered Organizations description: | Get all Registered Organizations responses: 200: description: | OK. Organizations returned content: application/json: schema: $ref: '#/components/schemas/OrganizationList' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:api_import_export - apim:api_product_import_export - apim:publisher_organization_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/organizations"' /apis/{apiId}/auditapi: get: tags: - API Audit summary: Retrieve the Security Audit Report of the Audit API description: | Retrieve the Security Audit Report of the Audit API parameters: - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. The Security Audit Report has been returned. headers: Content-Type: description: | The content of the body. schema: type: string default: application/json content: application/json: schema: $ref: '#/components/schemas/AuditReport' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/auditapi"' operationId: getAuditReportOfAPI /apis/{apiId}/external-stores: get: tags: - External Stores summary: Get the List of External Stores to which an API is Published description: | This operation can be used to retrieve a list of external stores which an API is published to by providing the ID of the API. operationId: getAllPublishedExternalStoresByAPI parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. External Store list is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIExternalStoreList' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/external-stores"' /apis/{apiId}/publish-to-external-stores: post: tags: - External Stores summary: Publish an API to External Stores description: | This operation can be used to publish an API to a list of external stores. operationId: publishAPIToExternalStores parameters: - $ref: '#/components/parameters/apiId' - name: externalStoreIds in: query description: External Store Ids of stores which the API needs to be published or updated. schema: type: string - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. API was successfully published to all the selected external stores. headers: ETag: description: | Entity Tag of the blocked subscription. Used by caches, or in conditional requests (This is not supported by WSO2 API Manager as of yet). schema: type: string Last-Modified: description: | Date and time the subscription which was blocked. Used by caches, or in conditional requests (This is not supported by WSO2 API Manager as of yet). schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIExternalStoreList' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/publish-to-external-stores?externalStoreId=Store123#"' /apis/{apiId}/generate-key: post: tags: - APIs summary: Generate internal API Key to invoke APIS. description: | This operation can be used to generate internal API key which used to invoke API. operationId: generateInternalAPIKey parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. apikey generated. content: application/json: schema: $ref: '#/components/schemas/APIKey' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_generate_key - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/7a2298c4-c905-403f-8fac-38c73301631f/generate-key"' /apis/export: get: tags: - Import Export summary: Export an API description: | This operation can be used to export the details of a particular API as a zip file. parameters: - name: apiId in: query description: UUID of the API schema: type: string - name: name in: query description: | API Name schema: type: string - name: version in: query description: | Version of the API schema: type: string - name: revisionNumber in: query description: | Revision number of the API artifact schema: type: string - name: providerName in: query description: | Provider name of the API schema: type: string - name: format in: query description: | Format of output documents. Can be YAML or JSON. schema: type: string enum: - JSON - YAML - name: preserveStatus in: query description: | Preserve API Status during export schema: type: boolean - name: latestRevision in: query description: | Export the latest revision of the API schema: type: boolean default: false - name: gatewayEnvironment in: query description: | Gateway environment of the exported APIs schema: type: string - name: preserveCredentials in: query description: | Preserve endpoint configuration credentials and secret parameters required: false schema: type: boolean default: false responses: 200: description: | OK. Export Successful. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/zip: schema: type: string format: binary 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_create - apim:api_import_export - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/export?apiId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=PizzaShackAPI&version=1.0&provider=admin&format=YAML" > exportAPI.zip' operationId: exportAPI /apis/import: post: tags: - Import Export summary: Import an API description: | This operation can be used to import an API. parameters: - name: preserveProvider in: query description: | Preserve Original Provider of the API. This is the user choice to keep or replace the API provider required: false schema: type: boolean - name: rotateRevision in: query description: | Once the revision max limit reached, undeploy and delete the earliest revision and create a new revision required: false schema: type: boolean - name: overwrite in: query description: | Whether to update the API or not. This is used when updating already existing APIs required: false schema: type: boolean - name: preservePortalConfigurations in: query description: | Preserve Portal Configurations. This is used to preserve the portal configurations of the API required: false schema: type: boolean - name: dryRun in: query description: | Dry Run. This is used to validate the API without importing it required: false schema: type: boolean default: false - $ref: '#/components/parameters/Accept' requestBody: content: multipart/form-data: schema: required: - file properties: file: type: string description: Zip archive consisting on exported API configuration format: binary responses: 200: description: | Created. API Imported Successfully. content: "text/plain": schema: type: string example: API Imported Successfully "application/json": schema: $ref: '#/components/schemas/ImportAPIResponse' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_import_export - apim:admin x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@admin-PizzaShackAPI-1.0.0.zip "https://127.0.0.1:9443/api/am/publisher/v4/apis/import?preserveProvider=false&overwrite=false"' operationId: importAPI ###################################################### # The "Subscription Collection" resource APIs ###################################################### /subscriptions: get: tags: - Subscriptions summary: Get all Subscriptions description: | This operation can be used to retrieve a list of subscriptions of the user associated with the provided access token. This operation is capable of 1. Retrieving all subscriptions for the user's APIs. `GET https://127.0.0.1:9443/api/am/publisher/v4/subscriptions` 2. Retrieving subscriptions for a specific API. `GET https://127.0.0.1:9443/api/am/publisher/v4/subscriptions?apiId=c43a325c-260b-4302-81cb-768eafaa3aed` parameters: - $ref: '#/components/parameters/apiId-Q-Opt' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/If-None-Match' - name: query in: query description: | Keywords to filter subscriptions schema: type: string responses: 200: description: | OK. Subscription list returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SubscriptionList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:subscription_view - apim:subscription_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/subscriptions?apiId=96077508-fd01-4fae-bc64-5de0e2baf43c"' operationId: getSubscriptions ###################################################### # The Individual Subscription resource APIs ###################################################### /subscriptions/{subscriptionId}/usage: get: tags: - API Monetization summary: Get Details of a Pending Invoice for a Monetized Subscription with Metered Billing. description: | This operation can be used to get details of a pending invoice for a monetized subscription with meterd billing. parameters: - $ref: '#/components/parameters/subscriptionId' responses: 200: description: | OK. Details of a pending invoice returned. headers: ETag: description: Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: Date and time the resource has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIMonetizationUsage' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: description: | Not Found. Requested Subscription does not exist. content: application/json: schema: $ref: '#/components/schemas/Error' security: - OAuth2Security: - apim:api_view - apim:subscription_view - apim:subscription_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/subscriptions/64eca60b-2e55-4c38-8603-e9e6bad7d809/usage"' operationId: getSubscriptionUsage /subscriptions/{subscriptionId}/subscriber-info: get: tags: - Subscriber summary: Get Details of a Subscriber description: | This operation can be used to get details of a user who subscribed to the API. parameters: - $ref: '#/components/parameters/subscriptionId' responses: 200: description: | OK. Details of the subscriber are returned. content: application/json: schema: $ref: '#/components/schemas/SubscriberInfo' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:subscription_view - apim:subscription_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/subscriptions/64eca60b-2e55-4c38-8603-e9e6bad7d809/subscriber-info"' operationId: getSubscriberInfoBySubscriptionId /subscriptions/block-subscription: post: tags: - Subscriptions summary: Block a Subscription description: | This operation can be used to block a subscription. Along with the request, `blockState` must be specified as a query parameter. 1. `BLOCKED` : Subscription is completely blocked for both Production and Sandbox environments. 2. `PROD_ONLY_BLOCKED` : Subscription is blocked for Production environment only. parameters: - $ref: '#/components/parameters/subscriptionId-Q' - name: blockState in: query description: | Subscription block state. required: true schema: type: string enum: - BLOCKED - PROD_ONLY_BLOCKED - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Subscription was blocked successfully. headers: ETag: description: | Entity Tag of the blocked subscription. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the subscription has been blocked. Used by caches, or in conditional requests (Will be supported in future). schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscription_block - apim:subscription_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/subscriptions/block-subscription?subscriptionId=64eca60b-2e55-4c38-8603-e9e6bad7d809&blockState=PROD_ONLY_BLOCKED"' operationId: blockSubscription /subscriptions/unblock-subscription: post: tags: - Subscriptions summary: Unblock a Subscription description: | This operation can be used to unblock a subscription specifying the subscription Id. The subscription will be fully unblocked after performing this operation. parameters: - $ref: '#/components/parameters/subscriptionId-Q' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Subscription was unblocked successfully. headers: ETag: description: | Entity Tag of the unblocked subscription. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the subscription has been unblocked. Used by caches, or in conditional requests (Will be supported in future). schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscription_block - apim:subscription_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/subscriptions/unblock-subscription?subscriptionId=64eca60b-2e55-4c38-8603-e9e6bad7d809"' operationId: unBlockSubscription /subscriptions/change-business-plan: post: tags: - Subscriptions summary: Change subscription business plan description: | This operation can be used to change the business plan of a subscription specifying the subscription Id and the business plan. parameters: - $ref: '#/components/parameters/subscriptionId-Q' - name: businessPlan in: query description: | The business plan to be assigned to the subscription. required: true schema: type: string - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Subscription business plan was changed successfully. 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' security: - OAuth2Security: - apim:subscription_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -X POST "https://127.0.0.1:9443/api/am/publisher/v4/subscriptions/change-business-plan?subscriptionId=92c50632-012f-4739-b37d-baa23008c813&businessPlan=Silver"' operationId: changeSubscriptionBusinessPlan ###################################################### # The "Thorttling Tier Collection" resource APIs ###################################################### /throttling-policies/{policyLevel}: get: tags: - Throttling Policies summary: Get All Throttling Policies for the Given Type description: | This operation can be used to list the available policies for a given policy level. Tier level should be specified as a path parameter and should be one of `subscription` and `api`. `subscription` is for Subscription Level policies and `api` is for Resource Level policies operationId: getAllThrottlingPolicies parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/policyLevel' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/isAiApi' responses: 200: description: | OK. List of policies returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ThrottlingPolicyList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:tier_view - apim:tier_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/throttling-policies/api"' ###################################################### # The "Subscription Throttling Based on Quota Type" resource APIs ###################################################### /throttling-policies/streaming/subscription: get: tags: - Throttling Policies summary: Get streaming throttling policies description: | This operation can be used to list the available streaming subscription policies operationId: getSubscriptionThrottlingPolicies parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. List of subscription policies returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SubscriptionPolicyList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:tier_view - apim:tier_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/throttling-policies/streaming/subscription?limit=10&offset=0"' ###################################################### # The "Individual Throttling Tier" resource APIs ###################################################### /throttling-policies/{policyLevel}/{policyName}: get: tags: - Throttling Policies summary: Get Details of a Policy description: | This operation can be used to retrieve details of a single policy by specifying the policy level and policy name. operationId: getThrottlingPolicyByName parameters: - $ref: '#/components/parameters/policyName' - $ref: '#/components/parameters/policyLevel' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Tier returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ThrottlingPolicy' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:tier_view - apim:tier_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/throttling-policies/api/Platinum"' ###################################################### # The "Client Certificates" resource APIs (Deprecated) ###################################################### /apis/{apiId}/client-certificates: get: tags: - Client Certificates summary: Retrieve/ Search Uploaded Client Certificates deprecated: true description: | This operation can be used to retrieve and search the uploaded client certificates. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - name: alias in: query description: Alias for the client certificate schema: type: string - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Successful response with the list of matching certificate information in the body. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ClientCertificates' 400: $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:client_certificates_view - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates?alias=wso2carbon"' operationId: getAPIClientCertificates post: tags: - Client Certificates summary: Upload a New Certificate deprecated: true description: | This operation can be used to upload a new certificate for an endpoint. parameters: - $ref: '#/components/parameters/apiId' requestBody: content: multipart/form-data: schema: required: - alias - certificate - tier properties: certificate: type: string description: The certificate that needs to be uploaded. format: binary alias: maxLength: 30 minLength: 1 type: string description: Alias for the certificate tier: type: string description: API tier to which the certificate should be applied. required: true responses: 200: description: | OK. The Certificate added successfully. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ClientCertMetadata' 400: $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:client_certificates_add - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F certificate=@test.crt -F alias=wso2carbon -F tier=Gold "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates"' operationId: addAPIClientCertificate /apis/{apiId}/client-certificates/{alias}: get: deprecated: true tags: - Client Certificates summary: Get the Certificate Information description: | This operation can be used to get the information about a certificate. parameters: - name: alias in: path required: true schema: type: string - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CertificateInfo' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:client_certificates_view - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"' operationId: getAPIClientCertificateByAlias put: deprecated: true tags: - Client Certificates summary: Update a Certificate description: | This operation can be used to update an uploaded certificate. parameters: - name: alias in: path description: Alias for the certificate required: true schema: maxLength: 30 minLength: 1 type: string - $ref: '#/components/parameters/apiId' requestBody: content: multipart/form-data: schema: properties: certificate: type: string description: The certificate that needs to be uploaded. format: binary tier: type: string description: The tier of the certificate responses: 200: description: | OK. The Certificate updated successfully. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ClientCertMetadata' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:client_certificates_update - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F certificate=@test.crt -F alias=wso2carbon -F apiId=fea749dd-d548-4a8b-b308-34903b39a34b -F tier=Gold "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"' operationId: updateAPIClientCertificateByAlias delete: deprecated: true tags: - Client Certificates summary: Delete a Certificate description: | This operation can be used to delete an uploaded certificate. parameters: - name: alias in: path description: | The alias of the certificate that should be deleted. required: true schema: type: string - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. The Certificate deleted successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:client_certificates_update x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"' operationId: deleteAPIClientCertificateByAlias /apis/{apiId}/client-certificates/{alias}/content: get: deprecated: true tags: - Client Certificates summary: Download a Certificate description: | This operation can be used to download a certificate which matches the given alias. parameters: - $ref: '#/components/parameters/apiId' - name: alias in: path required: true schema: type: string responses: 200: description: | OK. headers: Content-Type: description: | The content type of the body. schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:client_certificates_view - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon/content" > test.crt' operationId: getAPIClientCertificateContentByAlias ###################################################### # The "Client Certificates" resource APIs (New) ###################################################### /apis/{apiId}/client-certs/{keyType}: parameters: - in: path name: keyType schema: type: string required: true description: Key type for the certificate get: tags: - Client Certificates summary: Retrieve/ Search Uploaded Client Certificates of a given key type description: | This operation can be used to retrieve and search the uploaded client certificates of a given key type. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - name: alias in: query description: Alias for the client certificate schema: type: string - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Successful response with the list of matching certificate information in the body. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ClientCertificates' 400: $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:client_certificates_view - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certs/PRODUCTION?alias=wso2carbon"' operationId: getAPIClientCertificatesByKeyType post: tags: - Client Certificates summary: Upload a New Certificate of the given key type description: | This operation can be used to upload a new certificate for an endpoint of the given type. parameters: - $ref: '#/components/parameters/apiId' requestBody: content: multipart/form-data: schema: required: - alias - certificate - tier properties: certificate: type: string description: The certificate that needs to be uploaded. format: binary alias: maxLength: 30 minLength: 1 type: string description: Alias for the certificate tier: type: string description: API tier to which the certificate should be applied. required: true responses: 200: description: | OK. The Certificate added successfully. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ClientCertMetadata' 400: $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:client_certificates_add - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F certificate=@test.crt -F alias=wso2carbon -F tier=Gold "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certs/PRODUCTION"' operationId: addAPIClientCertificateOfGivenKeyType /apis/{apiId}/client-certs/{keyType}/{alias}: parameters: - in: path name: keyType schema: type: string required: true description: Key type for the certificate get: tags: - Client Certificates summary: Get the Certificate Information of a Given Key Type description: | This operation can be used to get the information about a certificate of a given key type. parameters: - name: alias in: path required: true schema: type: string - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CertificateInfo' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:client_certificates_view - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certs/PRODUCTION/wso2carbon"' operationId: getAPIClientCertificateByKeyTypeAndAlias put: tags: - Client Certificates summary: Update a Certificate of a Given Key Type description: | This operation can be used to update an uploaded certificate of a given key type. parameters: - name: alias in: path description: Alias for the certificate required: true schema: maxLength: 30 minLength: 1 type: string - $ref: '#/components/parameters/apiId' requestBody: content: multipart/form-data: schema: properties: certificate: type: string description: The certificate that needs to be uploaded. format: binary tier: type: string description: The tier of the certificate responses: 200: description: | OK. The Certificate updated successfully. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ClientCertMetadata' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:client_certificates_update - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F certificate=@test.crt -F alias=wso2carbon -F apiId=fea749dd-d548-4a8b-b308-34903b39a34b -F tier=Gold "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certs/PRODUCTION/wso2carbon"' operationId: updateAPIClientCertificateByKeyTypeAndAlias delete: tags: - Client Certificates summary: Delete a Certificate of a Given Key Type description: | This operation can be used to delete an uploaded certificate of a given key type. parameters: - name: alias in: path description: | The alias of the certificate that should be deleted. required: true schema: type: string - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. The Certificate deleted successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: { } 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:client_certificates_update x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certificates/wso2carbon"' operationId: deleteAPIClientCertificateByKeyTypeAndAlias /apis/{apiId}/client-certs/{keyType}/{alias}/content: get: tags: - Client Certificates summary: Download a Certificate of Given Key Type description: | This operation can be used to download a certificate which matches the given alias and key type. parameters: - $ref: '#/components/parameters/apiId' - name: alias in: path required: true schema: type: string - name: keyType in: path description: | The key type of the certificate that should be deleted. required: true schema: type: string responses: 200: description: | OK. headers: Content-Type: description: | The content type of the body. schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:client_certificates_view - apim:client_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/d48a3412-1b85-49be-99f4-b81a3722ae73/client-certs/PRODUCTION/wso2carbon/content" > test.crt' operationId: getAPIClientCertificateContentByKeyTypeAndAlias ###################################################### # The "Certificate Management" resource APIs ###################################################### /endpoint-certificates: get: tags: - Endpoint Certificates summary: Retrieve/Search Uploaded Certificates description: | This operation can be used to retrieve and search the uploaded certificates. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - name: alias in: query description: Alias for the certificate schema: maxLength: 30 type: string - name: endpoint in: query description: Endpoint of which the certificate is uploaded schema: type: string responses: 200: description: | OK. Successful response with the list of matching certificate information in the body. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Certificates' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:ep_certificates_view - apim:ep_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/endpoint-certificates?alias=wso2carbon&endpoint=www.abc.com"' operationId: getEndpointCertificates post: tags: - Endpoint Certificates summary: Upload a new Certificate. description: | This operation can be used to upload a new certificate for an endpoint. requestBody: content: multipart/form-data: schema: required: - alias - certificate - endpoint properties: certificate: type: string description: The certificate that needs to be uploaded. format: binary alias: maxLength: 30 minLength: 1 type: string description: Alias for the certificate endpoint: type: string description: Endpoint to which the certificate should be applied. required: true responses: 200: description: | OK. The Certificate added successfully. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CertMetadata' 400: $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:ep_certificates_add - apim:ep_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F certificate=@test.crt -F alias=alias -F endpoint=https://www.abc.com "https://127.0.0.1:9443/api/am/publisher/v4/endpoint-certificates"' operationId: addEndpointCertificate /endpoint-certificates/{alias}: get: tags: - Endpoint Certificates summary: Get the Certificate Information description: | This operation can be used to get the information about a certificate. parameters: - name: alias in: path required: true schema: type: string responses: 200: description: | OK. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CertificateInfo' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:ep_certificates_view - apim:ep_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/endpoint-certificates/wso2carbon"' operationId: getEndpointCertificateByAlias put: tags: - Endpoint Certificates summary: Update a certificate. description: | This operation can be used to update an uploaded certificate. parameters: - name: alias in: path description: Alias for the certificate required: true schema: maxLength: 30 minLength: 1 type: string requestBody: content: multipart/form-data: schema: required: - certificate properties: certificate: type: string description: The certificate that needs to be uploaded. format: binary required: true responses: 200: description: | OK. The Certificate updated successfully. headers: Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CertMetadata' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:ep_certificates_update - apim:ep_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F certificate=@test.crt "https://127.0.0.1:9443/api/am/publisher/v4/endpoint-certificates/wso2carbon"' operationId: updateEndpointCertificateByAlias delete: tags: - Endpoint Certificates summary: Delete a certificate. description: | This operation can be used to delete an uploaded certificate. parameters: - name: alias in: path description: | The alias of the certificate that should be deleted. required: true schema: type: string responses: 200: description: | OK. The Certificate deleted successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:ep_certificates_update - apim:ep_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/endpoint-certificates/wso2carbon"' operationId: deleteEndpointCertificateByAlias /endpoint-certificates/{alias}/content: get: tags: - Endpoint Certificates summary: Download a Certificate description: | This operation can be used to download a certificate which matches the given alias. parameters: - name: alias in: path required: true schema: type: string responses: 200: description: | OK. headers: Content-Type: description: | The content type of the body. schema: type: string content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:ep_certificates_view - apim:ep_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/endpoint-certificates/wso2carbon/content" > test.crt' operationId: getEndpointCertificateContentByAlias /endpoint-certificates/{alias}/usage: get: tags: - Endpoint Certificates summary: Retrieve all the APIs that use a given certificate by the alias description: | This operation can be used to retrieve/identify apis that use a known certificate. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - name: alias in: path required: true schema: type: string responses: 200: description: | OK. List of qualifying APIs is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIMetadataList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:ep_certificates_view - apim:ep_certificates_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/endpoint-certificates/wso2cert/usage"' operationId: getCertificateUsageByAlias ###################################################### # The "Content Search Results" resource APIs ###################################################### /search: get: tags: - Unified Search summary: | Retrieve/Search APIs and API Documents by Content description: | This operation provides you a list of available APIs and API Documents qualifying the given keyword match. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - name: query in: query description: | **Search**. You can search by proving a keyword. schema: type: string - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. List of qualifying APIs and API documents is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SearchResultList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:api_import_export - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/search?query=pizza"' operationId: search ###################################################### # The "API Product Collection" resource APIs ###################################################### /api-products: get: tags: - API Products summary: | Retrieve/Search API Products description: | This operation provides you a list of available API Products qualifying under a given search condition. Each retrieved API Product is represented with a minimal amount of attributes. If you want to get complete details of an API Product, you need to use **Get details of an API Product** operation. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - name: query in: query schema: type: string - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. List of qualifying API Products is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIProductList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products?query=PizzaAPIProduct"' operationId: getAllAPIProducts post: tags: - API Products summary: Create a New API Product description: | This operation can be used to create a new API Product specifying the details of the API Product in the payload. requestBody: description: API object that needs to be added content: application/json: schema: $ref: '#/components/schemas/APIProduct' required: true responses: 201: description: | 'Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity.' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIProduct' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/api-products"' operationId: createAPIProduct ################################################################ # The "Individual API Product" resource APIs ################################################################ /api-products/{apiProductId}: get: tags: - API Products summary: Get Details of an API Product description: | Using this operation, you can retrieve complete details of a single API Product. You need to provide the Id of the API to retrive it. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested API Product is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIProduct' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33"' operationId: getAPIProduct put: tags: - API Products summary: Update an API Product description: | This operation can be used to update an existing API product. But the properties `name`, `provider` and `version` cannot be changed. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/If-Match' requestBody: description: API object that needs to be added content: application/json: schema: $ref: '#/components/schemas/APIProduct' required: true responses: 200: description: | OK. Successful response with updated API product object headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIProduct' 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33"' operationId: updateAPIProduct delete: tags: - API Products summary: Delete an API Product description: | This operation can be used to delete an existing API Product proving the Id of the API Product. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: {} 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_publish - apim:api_manage - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33"' operationId: deleteAPIProduct /api-products/{apiProductId}/thumbnail: get: tags: - API Products summary: Get Thumbnail Image description: | This operation can be used to download a thumbnail image of an API product. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Thumbnail image returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33/thumbnail" > image.jpeg' operationId: getAPIProductThumbnail put: tags: - API Products summary: Upload a Thumbnail Image description: | This operation can be used to upload a thumbnail image of an API Product. The thumbnail to be uploaded should be given as a form data parameter `file`. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/If-Match' requestBody: content: multipart/form-data: schema: required: - file properties: file: type: string description: Image to upload format: binary required: true responses: 200: description: | OK. Image updated headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the uploaded thumbnail image of the API Product. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/FileInfo' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F file=@image.jpeg "https://127.0.0.1:9443/api/am/publisher/v4/api-products/d48a3412-1b85-49be-99f4-b81a3722ae73/thumbnail"' operationId: updateAPIProductThumbnail /api-products/{apiProductId}/swagger: get: tags: - API Products summary: Get Swagger Definition description: | This operation can be used to retrieve the swagger definition of an API. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested swagger document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33/swagger"' operationId: getAPIProductSwagger /api-products/{apiProductId}/is-outdated: get: tags: - API Products summary: Check Whether API Product is Outdated description: | This operation can be used to retrieve the status indicating if an API Product is outdated due to updating of dependent APIs (This resource is not supported at the moment) parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested swagger document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIProductOutdatedStatus' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage operationId: getIsAPIProductOutdated /api-products/{apiProductId}/documents: get: tags: - API Product Documents summary: Get a List of Documents of an API Product description: | This operation can be used to retrive a list of documents belonging to an API Product by providing the ID of the API Product. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Document list is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/DocumentList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents"' operationId: getAPIProductDocuments post: tags: - API Product Documents summary: Add a New Document to an API Product description: | This operation can be used to add a new documentation to an API Product. This operation only adds the metadata of a document. To add the actual content we need to use **Upload the content of an API Product document ** API once we obtain a document Id by this operation. parameters: - $ref: '#/components/parameters/apiProductId' requestBody: description: Document object that needs to be added content: application/json: schema: $ref: '#/components/schemas/Document' required: true responses: 201: description: | Created. Successful response with the newly created Document object as entity in the body. Location header contains URL of newly added document. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | Location to the newly created Document. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents"' operationId: addAPIProductDocument /api-products/{apiProductId}/documents/{documentId}: get: tags: - API Product Documents summary: Get a Document of an API Product description: | This operation can be used to retrieve a particular document's metadata associated with an API. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Document returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' operationId: getAPIProductDocument put: tags: - API Product Documents summary: Update a Document of an API Product description: | This operation can be used to update metadata of an API's document. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-Match' requestBody: description: Document object that needs to be added content: application/json: schema: $ref: '#/components/schemas/Document' required: true responses: 200: description: | OK. Document updated headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the updated document. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' operationId: updateAPIProductDocument delete: tags: - API Product Documents summary: Delete a Document of an API Product description: | This operation can be used to delete a document associated with an API Product. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' operationId: deleteAPIProductDocument /api-products/{apiProductId}/documents/{documentId}/content: get: tags: - API Product Documents summary: Get the Content of an API Product Document description: | This operation can be used to retrive the content of an API's document. The document can be of 3 types. In each cases responses are different. 1. **Inline type**: The content of the document will be retrieved in `text/plain` content type _Sample cURL_ : `curl -k -H "Authorization:Bearer 579f0af4-37be-35c7-81a4-f1f1e9ee7c51" -F inlineContent=@"docs.txt" -X POST "https://localhost:9443/api/am/publisher/v4/apis/995a4972-3178-4b17-a374-756e0e19127c/documents/43c2bcce-60e7-405f-bc36-e39c0c5e189e/content` 2. **FILE type**: The file will be downloaded with the related content type (eg. `application/pdf`) 3. **URL type**: The client will recieve the URL of the document as the Location header with the response with - `303 See Other` parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/Accept' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. File or inline content returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: {} 303: description: | See Other. Source can be retrived from the URL specified at the Location header. headers: Location: description: | The Source URL of the document. schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3/content"' operationId: getAPIProductDocumentContent post: tags: - API Product Documents summary: Upload the Content of an API Product Document description: | Thid operation can be used to upload a file or add inline content to an API Product document. **IMPORTANT:** * Either **file** or **inlineContent** form data parameters should be specified at one time. * Document's source type should be **FILE** in order to upload a file to the document using **file** parameter. * Document's source type should be **INLINE** in order to add inline content to the document using **inlineContent** parameter. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/If-Match' requestBody: content: multipart/form-data: schema: properties: file: type: string description: Document to upload format: binary inlineContent: type: string description: Inline content of the document responses: 200: description: | OK. Document updated headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the updated content of the document. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F file=@sample.pdf "https://127.0.0.1:9443/api/am/publisher/v4/api-products/5bca47e1-8233-46a5-9295-525dca337f33/documents/83312daf-0d8a-427b-8f72-12755b7901d3/content"' operationId: addAPIProductDocumentContent ###################################################### # The "API Product Revisions" resource API ###################################################### /api-products/{apiProductId}/revisions: #-------------------------------------------- # List available revisions of an API Product #-------------------------------------------- get: tags: - API Product Revisions summary: List Revisions description: | List available revisions of an API Product operationId: getAPIProductRevisions parameters: - $ref: '#/components/parameters/apiProductId' - name: query in: query schema: type: string responses: 200: description: | OK. List of API Product revisions are returned. content: application/json: schema: $ref: '#/components/schemas/APIRevisionList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_publish - apim:api_manage - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions?query=deployed:true"' #-------------------------------------------- # Create a new API Product revision #-------------------------------------------- post: tags: - API Product Revisions summary: Create a new API Product revision description: | Create a new API Product revision operationId: createAPIProductRevision parameters: - $ref: '#/components/parameters/apiProductId' requestBody: description: API Product object that needs to be added content: application/json: schema: $ref: '#/components/schemas/APIRevision' responses: 201: description: | Created. Successful response with the newly created APIRevision object as the entity in the body. content: application/json: schema: $ref: '#/components/schemas/APIRevision' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions"' ###################################################### # The "API Revisions" individual resource API Product ###################################################### /api-products/{apiProductId}/revisions/{revisionId}: #-------------------------------------------- # Get a revision #-------------------------------------------- get: tags: - API Product Revisions summary: Retrieve Revision description: | Retrieve a revision of an API Product (This resource is not supported at the moment) operationId: getAPIProductRevision parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/revisionId' responses: 200: description: | OK. An API revision is returned. content: application/json: schema: $ref: '#/components/schemas/APIRevision' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' #-------------------------------------------- # Delete a revision #-------------------------------------------- delete: tags: - API Product Revisions summary: Delete Revision description: | Delete a revision of an API Product operationId: deleteAPIProductRevision parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/revisionId' responses: 200: description: | OK. List of remaining API revisions are returned. content: application/json: schema: $ref: '#/components/schemas/APIRevisionList' 204: description: | No Content. Successfully deleted the revision 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/revisions/e0824883-3e86-403a-aec1-22bbc454eb7c"' /api-products/{apiProductId}/deployments: #-------------------------------------------- # List available deployed revision deployment details of an API Product #-------------------------------------------- get: tags: - API Product Revisions summary: List Deployments description: | List available deployed revision deployment details of an API Product operationId: getAPIProductRevisionDeployments parameters: - $ref: '#/components/parameters/apiProductId' responses: 200: description: | OK. List of deployed revision deployment details are returned. content: application/json: schema: $ref: '#/components/schemas/APIRevisionDeploymentList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments"' /api-products/{apiProductId}/deployments/{deploymentId}: #-------------------------------------------- # Change Display On Devportal Field #-------------------------------------------- put: tags: - API Product Revisions summary: Update Deployment description: | Update deployment devportal visibility operationId: updateAPIProductDeployment parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/deploymentId' requestBody: description: Deployment object that needs to be updated content: application/json: schema: $ref: '#/components/schemas/APIRevisionDeployment' responses: 200: description: | Created. Successful response with the newly updated APIRevisionDeployment List object as the entity in the body. content: application/json: schema: $ref: '#/components/schemas/APIRevisionDeployment' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deployments/UHJvZHVjdGlvbiBhbmQgU2FuZGJveA"' /api-products/{apiProductId}/deploy-revision: #-------------------------------------------- # Deploy a revision #-------------------------------------------- post: tags: - API Product Revisions summary: Deploy Revision description: | Deploy an API Product Revision operationId: deployAPIProductRevision parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/revisionId-Q' requestBody: description: Deployment object that needs to be added content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' responses: 200: description: | OK. 201: description: | Created. Successful response with the newly deployed APIRevisionDeployment List object as the entity in the body. content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/deploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' /api-products/{apiProductId}/undeploy-revision: #-------------------------------------------- # Un-Deploy a revision from deployed gateway #-------------------------------------------- post: tags: - API Product Revisions summary: UnDeploy Revision description: | UnDeploy an API Product Revision operationId: undeployAPIProductRevision parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/revisionId-Q' - $ref: '#/components/parameters/revisionNum-Q' - name: allEnvironments in: query schema: type: boolean default: false requestBody: description: Deployment object that needs to be added content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' responses: 200: description: | OK. 201: description: | Created. Successful response with the newly undeployed APIRevisionDeploymentList object as the entity in the body. content: application/json: schema: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_publish - apim:api_manage - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/undeploy-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' /api-products/{apiProductId}/restore-revision: #-------------------------------------------------------- # Restore a revision to the Current API of the API Product #-------------------------------------------------------- post: tags: - API Product Revisions summary: Restore Revision description: | Restore a revision to the Current API of the API Product operationId: restoreAPIProductRevision parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/revisionId-Q' responses: 201: description: | Restored. Successful response with the newly restored API Product object as the entity in the body. content: application/json: schema: $ref: '#/components/schemas/APIProduct' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/restore-revision?revisionId=e0824883-3e86-403a-aec1-22bbc454eb7c"' /api-products/copy-api-products: #-------------------------------------------------------- # Create new product version from the existing API Product #-------------------------------------------------------- post: tags: - API Products summary: Create a New API Product Version description: | This operation can be used to create a new version of an existing API Products. The new version is specified as `newVersion` query parameter. New API Product will be in `CREATED` state. parameters: - name: newVersion in: query description: Version of the new API Product. required: true schema: maxLength: 30 type: string - name: defaultVersion in: query description: Specifies whether new API Product should be added as default version. schema: type: boolean default: false - $ref: '#/components/parameters/apiProductId-Q' responses: 201: description: | Created. Successful response with the newly created API Product as entity in the body. Location header contains URL of newly created API Product. headers: Location: description: | The URL of the newly created API Product. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIProduct' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/copy-api-products?newVersion=2.0&defaultVersion=false&apiProductId=2fd14eb8-b828-4013-b448-0739d2e76bf7"' operationId: createNewAPIProductVersion /api-products/export: get: tags: - Import Export summary: Export an API Product description: | This operation can be used to export the details of a particular API Product as a zip file. parameters: - name: name in: query description: | API Product Name schema: type: string - name: version in: query description: | Version of the API Product schema: type: string - name: providerName in: query description: | Provider name of the API Product schema: type: string - name: revisionNumber in: query description: | Revision number of the API Product schema: type: string - name: format in: query description: | Format of output documents. Can be YAML or JSON. schema: type: string enum: - JSON - YAML - name: preserveStatus in: query description: | Preserve API Product Status on export schema: type: boolean - name: latestRevision in: query description: | Export the latest revision of the API Product schema: type: boolean default: false responses: 200: description: | OK. Export Successful. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/zip: schema: type: string format: binary 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/export?name=LeasingAPIProduct&version=1.0.0&revisionNumber=2&provider=admin&format=YAML" > exportAPIProduct.zip' operationId: exportAPIProduct /api-products/import: post: tags: - Import Export summary: Import an API Product description: | This operation can be used to import an API Product. parameters: - name: preserveProvider in: query description: | Preserve Original Provider of the API Product. This is the user choice to keep or replace the API Product provider required: false schema: type: boolean - name: rotateRevision in: query description: | Once the revision max limit reached, undeploy and delete the earliest revision and create a new revision required: false schema: type: boolean - name: importAPIs in: query description: | Whether to import the dependent APIs or not. schema: type: boolean - name: overwriteAPIProduct in: query description: | Whether to update the API Product or not. This is used when updating already existing API Products. schema: type: boolean - name: overwriteAPIs in: query description: | Whether to update the dependent APIs or not. This is used when updating already existing dependent APIs of an API Product. schema: type: boolean requestBody: content: multipart/form-data: schema: required: - file properties: file: type: string description: | Zip archive consisting on exported API Product configuration format: binary responses: 200: description: | Created. API Product Imported Successfully. content: {} 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@admin-PizzaShackAPIProduct.zip "https://127.0.0.1:9443/api/am/publisher/v4/api-products/import?preserveProvider=false&overwriteAPIProduct=false&overwriteAPIs=false&importAPIs=false"' operationId: importAPIProduct ###################################################### # Roles resource APIs ###################################################### /roles/{roleId}: head: tags: - Roles summary: Check Whether Given Role Name already Exist description: | Using this operation, user can check a given role name exists or not. operationId: validateSystemRole parameters: - $ref: '#/components/parameters/roleId' responses: 200: description: OK. Requested role name exists. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/roles/SW50ZXJuYWwvcHVibGlzaGVyCQ"' /me/roles/{roleId}: head: tags: - Roles summary: Validate Whether the Logged-in User has the Given Role description: | Using this operation, logged-in user can check whether he has given role. operationId: validateUserRole parameters: - $ref: '#/components/parameters/roleId' responses: 200: description: OK. Requested user has the role. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/me/roles/SW50ZXJuYWwvcHVibGlzaGVyCQ"' /me/organization-information: get: tags: - Users summary: Get the Organization information of the user description: | Using this operation, logged-in user can get their organization information. operationId: organizationInformation responses: 200: description: | OK. Key Manager list returned content: application/json: schema: $ref: '#/components/schemas/OrganizationInfo' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/publisher/v4/me/organization"' ###################################################### # The "ExternalStore Collection" resource APIs ###################################################### /external-stores: get: tags: - External Stores summary: Retrieve External Stores List to Publish an API description: | Retrieve external stores list configured to publish an API operationId: getAllExternalStores responses: 200: description: | OK. External Stores list returned content: application/json: schema: $ref: '#/components/schemas/ExternalStore' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/external-stores"' ###################################################### # The Publisher settings resource APIs ###################################################### /settings: get: tags: - Settings summary: Retreive Publisher Settings description: | Retreive publisher settings responses: 200: description: | OK. Settings returned content: application/json: schema: $ref: '#/components/schemas/Settings' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:publisher_settings x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/settings"' operationId: getSettings ###################################################### # The linter custom rules resource APIs ###################################################### /linter-custom-rules: get: tags: - Linter Custom Rules summary: Get linter custom rules. description: | This operation can be used to get linter custom rules from tenant-config. operationId: getLinterCustomRules parameters: - name: apiId in: query required: false schema: type: string - name: apiType in: query required: false schema: type: string responses: 200: description: | OK. Linter Custom Rules Retrieved Successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: string 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/linter-custom-rules"' ###################################################### # The tenant resource APIs ###################################################### /tenants: get: tags: - Tenants summary: | Get Tenants by State description: | This operation is to get tenants by state operationId: getTenantsByState parameters: - name: state in: query description: | The state represents the current state of the tenant Supported states are [active, inactive] schema: type: string default: active enum: - active - inactive - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' responses: 200: description: | OK. Tenant names returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/TenantList' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/tenants?state=active"' /tenants/{tenantDomain}: head: tags: - Tenants summary: Check Whether the Given Tenant already Exists description: | Using this operation, user can check whether a given tenant exists or not. operationId: getTenantExistence parameters: - $ref: '#/components/parameters/tenantDomain' responses: 200: description: OK. Requested tenant exists. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/tenants/wso2.com"' ###################################################### # The "API Category Collection" resource API ###################################################### /api-categories: get: tags: - API Category (Collection) summary: Get all API categories description: | Get all API categories responses: 200: description: | OK. Categories returned content: application/json: schema: $ref: '#/components/schemas/APICategoryList' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-categories"' operationId: getAllAPICategories ###################################################### # The "Scopes" resource APIs ###################################################### /scopes: get: tags: - Scopes summary: Get All Available Shared Scopes description: | This operation can be used to get all the available Shared Scopes. operationId: getSharedScopes parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' responses: 200: description: | OK. Shared Scope list is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ScopeList' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:shared_scope_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/scopes"' post: tags: - Scopes summary: Add a New Shared Scope description: | This operation can be used to add a new Shared Scope. operationId: addSharedScope requestBody: description: Scope object that needs to be added content: application/json: schema: $ref: '#/components/schemas/Scope' required: true responses: 201: description: | Created. Successful response with the newly created Scope object as an entity in the body. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Scope' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:shared_scope_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/scopes"' /scopes/{scopeId}: get: tags: - Scopes summary: Get a Shared Scope by Scope Id description: | This operation can be used to retrieve details of a Shared Scope by a given scope Id. operationId: getSharedScope parameters: - $ref: '#/components/parameters/scopeId' responses: 200: description: | OK. Requested Shared Scope is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Scope' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:shared_scope_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/scopes/01234567-0123-0123-0123-012345678901"' put: tags: - Scopes summary: Update a Shared Scope description: | This operation can be used to update a Shared Scope by a given scope Id. operationId: updateSharedScope parameters: - $ref: '#/components/parameters/scopeId' requestBody: description: Scope object that needs to be updated content: application/json: schema: $ref: '#/components/schemas/Scope' required: true responses: 200: description: | OK. Successful response with updated Scope object headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Scope' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:shared_scope_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/scopes/01234567-0123-0123-0123-012345678901"' delete: tags: - Scopes summary: Delete a Shared Scope description: | This operation can be used to delete a Shared Scope proving the Id of the scope. operationId: deleteSharedScope parameters: - $ref: '#/components/parameters/scopeId' responses: 200: description: | OK. Resource successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:shared_scope_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/scopes/01234567-0123-0123-0123-012345678901"' head: tags: - Scopes summary: Check Given Scope Name already Exists description: | Using this operation, user can check a given scope name exists or not. operationId: validateScope parameters: - $ref: '#/components/parameters/scopeName' responses: 200: description: OK. Requested scope name exists. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_publish - apim:api_manage - apim:shared_scope_manage x-code-samples: - lang: Curl source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/scopes/YXBpbTphcGlfdmlldw"' /scopes/{scopeId}/usage: get: tags: - Scopes summary: Get usages of a Shared Scope by Scope Id description: | This operation can be used to retrieve usages of a Shared Scope by a given scope Id. operationId: getSharedScopeUsages parameters: - $ref: '#/components/parameters/scopeId' responses: 200: description: | OK. Usages of the shared scope is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SharedScopeUsage' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:shared_scope_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/scopes/01234567-0123-0123-0123-012345678901/usage"' ###################################################### # The "Key Managers Collection" resource API ###################################################### /key-managers: get: tags: - Key Managers (Collection) summary: Get All Key Managers description: | Get all Key managers responses: 200: description: | OK. Categories returned content: application/json: schema: $ref: '#/components/schemas/KeyManagerList' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/key-managers"' operationId: getAllKeyManagers /apis/validate-asyncapi: post: tags: - Validation summary: Validate an AsyncAPI Specification description: This operation can be used to validate and AsyncAPI Specification and retrieve a summary. Provide either 'url' or 'file' to specify the definition. operationId: validateAsyncAPISpecification parameters: - name: returnContent in: query description: Specify whether to return the full content of the AsyncAPI specification in the response. This is only applicable when using url based validation schema: type: boolean default: false requestBody: content: multipart/form-data: schema: properties: url: type: string description: AsyncAPI definition url file: type: string description: AsyncAPI definition as a file format: binary responses: 200: description: OK. API definition validation information is returned headers: Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/AsyncAPISpecificationValidationResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@streetlights.yml "https://127.0.0.1:9443/api/am/publisher/v4/apis/validate-asyncapi"' /apis/import-asyncapi: post: tags: - APIs summary: Import an AsyncAPI Specification description: This operation can be used to create and API from the AsyncAPI Specification. Provide either 'url' or 'file' to specify the definition. Specify additionalProperties with **at least** API's name, version, context and endpointConfig. operationId: importAsyncAPISpecification requestBody: content: multipart/form-data: schema: properties: file: type: string description: Definition to upload as a file format: binary url: type: string description: Definition url additionalProperties: type: string description: Additional attributes specified as a stringified JSON with API's schema responses: 201: description: Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: Etag: description: Entity Tag of the respons resource. Used by caches, or in conditional requests (Will be supported in the future). schema: type: string Location: description: The URL of the newly created resource. schema: type: string Content-type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@streetlights.yml -F additionalProperties=@import-asyncapi.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/import-asyncapi"' /apis/{apiId}/asyncapi: get: tags: - APIs summary: Get AsyncAPI definition description: | This operation can be used to retrieve the AsyncAPI definition of an API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested AsyncAPI definition of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Willl= be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has beed modified the last time. Used by caches, or in conditional request (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: string example: "" 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: { } 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:api_view - apim:api_manage - apim:api_definition_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/01234567-0123-0123-0123-012345678901/asyncapi"' put: tags: - APIs summary: Update AsyncAPI definition description: | This operation can be used to update the AsyncAPI definition of an existing API. AsyncAPI definition to be updated is passed as a form data parameter 'apiDefinition'. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' requestBody: content: multipart/form-data: schema: properties: apiDefinition: type: string description: AsyncAPI definition of the API url: type: string description: AsyncAPI definition URL of the API file: type: string description: AsyncAPI definition as a file format: binary responses: 200: description: | OK. Successful response with updated AsyncAPI definition headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has beed modified the last time. Use =d by caches, or in conditional requests (Will be supported in future). schema: type: string Location: description: | The URL of the newly created resource. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: string example: "" 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@streetlights.yml "https://127.0.0.1:9443/api/am/publisher/v4/apis/01234567-0123-0123-0123-012345678901/asyncapi"' /apis/{apiId}/environments/{envId}/keys: get: tags: - APIs summary: Get environment specific API properties description: | This operation can be used to retrieve environment specific API properties from an existing API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/envId' responses: '200': description: | OK. Successful response with environment specific API properties content: application/json: schema: $ref: '#/components/schemas/EnvironmentProperties' '400': $ref: '#/components/responses/BadRequest' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/01234567-0123-0123-0123-012345678901/environments/9b37ac57-78b9-4fac-b0d4-dc8f4b15c023/keys"' put: tags: - APIs summary: Update environment specific API properties description: | This operation can be used to update the environment specific API properties of an existing API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/envId' requestBody: content: application/json: schema: $ref: '#/components/schemas/EnvironmentProperties' required: true responses: '200': description: | OK. Successful response with environment specific API properties content: application/json: schema: $ref: '#/components/schemas/EnvironmentProperties' '400': $ref: '#/components/responses/BadRequest' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/01234567-0123-0123-0123-012345678901/environments/9b37ac57-78b9-4fac-b0d4-dc8f4b15c023/keys"' /apis/{apiId}/operation-policies: get: tags: - API Operation Policies summary: | Get all API specific operation policies for an API description: | This operation provides you a list of all applicabale operation policies for an API operationId: getAllAPISpecificOperationPolicies parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - name: query in: query description: -Not supported yet- schema: type: string responses: 200: description: | OK. List of qualifying policies is returned. headers: Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/OperationPolicyDataList' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view #This scope was added as the publisher user needs to access this resource. Mediation_policy_view scope is not included in the Internal/Publisher user. - apim:api_manage - apim:mediation_policy_view - apim:mediation_policy_manage - apim:api_mediation_policy_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies"' post: tags: - API Operation Policies summary: Add an API specific operation policy description: | This operation can be used to add an API specifc operation policy. This policy cannot be used in other APIs. operationId: addAPISpecificOperationPolicy parameters: - $ref: '#/components/parameters/apiId' requestBody: content: multipart/form-data: schema: required: - type properties: policySpecFile: type: string description: Policy specification to upload format: binary synapsePolicyDefinitionFile: type: string description: Operation policy definition of synapse gateway to upload format: binary ccPolicyDefinitionFile: type: string description: Operation policy definition of choreo connect to upload format: binary required: true responses: 201: description: | OK. Operation policy uploaded headers: Location: description: | The URL of the uploaded operation policy of the API. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/OperationPolicyData' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_manage - apim:mediation_policy_create - apim:mediation_policy_manage - apim:api_mediation_policy_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F policySpecFile=@setHeader.yaml -F synapsePolicyDefinitionFile=@setHeader.j2 "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies"' /apis/{apiId}/operation-policies/{operationPolicyId}: get: tags: - API Operation Policies summary: Get policy details of an API specific policy description: | This operation can be used to retrieve a particular API specific operation policy. operationId: getOperationPolicyForAPIByPolicyId parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/operationPolicyId' responses: 200: description: | OK. Operation policy returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/OperationPolicyData' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view #This scope was added as the publisher user needs to access this resource. Mediation_policy_view scope is not included in the Internal/Publisher user. - apim:api_manage - apim:mediation_policy_view - apim:mediation_policy_manage - apim:api_mediation_policy_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' delete: tags: - API Operation Policies summary: Delete an API Specific Operation Policy description: | This operation can be used to delete an existing API specific opreation policy by providing the Id of the API and the Id of the policy. operationId: deleteAPISpecificOperationPolicyByPolicyId parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/operationPolicyId' responses: 200: description: | OK. Resource successfully deleted. content: {} 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_manage - apim:mediation_policy_create - apim:mediation_policy_manage - apim:api_mediation_policy_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' /apis/{apiId}/operation-policies/{operationPolicyId}/content: get: tags: - API Operation Policies summary: Download an API Specific Operation Policy description: | This operation can be used to download a particular API specific operation policy. operationId: getAPISpecificOperationPolicyContentByPolicyId parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/operationPolicyId' responses: 200: description: | OK. Operation policy returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/zip: schema: type: string format: binary 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view #This scope was added as the publisher user needs to access this resource. Mediation_policy_view scope is not included in the Internal/Publisher user. - apim:api_manage - apim:mediation_policy_view - apim:mediation_policy_manage - apim:api_mediation_policy_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a/content"' ###################################################### # The "API Endpoint Collection" resource APIs ###################################################### /apis/{apiId}/endpoints: get: tags: - API Endpoints summary: Get all API Endpoints description: | This operation can be used to get all the available endpoints of an API. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' responses: 200: description: | OK. List of API endpoints. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIEndpointList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_manage - apim:api_publish - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/endpoints?limit=10&offset=0"' operationId: getApiEndpoints post: tags: - API Endpoints summary: Add an Endpoint description: | This operation can be used to add an endpoint to an API. parameters: - $ref: '#/components/parameters/apiId' requestBody: description: Endpoint object that needs to be added content: application/json: schema: $ref: '#/components/schemas/APIEndpoint' required: true responses: 201: description: | Created. Successful response with the newly created API Endpoint object in the body. content: application/json: schema: $ref: '#/components/schemas/APIEndpoint' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/endpoints"' operationId: addApiEndpoint /apis/{apiId}/endpoints/{endpointId}: get: tags: - API Endpoints summary: Get an Endpoint description: | This operation can be used to get an endpoint of an API by UUID. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/endpointId' responses: 200: description: | OK. API Endpoint object is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIEndpoint' 500: $ref: '#/components/responses/InternalServerError' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_manage - apim:api_publish - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/endpoints/13092607-ed01-4fa1-bc64-5da0e2abe92c"' operationId: getApiEndpoint put: tags: - API Endpoints summary: Update an Endpoint description: | This operation can be used to update a API endpoint. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/endpointId' requestBody: description: API Endpoint object with updated details content: application/json: schema: $ref: '#/components/schemas/APIEndpoint' responses: 200: description: | OK. Updated API Endpoint is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIEndpoint' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 415: $ref: '#/components/responses/UnsupportedMediaType' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/endpoints/13092607-ed01-4fa1-bc64-5da0e2abe92c"' operationId: updateApiEndpoint delete: tags: - API Endpoints summary: Delete an Endpoint description: | This operation can be used to delete a API endpoint. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/endpointId' responses: 200: description: | OK. Endpoint deleted successfully. content: {} 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish - apim:api_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/endpoints/13092607-ed01-4fa1-bc64-5da0e2abe92c"' operationId: deleteApiEndpoint ###################################################### # API Labels APIs ###################################################### /apis/{apiId}/labels: get: tags: - API Labels summary: Get Labels of an API description: | This operation can be used to get the labels of an API. parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Successful response with Label object list content: application/json: schema: $ref: '#/components/schemas/LabelList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_view - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/96077508-fd01-4fae-bc64-5de0e2baf43c/labels"' operationId: getLabelsOfAPI /apis/{apiId}/attach-labels: post: tags: - API Labels Attach summary: Attach Labels to an API description: | This operation can be used to attach labels to an API. parameters: - $ref: '#/components/parameters/apiId' requestBody: description: | List of labels to be attached to the API content: application/json: schema: $ref: '#/components/schemas/RequestLabelList' required: true responses: 200: description: | OK. Successful response with updated Label object list content: application/json: schema: $ref: '#/components/schemas/LabelList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/01234567-0123-0123-0123-012345678901/attach-labels"' operationId: attachLabelsToAPI /apis/{apiId}/detach-labels: post: tags: - API Labels Detach summary: Detach Labels from an API description: | This operation can be used to detach labels from an API. parameters: - $ref: '#/components/parameters/apiId' requestBody: description: | List of labels to be detached from the API content: application/json: schema: $ref: '#/components/schemas/RequestLabelList' required: true responses: 200: description: | OK. Successful response with updated Label object list content: application/json: schema: $ref: '#/components/schemas/LabelList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:api_create - apim:api_manage - apim:api_publish x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/apis/01234567-0123-0123-0123-012345678901/detach-labels"' operationId: detachLabelsFromAPI ###################################################### # API themes related APIs ###################################################### /apis/{apiId}/api-themes: get: operationId: getApiThemes summary: Retrieve API themes description: Returns the list of API themes and their publish status for the given API. parameters: - name: publish in: query description: Filter themes based on published status required: false schema: type: boolean - name: apiId in: path required: true schema: type: string responses: 200: description: List of API themes content: application/json: schema: type: array items: $ref: '#/components/schemas/ContentPublishStatusResponse' 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/{apiId}/api-themes"' post: operationId: importApiTheme summary: Import API theme description: Imports an API theme as a zip file. parameters: - name: apiId in: path required: true schema: type: string requestBody: required: true content: multipart/form-data: schema: required: - file properties: file: type: string description: | The API theme zip file format: binary responses: 200: description: Successfully imported 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F "file=@api-theme.zip" "https://127.0.0.1:9443/api/am/publisher/v4/apis/{apiId}/api-themes"' /apis/{apiId}/api-themes/{id}/content: get: operationId: getApiThemeContent summary: Retrieve API theme as zip description: Returns the API theme as a zip file for the given API ID. parameters: - name: apiId in: path required: true schema: type: string - name: id in: path required: true schema: type: string responses: 200: description: Returns the API theme zip file content: application/zip: schema: type: string format: binary 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/{apiId}/api-themes/{id}/content" -o api-theme.zip' /apis/{apiId}/api-themes/{id}: delete: operationId: deleteApiTheme summary: Delete an API theme description: Deletes the API theme for the given API ID. parameters: - name: apiId in: path required: true schema: type: string - name: id in: path required: true schema: type: string responses: 200: description: Successfully deleted 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/apis/{apiId}/api-themes/{id}"' /apis/{apiId}/api-themes/{id}/status: post: operationId: updateApiThemeStatus summary: Update publish status of an API theme description: Publishes or unpublishes an API theme for the given API ID. parameters: - name: apiId in: path required: true schema: type: string - name: id in: path required: true schema: type: string requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/ContentPublishStatus" responses: 200: description: Successfully updated status 400: $ref: '#/components/responses/BadRequest' 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d ''{"ACTION": "PUBLISH"}'' "https://127.0.0.1:9443/api/am/publisher/v4/apis/{apiId}/api-themes/{id}/status"' ###################################################### # LLM Providers resource APIs ###################################################### /llm-providers: get: deprecated: true tags: - LLMProviders summary: Get all LLM providers description: | Get all LLM providers responses: 200: description: | OK. List of LLM providers. headers: Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/LLMProviderSummaryResponseList' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/llm-providers"' operationId: getLLMProviders /llm-providers/{llmProviderId}/api-definition: get: deprecated: true tags: - LLMProvider summary: Get LLM Provider's API Definition description: | Get LLM Provider's API Definition parameters: - name: llmProviderId in: path required: true schema: type: string responses: 200: description: | OK. API Definition content: application/json: schema: type: string security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f/api-definition"' operationId: getLLMProviderApiDefinition /llm-providers/{llmProviderId}/endpoint-configuration: get: deprecated: true tags: - LLMProvider summary: Get LLM provider's security configurations description: | Get LLM provider's endpoint security configurations parameters: - name: llmProviderId in: path required: true schema: type: string responses: 200: description: | OK. API Definition content: application/json: schema: $ref: '#/components/schemas/LLMProviderEndpointConfiguration' security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f/endpoint-configuration"' operationId: getLLMProviderEndpointConfiguration /llm-providers/{llmProviderId}/models: get: deprecated: true tags: - LLMProvider summary: Get LLM provider's model list description: | Get LLM provider's model list parameters: - name: llmProviderId in: path required: true schema: type: string responses: 200: description: | OK. List of models content: application/json: schema: type: array items: type: string security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f/models"' operationId: getLLMProviderModels ###################################################### # The "Individual LLM Provider" resource APIs ###################################################### /llm-providers/{llmProviderId}: get: deprecated: true tags: - LLMProvider summary: Get LLM Provider description: | Get a LLM Provider parameters: - name: llmProviderId in: path description: | LLM Provider ID required: true schema: type: string responses: 200: description: | OK. LLM Provider content: application/json: schema: $ref: '#/components/schemas/LLMProviderResponse' security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' operationId: getLLMProvider ###################################################### # AI Service Providers resource APIs ###################################################### /ai-service-providers: get: tags: - AIServiceProviders summary: Get all AI Service providers description: | Get all AI Service providers responses: 200: description: | OK. List of AI Service providers. headers: Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/AIServiceProviderSummaryResponseList' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/ai-service-providers"' operationId: getAIServiceProviders /ai-service-providers/{aiServiceProviderId}/api-definition: get: tags: - AIServiceProvider summary: Get AI Service Provider's API Definition description: | Get AI Service Provider's API Definition parameters: - name: aiServiceProviderId in: path required: true schema: type: string responses: 200: description: | OK. API Definition content: application/json: schema: type: string security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f/api-definition"' operationId: getAIServiceProviderApiDefinition /ai-service-providers/{aiServiceProviderId}/endpoint-configuration: get: tags: - AIServiceProvider summary: Get AI Service Provider's security configurations description: | Get AI Service Provider's endpoint security configurations parameters: - name: aiServiceProviderId in: path required: true schema: type: string responses: 200: description: | OK. API Definition content: application/json: schema: $ref: '#/components/schemas/AIServiceProviderEndpointConfiguration' security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f/endpoint-configuration"' operationId: getAIServiceProviderEndpointConfiguration /ai-service-providers/{aiServiceProviderId}/models: get: tags: - AIServiceProvider summary: Get AI Service Provider's model list description: | Get AI Service Provider's model list parameters: - name: aiServiceProviderId in: path required: true schema: type: string responses: 200: description: | OK. List of supported model families grouped by vendor content: application/json: schema: type: array items: $ref: '#/components/schemas/ModelProvider' security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f/models"' operationId: getAIServiceProviderModels ###################################################### # The "Individual AI Service Provider" resource APIs ###################################################### /ai-service-providers/{aiServiceProviderId}: get: tags: - AIServiceProvider summary: Get AI Service Provider description: | Get a AI Service Provider parameters: - name: aiServiceProviderId in: path description: | AI Service Provider ID required: true schema: type: string responses: 200: description: | OK. AI Service Provider content: application/json: schema: $ref: '#/components/schemas/AIServiceProviderResponse' security: - OAuth2Security: - apim:llm_provider_read x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' operationId: getAIServiceProvider /operation-policies: get: tags: - Operation Policies summary: | Get all common operation policies to all the APIs description: | This operation provides you a list of all common operation policies that can be used by any API operationId: getAllCommonOperationPolicies parameters: - $ref: '#/components/parameters/policyLimit' - $ref: '#/components/parameters/offset' - name: query in: query description: | **Search condition**. You can search in attributes by using an **":"** modifier. Eg. "name:addHeader" will match an API Policy if the provider of the API Policy contains "addHeader". "version:"v1"" will match an API Policy if the provider of the API Policy contains "v1". Also you can use combined modifiers Eg. name:addHeader&version:v1 will match an API Policy if the name of the API Policy is addHeader and version is v1. Supported attribute modifiers are [**version, name**] If query attributes are provided, this returns all API policies available under the given limit. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) schema: type: string responses: 200: description: | OK. List of qualifying policies is returned. headers: Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/OperationPolicyDataList' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:common_operation_policy_view - apim:common_operation_policy_manage - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/operation-policies"' post: tags: - Operation Policies summary: Add a new common operation policy description: | This operation can be used to add a new common operation policy. operationId: addCommonOperationPolicy requestBody: content: multipart/form-data: schema: required: - type properties: policySpecFile: type: string description: Operation policy specification to upload format: binary synapsePolicyDefinitionFile: type: string description: Operation policy definition of synapse gateway to upload format: binary ccPolicyDefinitionFile: type: string description: Operation policy definition of choreo connect to upload format: binary required: true responses: 201: description: | OK. Shared operation policy uploaded headers: Location: description: | The URL of the uploaded common operation policy of the API. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/OperationPolicyData' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:common_operation_policy_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: multipart/form-data" -F policySpecFile=@setHeader.yaml -F synapsePolicyDefinitionFile=@setHeader.j2 "https://127.0.0.1:9443/api/am/publisher/v4/operation-policies"' /operation-policies/export: get: tags: - Import Export summary: | Export an API Policy by its name and version description: | This operation provides you to export a preferred common API policy operationId: exportOperationPolicy parameters: - name: name in: query description: Policy name schema: type: string - name: version in: query description: Version of the policy schema: type: string - name: format in: query description: Format of the policy definition file schema: type: string responses: 200: description: | OK. Export Successful. headers: Content-Type: description: The content type of the body. schema: type: string content: application/zip: schema: type: string format: binary 403: $ref: '#/components/responses/Forbidden' 500: $ref: '#/components/responses/InternalServerError' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/operation-policies/export?name=addHeader&version=v1" > addHeader_v1.zip' /operation-policies/import: post: tags: - Import Export summary: Import an API Policy description: | This operation can be used to import an API Policy. requestBody: content: multipart/form-data: schema: required: - file properties: file: type: string description: Zip archive consisting on exported policy configuration format: binary responses: 200: description: | Created. Policy Imported Successfully. 403: $ref: '#/components/responses/Forbidden' 409: $ref: '#/components/responses/Conflict' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=add_header_v1.zip "https://127.0.0.1:9443/api/am/publisher/v4/operation-policies/import"' operationId: importOperationPolicy /operation-policies/{operationPolicyId}: get: tags: - Operation Policies summary: Get the details of a common operation policy by providing policy ID description: | This operation can be used to retrieve a particular common operation policy. operationId: getCommonOperationPolicyByPolicyId parameters: - $ref: '#/components/parameters/operationPolicyId' responses: 200: description: | OK. Operation policy returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/OperationPolicyData' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:common_operation_policy_view - apim:common_operation_policy_manage - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' delete: tags: - Operation Policies summary: Delete a common operation policy description: | This operation can be used to delete an existing common opreation policy by providing the Id of the policy. operationId: deleteCommonOperationPolicyByPolicyId parameters: - $ref: '#/components/parameters/operationPolicyId' responses: 200: description: | OK. Resource successfully deleted. content: {} 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:common_operation_policy_manage - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' /operation-policies/{operationPolicyId}/content: get: tags: - Operation Policies summary: Download a common operation policy description: | This operation can be used to download a selected common operation policy. operationId: getCommonOperationPolicyContentByPolicyId parameters: - $ref: '#/components/parameters/operationPolicyId' responses: 200: description: | OK. Operation policy returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/zip: schema: type: string format: binary 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:common_operation_policy_view - apim:common_operation_policy_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/operation-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a/content"' ###################################################### # The Gateway Policies API ###################################################### /gateway-policies: post: tags: - Gateway Policies summary: Engage gateway policies to the request, response, fault flows description: | This operation can be used to apply gateway policies to the request, response, fault flows. operationId: addGatewayPoliciesToFlows requestBody: description: Policy details object that needs to be added. content: application/json: schema: $ref: '#/components/schemas/GatewayPolicyMappings' required: true responses: 201: description: | OK. Policy mapping created successfully. headers: Location: description: | The URL of the created gateway policy mapping. schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/GatewayPolicyMappingInfo' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:gateway_policy_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/gateway-policies"' get: tags: - Gateway Policies summary: | Get all gateway policies mapping information description: | This operation provides you a list of all gateway policies mapping information. operationId: getAllGatewayPolicies parameters: - $ref: '#/components/parameters/policyLimit' - $ref: '#/components/parameters/offset' - name: query in: query description: | **Search condition**. You can search in attributes by using an **"gatewayLabel:"** modifier. Eg. The entry "gatewayLabel:gateway1" will result in a match with a Gateway Policy Mapping only if the policy mapping is deployed on "gateway1". If query attribute is provided, this returns the Gateway policy Mapping available under the given limit. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) schema: type: string responses: 200: description: | OK. List of gateway policies is returned. headers: Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/GatewayPolicyMappingDataList' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:gateway_policy_view - apim:gateway_policy_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/gateway-policies"' /gateway-policies/{gatewayPolicyMappingId}: get: tags: - Gateway Policies summary: Retrieve information of a selected gateway policy mapping description: | This operation can be used to retrieve information of a selected gateway policy mapping. operationId: getGatewayPolicyMappingContentByPolicyMappingId parameters: - $ref: '#/components/parameters/gatewayPolicyMappingId' responses: 200: description: | OK. Gateway policy mapping information returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/GatewayPolicyMappings' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:gateway_policy_view - apim:gateway_policy_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/gateway-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' delete: tags: - Gateway Policies summary: Delete a gateway policy mapping description: | This operation can be used to delete an existing gateway policy mapping by providing the Id of the policy mapping. operationId: deleteGatewayPolicyByPolicyId parameters: - $ref: '#/components/parameters/gatewayPolicyMappingId' responses: 200: description: | OK. Resource successfully deleted. content: { } 403: $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:gateway_policy_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/gateway-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' put: tags: - Gateway Policies summary: Update gateway policies added to the request, response, fault flows description: | This operation can be used to update already added gateway policies to the request, response, fault flows. operationId: updateGatewayPoliciesToFlows parameters: - $ref: '#/components/parameters/gatewayPolicyMappingId' requestBody: description: Policy details object that needs to be updated. content: application/json: schema: $ref: '#/components/schemas/GatewayPolicyMappings' required: true responses: 200: description: | OK. Policy mapping updated successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/GatewayPolicyMappings' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:gateway_policy_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/gateway-policies/f56eb8b4-128c-45aa-ad35-9c87a546261a"' /gateway-policies/{gatewayPolicyMappingId}/deploy: post: tags: - Gateway Policies summary: Engage gateway policy mapping to the gateways description: | This operation can be used to engage gateway policy mapping to the gateway/s. operationId: engageGlobalPolicy parameters: - $ref: '#/components/parameters/gatewayPolicyMappingId' requestBody: description: Policy details object that needs to be added. content: application/json: schema: type: array items: $ref: '#/components/schemas/GatewayPolicyDeployment' required: true responses: 200: description: | OK. Gateway policy mapping engaged successfully. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: array items: $ref: '#/components/schemas/GatewayPolicyDeployment' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:gateway_policy_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/publisher/v4/gateway-policies/deploy"' /api-products/change-lifecycle: post: tags: - API Product Lifecycle summary: Change API Product LC Status description: | This operation is used to change the lifecycle of an API Product. Eg: Publish an API Product which is in `CREATED` state. In order to change the lifecycle, we need to provide the lifecycle `action` as a query parameter. For example, to Publish an API Product, `action` should be `Publish`. Note that the `Re-publish` action is available only after calling `Block`. Some actions supports providing additional paramters which should be provided as `lifecycleChecklist` parameter. Please see parameters table for more information. parameters: - name: action in: query description: | The action to demote or promote the state of the API Product. Supported actions are [ **Publish**, **Deploy as a Prototype**, **Demote to Created**, **Block**, **Deprecate**, **Re-Publish**, **Retire** ] required: true schema: type: string enum: - Publish - Deploy as a Prototype - Demote to Created - Block - Deprecate - Re-Publish - Retire - name: lifecycleChecklist in: query description: | Supported checklist items are as follows. 1. **Deprecate old versions after publishing the API**: Setting this to true will deprecate older versions of a particular API Product when it is promoted to Published state from Created state. 2. **Requires re-subscription when publishing the API**: If you set this to true, users need to re subscribe to the API Products although they may have subscribed to an older version. You can specify additional checklist items by using an **"attribute:"** modifier. Eg: "Deprecate old versions after publishing the API:true" will deprecate older versions of a particular API Product when it is promoted to Published state from Created state. Multiple checklist items can be given in "attribute1:true, attribute2:false" format. **Sample CURL :** curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -X POST "https://localhost:9443/api/am/publisher/v4/api-products/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish&lifecycleChecklist=Deprecate%20old%20versions%20after%20publishing%20the%20API%3Atrue,Requires%20re-subscription%20when%20publishing%20the%20API%3Afalse" schema: type: string - $ref: '#/components/parameters/apiProductId-Q' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Lifecycle changed successfully. content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 400: $ref: '#/components/responses/BadRequest' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_publish - apim:api_manage - apim:api_product_import_export x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/change-lifecycle?apiId=890a4f4d-09eb-4877-a323-57f6ce2ed79b&action=Publish"' operationId: changeAPIProductLifecycle /api-products/{apiProductId}/lifecycle-history: get: tags: - API Product Lifecycle summary: Get Lifecycle State Change History of the API Products. description: | This operation can be used to retrieve Lifecycle state change history of the API Products. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Lifecycle state change history returned successfully. content: application/json: schema: $ref: '#/components/schemas/LifecycleHistory' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-history"' operationId: getAPIProductLifecycleHistory /api-products/{apiProductId}/lifecycle-state: get: tags: - API Product Lifecycle summary: Get Lifecycle State Data of the API Product. description: | This operation can be used to retrieve Lifecycle state data of the API Product. parameters: - $ref: '#/components/parameters/apiProductId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Lifecycle state data returned successfully. content: application/json: schema: $ref: '#/components/schemas/LifecycleState' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_publish - apim:api_create - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state"' operationId: getAPIProductLifecycleState /api-products/{apiProductId}/lifecycle-state/pending-tasks: delete: tags: - API Product Lifecycle summary: Delete Pending Lifecycle State Change Tasks description: | This operation can be used to remove pending lifecycle state change requests that are in pending state parameters: - $ref: '#/components/parameters/apiProductId' responses: 200: description: | OK. Lifecycle state change pending task removed successfully. content: {} 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:api_publish - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/api-products/890a4f4d-09eb-4877-a323-57f6ce2ed79b/lifecycle-state/pending-tasks"' operationId: deleteAPIProductLifecycleStatePendingTasks ###################################################### # The "Workflow Collection" resource APIs ###################################################### /workflows: get: tags: - Workflow (Collection) summary: | Retrieve All Pending Workflow Processes description: | This operation can be used to retrieve list of workflow pending processes. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/Accept' - name: workflowType in: query description: | We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_SUBSCRIPTION_CREATION, AM_SUBSCRIPTION_UPDATE. schema: type: string enum: - AM_SUBSCRIPTION_CREATION - AM_SUBSCRIPTION_UPDATE responses: 200: description: | OK. Workflow pendding process list returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:subscription_approval_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/workflows"' /workflows/{externalWorkflowRef}: get: tags: - Workflows (Individual) summary: | Get Pending Workflow Details by External Workflow Reference description: | Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. parameters: - name: externalWorkflowRef in: path description: | from the externel workflow reference we decide what is the the pending request that the are requesting. required: true schema: type: string responses: 200: description: | OK. Requested Workflow Pending is returned content: application/json: schema: $ref: '#/components/schemas/WorkflowInfo' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:subscription_approval_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/workflows/c43a325c-260b-4302-81cb-768eafaa3aed"' /workflows/update-workflow-status: post: tags: - Workflows (Individual) summary: Update Workflow Status description: | This operation can be used to approve or reject a workflow task. parameters: - $ref: '#/components/parameters/workflowReferenceId-Q' requestBody: description: | Workflow event that need to be updated content: application/json: schema: $ref: '#/components/schemas/Workflow' required: true responses: 200: description: | OK. Workflow request information is returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Workflow' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:subscription_approval_view - apim:subscription_approval_manage x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/workflows/update-workflow-status?workflowReferenceId=56e3a170-a7a7-45f8-b051-7e43a58a67e1"' ###################################################### # The "Label Collection" resource API ###################################################### /labels: get: tags: - Labels (Collection) summary: Get all Labels description: | Get all Labels responses: 200: description: | OK. Labels returned content: application/json: schema: $ref: '#/components/schemas/LabelList' security: - OAuth2Security: - apim:api_view - apim:api_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/publisher/v4/labels"' operationId: getAllLabels components: schemas: ContentPublishStatus: type: object properties: action: type: string enum: - PUBLISH - UNPUBLISH example: action: PUBLISH ContentPublishStatusResponse: type: object properties: id: type: string description: UUID of the api-theme published: type: boolean description: Publish status of the api-theme DesignAssistantChatQuery: type: object properties: text: type: string example: create an API for a banking transaction session_id: type: string example: 1234567890 DesignAssistantChatResponse: type: object properties: backendResponse: type: string isSuggestions: type: boolean example: true typeOfApi: type: string example: REST code: type: string paths: type: array example: [] items: type: string apiTypeSuggestion: type: string example: This is suitable for CRUD operations in banking. Do you want to proceed? missingValues: type: string state: type: string example: COMPLETE DesignAssistantGenAPIPayload: type: object properties: session_id: type: string example: 1234567890 DesignAssistantAPIPayloadResponse: type: object properties: generated_payload: type: string SequenceBackendList: title: Sequence Backend List type: object properties: count: type: integer description: | Number of Sequence Backends returned. example: 1 list: type: array items: $ref: '#/components/schemas/SequenceBackend' SequenceBackend: title: Sequence Backend type: object properties: sequenceId: type: string readOnly: true example: 943d3002-000c-42d3-a1b9-d6559f8a4d49 sequenceName: type: string readOnly: true example: 943d3002-000c-42d3-a1b9-d6559f8a4d49-SANDBOX sequenceType: type: string readOnly: true example: SANDBOX sequence: type: string format: binary readOnly: true Comment: title: Comment required: - content type: object properties: id: type: string readOnly: true example: 943d3002-000c-42d3-a1b9-d6559f8a4d49 content: maxLength: 512 type: string example: This is a comment createdTime: type: string readOnly: true example : 2021-02-11-09:57:25 createdBy: type: string readOnly: true example: admin updatedTime: type: string readOnly: true example : 2021-02-12-19:57:25 category: type: string readOnly: true default: general example : general parentCommentId: type: string readOnly: true example: 6f38aea2-f41e-4ac9-b3f2-a9493d00ba97 entryPoint: type: string readOnly: true enum: [devPortal, publisher] commenterInfo: $ref: '#/components/schemas/CommenterInfo' replies: $ref: '#/components/schemas/CommentList' CommentList: title: Comments List type: object properties: count: type: integer readOnly: true description: | Number of Comments returned. example: 1 list: type: array readOnly: true items: $ref: '#/components/schemas/Comment' pagination: $ref: '#/components/schemas/Pagination' CommenterInfo: type: object properties: firstName: type: string example: John lastName: type: string example: David fullName: type: string example: John David APIList: title: API List type: object properties: count: type: integer description: | Number of APIs returned. example: 1 list: type: array items: $ref: '#/components/schemas/APIInfo' pagination: $ref: '#/components/schemas/Pagination' APIMetadataList: title: API metadata List type: object properties: count: type: integer description: | Number of APIs returned. example: 1 list: type: array items: $ref: '#/components/schemas/APIMetadata' pagination: $ref: '#/components/schemas/Pagination' APIInfo: title: API Info object with basic API details. type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorAPI displayName: type: string example: Calculator API description: | Display name of the API. This is the name that will be displayed in the Publisher and DevPortal. If not provided, the name will be used as the display name. description: type: string example: A calculator API that supports basic operations context: type: string example: CalculatorAPI additionalProperties: type: array items: type: object properties: name: type: string value: type: string display: type: boolean description: Map of custom properties of API additionalPropertiesMap: type: object additionalProperties: type: object properties: name: type: string value: type: string display: type: boolean default: false version: type: string example: 1.0.0 provider: type: string description: | If the provider value is not given, the user invoking the API will be used as the provider. example: admin type: type: string example: HTTP subtype: type: string description: Subtype of the API. default: DEFAULT example: AIAPI readOnly: true audience: type: string description: The audience of the API. Accepted values are PUBLIC, SINGLE example: PUBLIC enum: - PUBLIC - SINGLE audiences: type: array description: The audiences of the API for jwt validation. Accepted values are any String values items: type: string example: [ "aud1","aud2","aud3" ] lifeCycleStatus: type: string example: CREATED workflowStatus: type: string example: APPROVED hasThumbnail: type: boolean example: true securityScheme: type: array items: type: string createdTime: type: string example : 2021-02-11 09:57:25 updatedTime: type: string example : 2021-02-11 09:57:25 updatedBy: type: string example: wso2.system.user gatewayVendor: type: string example: wso2 gatewayType: title: Field to identify gateway type. type: string description: Accepts one of the following. wso2/synapse, wso2/apk. example: wso2/synapse default: wso2/synapse advertiseOnly: type: boolean example: true monetizedInfo: type: boolean example: true businessOwner: type: string example: Business Owner businessOwnerEmail: type: string example: businessowner@abc.com TechnicalOwner: type: string example: Technical Owner TechnicalOwnerEmail: type: string example: technicalowner@abc.com egress: type: boolean description: Whether the API is EGRESS or not default: false example: true initiatedFromGateway: type: boolean description: | Whether the API is initiated from the gateway or not. This is used to identify whether the API is created from the Publisher or from the Gateway. default: false example: true APIMetadata: title: API Info object with basic minimal API details. type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorAPI context: type: string example: CalculatorAPI version: type: string example: 1.0.0 provider: type: string description: | If the provider value is not given, the user invoking the API will be used as the provider. example: admin Topic: title: Topic object required: - name - mode - description type: object properties: id: type: string description: id readOnly: true example: 1222344 name: maxLength: 50 minLength: 1 pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\s+\[\]\/]*$)' type: string example: PizzaShackAPI mode: maxLength: 20 type: string example: Pizza description: maxLength: 32766 type: string example: This is a simple API for Pizza Shack online pizza delivery store. TopicList: title: Topic List type: object properties: count: type: integer description: | Number of Topics returned. example: 1 list: type: array items: $ref: '#/components/schemas/Topic' pagination: $ref: '#/components/schemas/Pagination' Workflow: title: workflow required: - status type: object properties: status: type: string description: | This attribute declares whether this workflow task is approved or rejected. example: APPROVED enum: - APPROVED - REJECTED attributes: type: object additionalProperties: type: string description: | Custom attributes to complete the workflow task example: {} description: type: string example: Approve workflow request. WorkflowList: title: WorkflowList type: object properties: count: type: integer description: | Number of workflow processes returned. example: 1 next: type: string description: | Link to the next subset of resources qualified. Empty if no more resources are to be returned. example: /workflows?limit=1&offset=2&user= previous: type: string description: | Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. example: /workflows?limit=1&offset=0&user= list: type: array items: $ref: '#/components/schemas/WorkflowInfo' WorkflowInfo: title: Workflow info object with basic workflow details type: object properties: workflowType: type: string description: | Type of the Workflow Request. It shows which type of request is it. example: APPLICATION_CREATION enum: - APPLICATION_CREATION - SUBSCRIPTION_CREATION - USER_SIGNUP - APPLICATION_REGISTRATION_PRODUCTION - APPLICATION_REGISTRATION_SANDBOX - APPLICATION_DELETION - API_STATE - API_PRODUCT_STATE - SUBSCRIPTION_DELETION - SUBSCRIPTION_UPDATE - REVISION_DEPLOYMENT workflowStatus: type: string description: | Show the Status of the the workflow request whether it is approved or created. example: APPROVED enum: - APPROVED - CREATED createdTime: type: string description: | Time of the the workflow request created. example: 2020-02-10 10:10:19.704 updatedTime: type: string description: | Time of the the workflow request updated. example: 2020-02-10 10:10:19.704 referenceId: type: string description: | Workflow external reference is used to identify the workflow requests uniquely. example: 5871244b-d6f3-466e-8995-8accd1e64303 properties: type: object properties: { } description: type: string description: | description is a message with basic details about the workflow request. example: Approve application [APP1] creation request from application creator - admin with throttling tier - 10MinPer SubtypeConfiguration: type: object description: Configuration settings for the subtype properties: subtype: type: string description: The designated name of the subtype. default: DEFAULT example: proxy readOnly: true configuration: type: object description: Specific configuration properties related to the subtype. CommentRequest: title: Comment request body type: object properties: content: type: string maxLength: 512 description: | Content of the comment example: This is a comment category: type: string description: | Category of the comment example: general required: - content API: title: API object required: - context - name - version type: object properties: id: type: string description: | UUID of the api registry artifact readOnly: true example: 01234567-0123-0123-0123-012345678901 name: minLength: 1 pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\[\]\/]*$)' type: string example: PizzaShackAPI displayName: description: Human-friendly name shown in UI. Length limited to DB column size. type: string example: Pizza Shack API description: maxLength: 32766 type: string example: This is a simple API for Pizza Shack online pizza delivery store. context: maxLength: 232 minLength: 1 type: string example: pizza version: maxLength: 30 minLength: 1 type: string pattern: '^[^~!@#;:%^*()+={}|\\<>"'',&/$\[\]\s+\/]+$' example: 1.0.0 provider: maxLength: 200 type: string description: | If the provider value is not given user invoking the api will be used as the provider. example: admin lifeCycleStatus: type: string example: CREATED x-otherScopes: - apim:api_publish - apim:api_manage wsdlInfo: $ref: '#/components/schemas/WSDLInfo' wsdlUrl: type: string readOnly: true example: /apimgt/applicationdata/wsdls/admin--soap1.wsdl responseCachingEnabled: type: boolean example: true cacheTimeout: type: integer example: 300 hasThumbnail: type: boolean example: false isDefaultVersion: type: boolean example: false isRevision: type: boolean example: false revisionedApiId: type: string description: | UUID of the api registry artifact readOnly: true example: 01234567-0123-0123-0123-012345678901 revisionId: type: integer example: 1 enableSchemaValidation: type: boolean example: false enableSubscriberVerification: type: boolean example: false type: type: string description: The api creation type to be used. Accepted values are HTTP, WS, SOAPTOREST, GRAPHQL, WEBSUB, SSE, WEBHOOK, ASYNC example: HTTP default: HTTP enum: - HTTP - WS - SOAPTOREST - SOAP - GRAPHQL - WEBSUB - SSE - WEBHOOK - ASYNC audience: type: string description: The audience of the API. Accepted values are PUBLIC, SINGLE example: PUBLIC enum: - PUBLIC - SINGLE audiences: type: array description: The audiences of the API for jwt validation. Accepted values are any String values items: type: string example: [ "aud1","aud2","aud3" ] transport: type: array description: | Supported transports for the API (http and/or https). example: - http - https items: type: string tags: type: array example: - pizza - food items: type: string x-otherScopes: - apim:api_publish - apim:api_manage policies: type: array example: - Unlimited items: type: string x-otherScopes: - apim:api_publish - apim:api_manage organizationPolicies: type: array items: $ref: '#/components/schemas/OrganizationPolicies' x-otherScopes: - apim:api_publish - apim:api_manage apiThrottlingPolicy: type: string description: The API level throttling policy selected for the particular API example: Unlimited x-otherScopes: - apim:api_publish - apim:api_manage authorizationHeader: type: string pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\s+]*$)' description: | Name of the Authorization header used for invoking the API. If it is not set, Authorization header name specified in tenant or system level will be used. example: Authorization apiKeyHeader: type: string pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\s+]*$)' description: | Name of the API key header used for invoking the API. If it is not set, default value `apiKey` will be used. example: apiKey securityScheme: type: array description: | Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If it is not set OAuth2 will be set as the security for the current API. example: - oauth2 items: type: string maxTps: $ref: '#/components/schemas/APIMaxTps' visibility: type: string description: The visibility level of the API. Accepts one of the following. PUBLIC, PRIVATE, RESTRICTED. example: PUBLIC default: PUBLIC enum: - PUBLIC - PRIVATE - RESTRICTED x-otherScopes: - apim:api_publish - apim:api_manage visibleRoles: type: array description: The user roles that are able to access the API in Developer Portal example: [] items: type: string x-otherScopes: - apim:api_publish - apim:api_manage visibleTenants: type: array example: [] items: type: string visibleOrganizations: type: array description: The organizations that are able to access the API in Developer Portal example: [] items: type: string x-otherScopes: - apim:api_publish - apim:api_manage mediationPolicies: type: array example: - name: json_to_xml_in_message type: in - name: xml_to_json_out_message type: out - name: json_fault type: fault items: $ref: '#/components/schemas/MediationPolicy' apiPolicies: $ref: '#/components/schemas/APIOperationPolicies' subscriptionAvailability: type: string description: The subscription availability. Accepts one of the following. CURRENT_TENANT, ALL_TENANTS or SPECIFIC_TENANTS. example: CURRENT_TENANT default: CURRENT_TENANT enum: - CURRENT_TENANT - ALL_TENANTS - SPECIFIC_TENANTS x-otherScopes: - apim:api_publish - apim:api_manage subscriptionAvailableTenants: type: array example: [] items: type: string additionalProperties: type: array description: Map of custom properties of API items: type: object properties: name: type: string value: type: string display: type: boolean x-otherScopes: - apim:api_publish - apim:api_manage additionalPropertiesMap: type: object additionalProperties: type: object properties: name: type: string value: type: string display: type: boolean default: false x-otherScopes: - apim:api_publish - apim:api_manage monetization: $ref: '#/components/schemas/APIMonetizationInfo' accessControl: type: string description: | Is the API is restricted to certain set of publishers or creators or is it visible to all the publishers and creators. If the accessControl restriction is none, this API can be modified by all the publishers and creators, if not it can only be viewable/modifiable by certain set of publishers and creators, based on the restriction. default: NONE enum: - NONE - RESTRICTED accessControlRoles: type: array description: The user roles that are able to view/modify as API publisher or creator. example: [] items: type: string businessInformation: allOf: - $ref: '#/components/schemas/APIBusinessInformation' x-otherScopes: - apim:api_publish - apim:api_manage corsConfiguration: $ref: '#/components/schemas/APICorsConfiguration' websubSubscriptionConfiguration: $ref: '#/components/schemas/WebsubSubscriptionConfiguration' workflowStatus: type: string example: APPROVED createdTime: type: string lastUpdatedTimestamp: type: string lastUpdatedTime: type: string x-otherScopes: - apim:api_publish - apim:api_manage endpointConfig: type: object properties: {} description: | Endpoint configuration of the API. This can be used to provide different types of endpoints including Simple REST Endpoints, Loadbalanced and Failover. `Simple REST Endpoint` { "endpoint_type": "http", "sandbox_endpoints": { "url": "https://localhost:9443/am/sample/pizzashack/v3/api/" }, "production_endpoints": { "url": "https://localhost:9443/am/sample/pizzashack/v3/api/" } } `Loadbalanced Endpoint` { "endpoint_type": "load_balance", "algoCombo": "org.apache.synapse.endpoints.algorithms.RoundRobin", "sessionManagement": "", "sandbox_endpoints": [ { "url": "https://localhost:9443/am/sample/pizzashack/v3/api/1" }, { "endpoint_type": "http", "template_not_supported": false, "url": "https://localhost:9443/am/sample/pizzashack/v3/api/2" } ], "production_endpoints": [ { "url": "https://localhost:9443/am/sample/pizzashack/v3/api/3" }, { "endpoint_type": "http", "template_not_supported": false, "url": "https://localhost:9443/am/sample/pizzashack/v3/api/4" } ], "sessionTimeOut": "", "algoClassName": "org.apache.synapse.endpoints.algorithms.RoundRobin" } `Failover Endpoint` { "production_failovers":[ { "endpoint_type":"http", "template_not_supported":false, "url":"https://localhost:9443/am/sample/pizzashack/v3/api/1" } ], "endpoint_type":"failover", "sandbox_endpoints":{ "url":"https://localhost:9443/am/sample/pizzashack/v3/api/2" }, "production_endpoints":{ "url":"https://localhost:9443/am/sample/pizzashack/v3/api/3" }, "sandbox_failovers":[ { "endpoint_type":"http", "template_not_supported":false, "url":"https://localhost:9443/am/sample/pizzashack/v3/api/4" } ] } `Default Endpoint` { "endpoint_type":"default", "sandbox_endpoints":{ "url":"default" }, "production_endpoints":{ "url":"default" } } `Endpoint from Endpoint Registry` { "endpoint_type": "Registry", "endpoint_id": "{registry-name:entry-name:version}", } `AWS Lambda as Endpoint` { "endpoint_type":"awslambda", "access_method":"role-supplied|stored", "assume_role":true|false, "amznAccessKey":"access_method==stored?:", "amznSecretKey":"access_method==stored?:", "amznRegion":"access_method==stored?:", "amznRoleArn":"assume_role==true?:", "amznRoleSessionName":"assume_role==true?:", "amznRoleRegion":"assume_role==true?:" } example: endpoint_type: http sandbox_endpoints: url: https://localhost:9443/am/sample/pizzashack/v3/api/ production_endpoints: url: https://localhost:9443/am/sample/pizzashack/v3/api/ primaryProductionEndpointId: type: string example: "13092607-ed01-4fa1-bc64-5da0e2abe92c" primarySandboxEndpointId: type: string example: "13092607-ed01-4fa1-bc64-5da0e2abe92c" endpointImplementationType: type: string example: INLINE default: ENDPOINT enum: - INLINE - ENDPOINT - MOCKED_OAS subtypeConfiguration: $ref: '#/components/schemas/SubtypeConfiguration' scopes: type: array items: $ref: '#/components/schemas/APIScope' operations: type: array example: - target: /order/{orderId} verb: POST authType: Application & Application User throttlingPolicy: Unlimited - target: /menu verb: GET authType: Application & Application User throttlingPolicy: Unlimited items: $ref: '#/components/schemas/APIOperations' threatProtectionPolicies: type: object properties: list: type: array items: type: object properties: policyId: type: string priority: type: integer categories: type: array description: | API categories items: type: string example: "" x-otherScopes: - apim:api_publish keyManagers: type: object properties: {} description: | API Key Managers readOnly: true serviceInfo: type: object properties: key: type: string example: PetStore-1.0.0 name: type: string example: PetStore version: type: string example: 1.0.0 outdated: type: boolean example: false advertiseInfo: $ref: '#/components/schemas/AdvertiseInfo' gatewayVendor: title: field to identify gateway vendor type: string example: wso2 external gatewayType: title: Field to identify gateway type. type: string description: The gateway type selected for the API policies. Accepts one of the following. wso2/synapse, wso2/apk. example: wso2/synapse wso2/apk AWS default: wso2/synapse initiatedFromGateway: type: boolean description: | Whether the API is initiated from the gateway or not. This is used to identify whether the API is created from the publisher or discovered from the gateway. example: false default: false readOnly: true asyncTransportProtocols: type: array description: | Supported transports for the async API (http and/or https). example: - http - https items: type: string egress: type: boolean description: Whether the API is EGRESS or not default: false example: true x-scopes: - apim:api_create - apim:api_import_export - apim:api_manage MCPServer: title: MCP Server object required: - context - name - version type: object properties: id: type: string description: UUID of the MCP Server readOnly: true example: 01234567-0123-0123-0123-012345678901 name: type: string minLength: 1 pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\[\]\/]*$)' example: ReadingList displayName: description: Human-friendly name shown in UI. Length limited to DB column size. type: string example: Reading List description: type: string maxLength: 32766 example: This is a simple MCP server for a book store. context: type: string minLength: 1 maxLength: 232 example: books endpointConfig: type: object properties: { } description: | Endpoint configuration of the backend. version: type: string minLength: 1 maxLength: 30 pattern: '^[^~!@#;:%^*()+={}|\\<>"'',&/$\[\]\s+\/]+$' example: 1.0.0 provider: type: string maxLength: 200 description: If the provider value is not given user invoking the MCP Server will be used as the provider. example: admin lifeCycleStatus: type: string example: CREATED x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage hasThumbnail: type: boolean example: false isDefaultVersion: type: boolean example: false isRevision: type: boolean example: false revisionedMCPServerId: type: string description: UUID of the artifact readOnly: true example: 01234567-0123-0123-0123-012345678901 revisionId: type: integer example: 1 enableSchemaValidation: type: boolean example: false audiences: type: array description: The audiences of the MCP Server for jwt validation. Accepted values are any String values items: type: string example: [ "aud1", "aud2", "aud3" ] transport: type: array description: Supported transports for the MCP Server (http and/or https). example: - http - https items: type: string tags: type: array example: - pizza - food items: type: string x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage policies: type: array example: - Unlimited items: type: string x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage organizationPolicies: type: array items: $ref: '#/components/schemas/OrganizationPolicies' x-otherScopes: - apim:api_publish - apim:api_manage throttlingPolicy: type: string description: The MCP Server level throttling policy selected. example: Unlimited x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage authorizationHeader: type: string pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\s+]*$)' description: | Name of the Authorization header used for invoking the MCP Server. If it is not set, Authorization header name specified in tenant or system level will be used. example: Authorization apiKeyHeader: type: string pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\s+]*$)' description: | Name of the API key header used for invoking the MCP Server. If it is not set, default value`apiKey` will be used. example: apiKey securityScheme: type: array description: | Types of API security, the current MCP Server secured with. It can be either OAuth2 or mutual SSLor both. If it is not set OAuth2 will be set as the security. example: - oauth2 items: type: string maxTps: $ref: '#/components/schemas/MaxTps' visibility: type: string description: | The visibility level of the MCP Server. Accepts one of the following: PUBLIC, PRIVATE, RESTRICTED. example: PUBLIC default: PUBLIC enum: - PUBLIC - PRIVATE - RESTRICTED x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage visibleRoles: type: array description: The user roles that are able to access the MCP Server in Developer Portal example: [ ] items: type: string x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage visibleTenants: type: array example: [ ] items: type: string visibleOrganizations: type: array description: The organizations that are able to access the MCP server in Developer Portal example: [ ] items: type: string x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage mcpServerPolicies: $ref: '#/components/schemas/MCPServerOperationPolicies' subscriptionAvailability: type: string description: | The subscription availability. Accepts one of the following: CURRENT_TENANT, ALL_TENANTS, or SPECIFIC_TENANTS. example: CURRENT_TENANT default: CURRENT_TENANT enum: - CURRENT_TENANT - ALL_TENANTS - SPECIFIC_TENANTS x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage subscriptionAvailableTenants: type: array example: [ ] items: type: string additionalPropertiesMap: type: object additionalProperties: type: object properties: name: type: string value: type: string display: type: boolean default: false x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage monetization: $ref: '#/components/schemas/APIMonetizationInfo' accessControl: type: string description: | Is the MCP server restricted to certain publishers or creators or is it visible to all publishers and creators. If the accessControl restriction is NONE, this can be modified by all publishers and creators. Otherwise, it can only be viewable/modifiable by a specific set of users based on the restriction. default: NONE enum: - NONE - RESTRICTED accessControlRoles: type: array description: The user roles that are able to view/modify as publisher or creator. example: [ ] items: type: string businessInformation: allOf: - $ref: '#/components/schemas/APIBusinessInformation' x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage corsConfiguration: $ref: '#/components/schemas/APICorsConfiguration' workflowStatus: type: string example: APPROVED protocolVersion: type: string createdTime: type: string lastUpdatedTimestamp: type: string lastUpdatedTime: type: string x-otherScopes: - apim:mcp_server_publish - apim:mcp_server_manage subtypeConfiguration: $ref: '#/components/schemas/SubtypeConfiguration' scopes: type: array items: $ref: '#/components/schemas/MCPServerScope' operations: type: array example: - target: listBooks feature: TOOL authType: Application & Application User throttlingPolicy: Unlimited - target: addBook feature: TOOL authType: Application & Application User throttlingPolicy: Unlimited items: $ref: '#/components/schemas/MCPServerOperation' categories: type: array description: MCP Server categories items: type: string example: "" x-otherScopes: - apim:mcp_server_publish keyManagers: type: object properties: { } description: Key Managers readOnly: true gatewayVendor: title: field to identify gateway vendor type: string example: wso2 external gatewayType: title: Field to identify gateway type. type: string description: | The gateway type selected for the policies. Accepts one of the following: wso2/synapse, wso2/apk, AWS. example: wso2/synapse wso2/apk AWS default: wso2/synapse initiatedFromGateway: type: boolean description: | Whether the MCP Server is initiated from the gateway or not. This is used to identify whether the MCP Server is created from the publisher or discovered from the gateway. example: false default: false readOnly: true x-scopes: - apim:mcp_server_create - apim:mcp_server_import_export - apim:mcp_server_manage MCPServerMetadataList: title: MCP Server metadata List type: object properties: count: type: integer description: | Number of MCP Servers returned. example: 1 list: type: array items: $ref: '#/components/schemas/MCPServerMetadata' MCPServerMetadata: title: MCP Server Info object with basic minimal details. type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: PizzaShackAPI displayName: type: string example: PizzaShack API description: | Display name of the MCP Server. This is the name that will be displayed in the Publisher and DevPortal. If not provided, the name will be used as the display name. version: type: string example: 1.0.0 provider: type: string description: | If the provider value is not given, the user invoking the API will be used as the provider. example: admin #----------------------------------------------------- # The API Revision resource #----------------------------------------------------- APIRevision: title: API Info object with basic API details properties: displayName: type: string readOnly: true example: REVISION 1 id: type: string readOnly: true example: c26b2b9b-4632-4ca4-b6f3-521c8863990c description: maxLength: 255 minLength: 0 type: string example: removed a post resource createdTime: readOnly: true type: string format: date-time apiInfo: $ref: '#/components/schemas/APIRevisionAPIInfo' deploymentInfo: type: array readOnly: true items: $ref: '#/components/schemas/APIRevisionDeployment' #----------------------------------------------------- # The API Revision - API Info resource #----------------------------------------------------- APIRevisionAPIInfo: title: API Info object with basic Revisioned API details readOnly: true properties: id: type: string example: 01234567-0123-0123-0123-012345678901 #----------------------------------------------------- # The API Revision List resource #----------------------------------------------------- APIRevisionList: title: API Revisions List properties: count: type: integer description: | Number of API revisions returned example: 1 list: type: array items: $ref: '#/components/schemas/APIRevision' #----------------------------------------------------- # The API Revision Deployment List resource #----------------------------------------------------- APIRevisionDeploymentList: title: API Revision to Deployment mapped object with basic API deployment details properties: list: type: array items: $ref: '#/components/schemas/APIRevisionDeployment' #----------------------------------------------------- # The API Revision Deployment resource #----------------------------------------------------- APIRevisionDeployment: title: APIRevisionDeployment Info object with basic API deployment details properties: revisionUuid: maxLength: 255 minLength: 0 type: string example: c26b2b9b-4632-4ca4-b6f3-521c8863990c name: maxLength: 255 minLength: 1 type: string example: Default status: type: string example: CREATED default: CREATED enum: - CREATED - APPROVED - REJECTED vhost: maxLength: 255 minLength: 1 # hostname regex as per RFC 1123 (http://tools.ietf.org/html/rfc1123) and appended * pattern: '^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$' type: string example: mg.wso2.com displayOnDevportal: type: boolean example: true default: true deployedTime: readOnly: true type: string format: date-time successDeployedTime: readOnly: true type: string format: date-time liveGatewayCount: readOnly: true type: integer description: | The number of gateways that are currently live in the gateway environment example: 1 deployedGatewayCount: readOnly: true type: integer description: | The number of gateways in which the API revision is deployed successfully example: 1 failedGatewayCount: readOnly: true type: integer description: | The number of gateways where the API revision deployment has failed example: 1 AuditReport: title: Resource for Audit Report type: object properties: report: type: string description: | The API Security Audit Report grade: type: string description: | The overall grade of the Security Audit example: "27.95" numErrors: type: integer description: | The number of errors in the API Definition example: 20 externalApiId: type: string description: | The External API ID example: fd21f9f7-3674-49cf-8a83-dca401f635de APIProductList: title: API Product List type: object properties: count: type: integer description: | Number of API Products returned. example: 1 list: type: array items: $ref: '#/components/schemas/APIProductInfo' pagination: $ref: '#/components/schemas/Pagination' APIProductInfo: title: API Info object with basic API details. type: object properties: id: type: string description: | UUID of the api product readOnly: true example: 01234567-0123-0123-0123-012345678901 name: type: string description: Name of the API Product example: PizzaShackAPIProduct displayName: type: string example: Calculator Product API description: | Display name of the API Product. This is the name that will be displayed in the Publisher and DevPortal. If not provided, the name will be used as the display name. context: type: string example: pizzaproduct description: type: string description: A brief description about the API example: This is a simple API for Pizza Shack online pizza delivery store provider: type: string description: | If the provider value is not given, the user invoking the API will be used as the provider. example: admin version: type: string example: 1.0.0 hasThumbnail: type: boolean example: true state: type: string description: | State of the API product. Only published API products are visible on the Developer Portal securityScheme: type: array description: | Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If it is not set OAuth2 will be set as the security for the current API. example: - oauth2 items: type: string createdTime: type: string description: Created time as unix timestamp in milliseconds. example: 1756199448644 updatedTime: type: string description: Update time as unix timestamp in milliseconds. example: 1756199448644 gatewayVendor: type: string example: wso2 audiences: type: array description: The audiences of the API product for jwt validation. Accepted values are any String values items: type: string example: [ "aud1","aud2","aud3" ] monetizedInfo: type: boolean example: true businessOwner: type: string example: Business Owner businessOwnerEmail: type: string example: businessowner@abc.com TechnicalOwner: type: string example: Technical Owner TechnicalOwnerEmail: type: string example: technicalowner@abc.com egress: type: boolean description: Whether the APIProduct is EGRESS or not default: false example: true APIProduct: title: API Product object required: - name type: object properties: id: type: string description: | UUID of the api product readOnly: true example: 01234567-0123-0123-0123-012345678901 name: maxLength: 50 minLength: 1 type: string description: Name of the API Product example: PizzaShackAPIProduct displayName: description: Human-friendly name shown in UI. Length limited to DB column size. type: string example: Pizza Shack API Product context: maxLength: 60 minLength: 1 type: string example: pizzaproduct version: maxLength: 30 minLength: 1 type: string pattern: '^[^~!@#;:%^*()+={}|\\<>"'',&/$\[\]\s+\/]+$' example: 1.0.0 description: type: string description: A brief description about the API example: This is a simple API for Pizza Shack online pizza delivery store provider: maxLength: 50 type: string description: | If the provider value is not given, the user invoking the API will be used as the provider. example: admin hasThumbnail: type: boolean example: false state: type: string example: CREATED description: | State of the API product. Only published API products are visible on the Developer Portal default: CREATED enableSchemaValidation: type: boolean example: false isDefaultVersion: type: boolean example: false isRevision: type: boolean example: false revisionedApiProductId: type: string description: | UUID of the api product registry artifact readOnly: true example: 01234567-0123-0123-0123-012345678901 revisionId: type: integer example: 1 responseCachingEnabled: type: boolean example: true cacheTimeout: type: integer example: 300 visibility: type: string description: The visibility level of the API. Accepts one of the following. PUBLIC, PRIVATE, RESTRICTED. example: PUBLIC default: PUBLIC enum: - PUBLIC - PRIVATE - RESTRICTED visibleRoles: type: array description: The user roles that are able to access the API example: [] items: type: string visibleTenants: type: array example: [] items: type: string accessControl: type: string description: | Defines whether the API Product is restricted to certain set of publishers or creators or is it visible to all the publishers and creators. If the accessControl restriction is none, this API Product can be modified by all the publishers and creators, if not it can only be viewable/modifiable by certain set of publishers and creators, based on the restriction. default: NONE enum: - NONE - RESTRICTED accessControlRoles: type: array description: The user roles that are able to view/modify as API Product publisher or creator. example: [] items: type: string apiType: type: string description: The API type to be used. Accepted values are API, APIPRODUCT example: APIPRODUCT enum: - API - APIPRODUCT transport: type: array description: | Supported transports for the API (http and/or https). example: - http - https items: type: string tags: type: array example: - pizza - food items: type: string policies: type: array example: - Unlimited items: type: string apiThrottlingPolicy: type: string description: The API level throttling policy selected for the particular API Product example: Unlimited authorizationHeader: type: string description: | Name of the Authorization header used for invoking the API. If it is not set, Authorization header name specified in tenant or system level will be used. example: Authorization apiKeyHeader: type: string description: | Name of the API key header used for invoking the API. If it is not set, default value `apiKey` will be used. example: ApiKey securityScheme: type: array description: | Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If it is not set OAuth2 will be set as the security for the current API. example: - oauth2 items: type: string subscriptionAvailability: type: string description: The subscription availability. Accepts one of the following. CURRENT_TENANT, ALL_TENANTS or SPECIFIC_TENANTS. example: CURRENT_TENANT default: ALL_TENANTS enum: - CURRENT_TENANT - ALL_TENANTS - SPECIFIC_TENANTS subscriptionAvailableTenants: type: array example: [] items: type: string x-otherScopes: - apim:api_publish - apim:api_manage additionalProperties: type: array items: type: object properties: name: type: string value: type: string display: type: boolean description: Map of custom properties of API additionalPropertiesMap: type: object additionalProperties: type: object properties: name: type: string value: type: string display: type: boolean default: false monetization: $ref: '#/components/schemas/APIMonetizationInfo' businessInformation: $ref: '#/components/schemas/APIProductBusinessInformation' corsConfiguration: $ref: '#/components/schemas/APICorsConfiguration' createdTime: type: string lastUpdatedTime: type: string lastUpdatedTimestamp: type: string gatewayVendor: title: field to identify gateway vendor type: string example: wso2 apis: type: array description: | APIs and resources in the API Product. example: - name: PizzaShackAPI apiId: 01234567-0123-0123-0123-012345678901 version: "1.0" operations: - target: /order/{orderId} verb: POST authType: Application & Application User throttlingPolicy: Unlimited - target: /menu verb: GET authType: Application & Application User throttlingPolicy: Unlimited items: $ref: '#/components/schemas/ProductAPI' scopes: type: array example: [] items: $ref: '#/components/schemas/APIScope' categories: type: array description: | API categories example: [] items: type: string workflowStatus: type: string example: APPROVED audiences: type: array description: The audiences of the API for jwt validation. Accepted values are any String values items: type: string example: [ "aud1","aud2","aud3" ] egress: type: boolean description: Whether the APIProduct is EGRESS or not default: false example: true ProductAPI: title: ProductAPI required: - apiId type: object properties: name: type: string example: PizzaShackAPI apiId: type: string example: 01234567-0123-0123-0123-012345678901 version: type: string example: "1.0" operations: type: array items: $ref: '#/components/schemas/APIOperations' ResourcePath: title: ResourcePath required: - id type: object properties: id: type: integer example: 1 resourcePath: type: string example: /menu httpVerb: type: string example: GET ResourcePathList: title: ResourcePath List type: object properties: count: type: integer description: | Number of API Resource Paths returned. example: 1 list: type: array items: $ref: '#/components/schemas/ResourcePath' pagination: $ref: '#/components/schemas/Pagination' APIProductOutdatedStatus: title: APIProduct is outdated status type: object properties: isOutdated: type: boolean description: | Indicates if an API Product is outdated example: true APIProductBusinessInformation: type: object properties: businessOwner: maxLength: 120 type: string example: businessowner businessOwnerEmail: type: string example: businessowner@wso2.com technicalOwner: maxLength: 120 type: string example: technicalowner technicalOwnerEmail: type: string example: technicalowner@wso2.com Claim: title: Claim type: object properties: name: type: string example: email URI: type: string example: http://wso2.org/claims/emailaddress value: type: string example: admin@wso2.com SubscriberInfo: title: SubscriberInfo type: object properties: name: type: string example: admin claims: type: array items: $ref: '#/components/schemas/Claim' Application: title: Application required: - name - throttlingTier type: object properties: applicationId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorApp subscriber: type: string example: admin throttlingTier: type: string example: Unlimited description: type: string example: Sample calculator application groupId: type: string example: "" ApplicationInfo: title: Application info object with basic application details type: object properties: applicationId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorApp subscriber: type: string example: admin description: type: string example: Sample calculator application subscriptionCount: type: integer DocumentList: title: Document List type: object properties: count: type: integer description: | Number of Documents returned. example: 1 list: type: array items: $ref: '#/components/schemas/Document' pagination: $ref: '#/components/schemas/Pagination' Document: title: Document required: - name - sourceType - type - visibility type: object properties: documentId: type: string readOnly: true example: 01234567-0123-0123-0123-012345678901 name: maxLength: 255 minLength: 1 type: string example: PizzaShackDoc type: type: string example: HOWTO enum: - HOWTO - SAMPLES - PUBLIC_FORUM - SUPPORT_FORUM - API_MESSAGE_FORMAT - SWAGGER_DOC - OTHER summary: maxLength: 32766 minLength: 1 type: string example: Summary of PizzaShackAPI Documentation sourceType: type: string example: INLINE enum: - INLINE - MARKDOWN - URL - FILE sourceUrl: type: string readOnly: true example: "" fileName: type: string readOnly: true example: "" inlineContent: type: string example: This is doc content. This can have many lines. otherTypeName: type: string readOnly: true example: "" visibility: type: string example: API_LEVEL enum: - OWNER_ONLY - PRIVATE - API_LEVEL createdTime: type: string readOnly: true createdBy: type: string example: admin lastUpdatedTime: type: string readOnly: true lastUpdatedBy: type: string readOnly: true example: admin GraphQLSchema: title: GraphQL Schema required: - name type: object properties: name: type: string example: admin--HackerNewsAPI.graphql schemaDefinition: type: string GraphQLQueryComplexityInfo: title: GraphQL Query Complexity Info type: object properties: list: type: array items: $ref: '#/components/schemas/GraphQLCustomComplexityInfo' GraphQLCustomComplexityInfo: title: GraphQL Custom Complexity Info required: - complexityValue - field - type type: object properties: type: type: string description: | The type found within the schema of the API example: Country field: type: string description: | The field which is found under the type within the schema of the API example: name complexityValue: type: integer description: | The complexity value allocated for the associated field under the specified type example: 1 GraphQLSchemaTypeList: title: List of types and corresponding fields of the GraphQL Schema type: object properties: typeList: type: array items: $ref: '#/components/schemas/GraphQLSchemaType' GraphQLSchemaType: title: Single type and corresponding fields found within the GraphQL Schema type: object properties: type: type: string description: | Type found within the GraphQL Schema example: Country fieldList: type: array description: | Array of fields under current type example: - code - name items: type: string ThrottlingPolicyList: title: Throttling policy list type: object properties: count: type: integer description: | Number of Tiers returned. example: 1 list: type: array items: $ref: '#/components/schemas/ThrottlingPolicy' pagination: $ref: '#/components/schemas/Pagination' ThrottlingPolicy: title: Tier required: - name - requestCount - stopOnQuotaReach - tierPlan - unitTime type: object properties: name: type: string example: Platinum description: type: string example: Allows 50 request(s) per minute. policyLevel: type: string example: api enum: - subscription - api displayName: type: string example: Platinum attributes: type: object additionalProperties: type: string description: | Custom attributes added to the policy policy example: {} requestCount: type: integer description: | Maximum number of requests which can be sent within a provided unit time format: int64 example: 50 dataUnit: description: | Unit of data allowed to be transfered. Allowed values are "KB", "MB" and "GB" type: string example: KB totalTokenCount: type: integer description: | Maximum number of total tokens which can be used within a provided unit time format: int64 example: 1000 promptTokenCount: type: integer description: | Maximum number of prompt tokens which can be used within a provided unit time format: int64 example: 500 completionTokenCount: type: integer description: | Maximum number of completion tokens which can be used within a provided unit time format: int64 example: 600 unitTime: type: integer format: int64 example: 60000 timeUnit: type: string example: min rateLimitCount: type: integer default: 0 description: Burst control request count example: 10 rateLimitTimeUnit: type: string description: Burst control time unit example: min quotaPolicyType: type: string description: Default quota limit type enum: - REQUESTCOUNT - BANDWIDTHVOLUME - AIAPIQUOTA example: REQUESTCOUNT tierPlan: type: string description: | This attribute declares whether this policy is available under commercial or free example: FREE enum: - FREE - COMMERCIAL stopOnQuotaReach: type: boolean description: | By making this attribute to false, you are capabale of sending requests even if the request count exceeded within a unit time example: true monetizationProperties: type: object additionalProperties: type: string description: Properties of a tier plan which are related to monetization example: {} SubscriptionPolicyList: title: Subscription policy list type: object properties: count: type: integer description: | Number of Tiers returned. example: 1 list: type: array description: | Array of SubscriptionPolicies items: $ref: '#/components/schemas/SubscriptionPolicy' pagination: $ref: '#/components/schemas/Pagination' SubscriptionList: title: Subscription List type: object properties: count: type: integer description: | Number of Subscriptions returned. example: 1 list: type: array items: $ref: '#/components/schemas/Subscription' pagination: $ref: '#/components/schemas/Pagination' Subscription: title: Subscription required: - applicationInfo - subscriptionId - subscriptionStatus - throttlingPolicy type: object properties: subscriptionId: type: string example: 01234567-0123-0123-0123-012345678901 applicationInfo: $ref: '#/components/schemas/ApplicationInfo' throttlingPolicy: type: string example: Unlimited subscriptionStatus: type: string example: BLOCKED enum: - BLOCKED - PROD_ONLY_BLOCKED - UNBLOCKED - ON_HOLD - REJECTED - TIER_UPDATE_PENDING - DELETE_PENDING ThrottlePolicy: title: Generic Throttling Policy required: - policyName type: object properties: policyId: type: string description: Id of policy readOnly: true example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 policyName: maxLength: 60 minLength: 1 type: string description: Name of policy example: 30PerMin displayName: type: string description: Display name of the policy example: 30PerMin maxLength: 512 description: maxLength: 1024 type: string description: Description of the policy example: Allows 30 request per minute isDeployed: type: boolean description: Indicates whether the policy is deployed successfully or not. default: false type: type: string description: Indicates the type of throttle policy discriminator: propertyName: type GraphQLQuery: title: GraphQL Query type: object properties: graphQLMaxComplexity: type: integer description: Maximum Complexity of the GraphQL query example: 400 graphQLMaxDepth: type: integer description: Maximum Depth of the GraphQL query example: 10 ThrottleLimitBase: title: Throttle Limit Base required: - timeUnit - unitTime type: object properties: timeUnit: type: string description: Unit of the time. Allowed values are "sec", "min", "hour", "day" example: min unitTime: type: integer description: Time limit that the throttling limit applies. example: 10 ThrottleLimit: title: Throttle Limit required: - type type: object properties: type: type: string description: | Type of the throttling limit. Allowed values are "REQUESTCOUNTLIMIT" and "BANDWIDTHLIMIT". Please see schemas of "RequestCountLimit" and "BandwidthLimit" throttling limit types in Definitions section. example: REQUESTCOUNTLIMIT enum: - REQUESTCOUNTLIMIT - BANDWIDTHLIMIT - EVENTCOUNTLIMIT requestCount: $ref: '#/components/schemas/RequestCountLimit' bandwidth: $ref: '#/components/schemas/BandwidthLimit' eventCount: $ref: '#/components/schemas/EventCountLimit' MonetizationInfo: title: API monetization details object required: - monetizationPlan - properties type: object properties: monetizationPlan: type: string description: Flag to indicate the monetization plan example: FixedRate enum: - FIXEDRATE - DYNAMICRATE properties: type: object additionalProperties: type: string description: Map of custom properties related to each monetization plan BandwidthLimit: title: Bandwidth Limit object allOf: - $ref: '#/components/schemas/ThrottleLimitBase' - required: - dataAmount - dataUnit type: object properties: dataAmount: type: integer description: Amount of data allowed to be transfered format: int64 example: 1000 dataUnit: type: string description: Unit of data allowed to be transfered. Allowed values are "KB", "MB" and "GB" example: KB RequestCountLimit: title: Request Count Limit object allOf: - $ref: '#/components/schemas/ThrottleLimitBase' - required: - requestCount type: object properties: requestCount: type: integer description: Maximum number of requests allowed format: int64 example: 30 EventCountLimit: title: Event Count Limit object allOf: - $ref: '#/components/schemas/ThrottleLimitBase' - required: - eventCount type: object properties: eventCount: type: integer description: Maximum number of events allowed format: int64 example: 3000 SubscriptionPolicy: title: Subscription Throttling Policy allOf: - required: - defaultLimit type: object properties: policyId: type: integer description: Id of policy example: 1 uuid: type: string description: policy uuid example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 policyName: maxLength: 60 minLength: 1 type: string description: Name of policy example: 30PerMin displayName: type: string description: Display name of the policy example: 30PerMin maxLength: 512 description: maxLength: 1024 type: string description: Description of the policy example: Allows 30 request per minute isDeployed: type: boolean description: Indicates whether the policy is deployed successfully or not. default: false tenantId: type: integer description: Throttling policy tenant domain id example: -1234 tenantDomain: type: string description: Throttling policy tenant domain example: carbon.super defaultLimit: $ref: '#/components/schemas/ThrottleLimit' rateLimitCount: type: integer description: Burst control request count example: 10 rateLimitTimeUnit: type: string description: Burst control time unit example: min subscriberCount: type: integer description: Number of subscriptions allowed example: 10 customAttributes: type: array description: | Custom attributes added to the Subscription Throttling Policy example: [ ] items: $ref: '#/components/schemas/CustomAttribute' stopOnQuotaReach: type: boolean description: | This indicates the action to be taken when a user goes beyond the allocated quota. If checked, the user's requests will be dropped. If unchecked, the requests will be allowed to pass through. default: false billingPlan: type: string description: | define whether this is Paid or a Free plan. Allowed values are FREE or COMMERCIAL. example: FREE permissions: $ref: '#/components/schemas/SubscriptionThrottlePolicyPermission' CustomAttribute: title: Name-Value pair required: - name - value type: object properties: name: type: string description: Name of the custom attribute example: customAttr1 value: type: string description: Value of the custom attribute example: value1 SubscriptionThrottlePolicyPermission: title: SubscriptionThrottlePolicyPermission required: - permissionType - roles type: object properties: permissionType: type: string example: deny enum: - ALLOW - DENY roles: type: array example: - Internal/everyone items: type: string APIMonetizationUsage: title: API monetization usage object type: object properties: properties: type: object additionalProperties: type: string description: Map of custom properties related to monetization usage APIRevenue: title: API revenue data object type: object properties: properties: type: object additionalProperties: type: string description: Map of custom properties related to API revenue MediationPolicy: title: Mediation Policy required: - name type: object properties: id: type: string example: 69ea3fa6-55c6-472e-896d-e449dd34a824 name: type: string example: log_in_message type: type: string example: in shared: type: boolean example: true Error: title: Error object returned with 4XX HTTP Status required: - code - message type: object properties: code: type: integer format: int64 message: type: string description: Error message. description: type: string description: | A detail description about the error message. moreInfo: type: string description: | Preferably an url with more details about the error. error: type: array description: | If there are more than one error list them out. For example, list out validation errors by each field. items: $ref: '#/components/schemas/ErrorListItem' ErrorListItem: title: Description of individual errors that may have occurred during a request. required: - code - message type: object properties: code: type: string message: type: string description: | Description about individual errors occurred description: type: string description: | A detail description about the error message. Environment: title: Environment required: - id - name - serverUrl - showInApiConsole - type type: object properties: id: type: string name: type: string example: default displayName: type: string example: Default type: type: string default: hybrid example: hybrid gatewayType: type: string example: Regular default: Regular serverUrl: type: string example: https://localhost:9443/services/ provider: type: string example: wso2 showInApiConsole: type: boolean example: true vhosts: type: array items: $ref: '#/components/schemas/VHost' endpointURIs: type: array items: $ref: '#/components/schemas/GatewayEnvironmentProtocolURI' additionalProperties: type: array items: $ref: '#/components/schemas/AdditionalProperty' permissions: type: object properties: permissionType: type: string example: ALLOW default: PUBLIC enum: - PUBLIC - ALLOW - DENY roles: type: array items: type: string example: Internal/everyone EnvironmentList: title: Environment List type: object properties: count: type: integer description: | Number of Environments returned. example: 1 list: type: array items: $ref: '#/components/schemas/Environment' APIEndpoint: title: Endpoint type: object required: - name properties: id: type: string example: "57a380b7-d852-4f56-bb23-db172722e9d4" name: type: string example: "Endpoint1" deploymentStage: type: string example: "PRODUCTION or SANDBOX" endpointConfig: type: object properties: {} description: | Endpoint configuration of the API. This can be used to provide different types of endpoints including Simple REST Endpoints, Loadbalanced and Failover. apiDefinition: type: string description: OpenAPI specification of the backend endpoint APIEndpointList: title: Endpoints List type: object properties: count: type: integer description: | Number of Endpoints returned. example: 1 list: type: array items: $ref: '#/components/schemas/APIEndpoint' pagination: $ref: '#/components/schemas/Pagination' LLMProviderResponse: title: LLMProviderResponse type: object properties: id: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 name: maxLength: 255 minLength: 1 type: string example: OpenAI apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 builtInSupport: type: boolean description: Is built-in support description: maxLength: 1023 type: string example: OpenAI LLM configurations: type: string description: LLM Provider configurations apiDefinition: type: string description: OpenAPI specification LLMProviderSummaryResponse: title: LLMProviderSummaryResponse type: object properties: id: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 name: maxLength: 255 minLength: 1 type: string example: open-ai apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 builtInSupport: type: boolean description: Is built-in support description: maxLength: 1023 type: string example: OpenAI LLM Provider LLMProviderSummaryResponseList: title: LLMProviderSummaryResponseList type: object properties: count: type: integer description: | Number of LLM Providers returned. example: 1 list: type: array items: $ref: '#/components/schemas/LLMProviderSummaryResponse' LLMProviderEndpointConfiguration: title: LLMProviderEndpointConfiguration type: object properties: authHeader: type: string example: Authorization authQueryParameter: type: string example: ApiKey ModelProvider: title: Model Provider type: object properties: models: type: array items: type: string example: "gpt-4o" name: type: string example: OpenAI AIServiceProviderResponse: title: AIServiceProviderResponse type: object properties: id: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 name: maxLength: 255 minLength: 1 type: string example: OpenAI apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 builtInSupport: type: boolean description: Is built-in support description: maxLength: 1023 type: string example: OpenAI LLM configurations: type: string description: LLM Provider configurations apiDefinition: type: string description: OpenAPI specification AIServiceProviderSummaryResponse: title: AIServiceProviderSummaryResponse type: object properties: id: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 name: maxLength: 255 minLength: 1 type: string example: open-ai apiVersion: maxLength: 255 minLength: 1 type: string example: 1.0.0 builtInSupport: type: boolean description: Is built-in support description: maxLength: 1023 type: string example: OpenAI LLM Provider AIServiceProviderSummaryResponseList: title: AIServiceProviderSummaryResponseList type: object properties: count: type: integer description: | Number of LLM Providers returned. example: 1 list: type: array items: $ref: '#/components/schemas/AIServiceProviderSummaryResponse' AIServiceProviderEndpointConfiguration: title: AIServiceProviderEndpointConfiguration type: object properties: authenticationConfiguration: $ref: '#/components/schemas/AIServiceProviderEndpointAuthenticationConfiguration' authHeader: type: string example: Authorization deprecated: true authQueryParameter: type: string example: ApiKey deprecated: true AIServiceProviderEndpointAuthenticationConfiguration: title: AIServiceProviderEndpointAuthenticationConfiguration type: object properties: enabled: type: boolean description: Whether the authentication configuration is enabled or not default: false type: type: string description: Type of the authentication configuration example: apiKey parameters: type: object description: | Parameters required for the authentication configuration. The parameters are different based on the type of the authentication configuration. example: { "headerEnabled": true, "headerName": "Authorization" } AdditionalProperty: title: Additional Gateway Properties type: object properties: key: type: string example: Organization value: type: string example: wso2 VHost: title: Virtual Host type: object properties: host: type: string example: mg.wso2.com httpContext: type: string example: pets httpPort: type: integer example: 80 httpsPort: type: integer example: 443 wsPort: type: integer example: 9099 wsHost: type: string example: mg.wso2.com wssPort: type: integer example: 8099 wssHost: type: string example: mg.wso2.com websubHttpPort: type: integer example: 9021 websubHttpsPort: type: integer example: 8021 FileInfo: title: File Information including meta data type: object properties: relativePath: type: string description: relative location of the file (excluding the base context and host of the Publisher API) example: apis/01234567-0123-0123-0123-012345678901/thumbnail mediaType: type: string description: media-type of the file example: image/jpeg MaxTps: type: object properties: production: type: integer format: int64 example: 1000 productionTimeUnit: type: string description: "Time unit for the production." default: SECOND enum: - SECOND - MINUTE - HOUR sandbox: type: integer format: int64 example: 1000 sandboxTimeUnit: type: string description: "Time unit for the sandbox." default: SECOND enum: - SECOND - MINUTE - HOUR APIMaxTps: type: object properties: production: type: integer format: int64 example: 1000 productionTimeUnit: type: string description: "Time unit for the production." default: SECOND enum: - SECOND - MINUTE - HOUR sandbox: type: integer format: int64 example: 1000 sandboxTimeUnit: type: string description: "Time unit for the sandbox." default: SECOND enum: - SECOND - MINUTE - HOUR tokenBasedThrottlingConfiguration: type: object required: - isTokenBasedThrottlingEnabled properties: productionMaxPromptTokenCount: type: integer description: "Maximum prompt token count for production" format: int64 productionMaxCompletionTokenCount: type: integer description: "Maximum completion token count for production" format: int64 productionMaxTotalTokenCount: type: integer description: "Maximum total token count for production" format: int64 sandboxMaxPromptTokenCount: type: integer description: "Maximum prompt token count for sandbox" format: int64 sandboxMaxCompletionTokenCount: type: integer description: "Maximum completion token count for sandbox" format: int64 sandboxMaxTotalTokenCount: type: integer description: "Maximum total token count for sandbox" format: int64 isTokenBasedThrottlingEnabled: type: boolean default: false description: "Whether token-based throttling is enabled" APIBusinessInformation: type: object properties: businessOwner: maxLength: 120 type: string example: businessowner businessOwnerEmail: type: string example: businessowner@wso2.com technicalOwner: maxLength: 120 type: string example: technicalowner technicalOwnerEmail: type: string example: technicalowner@wso2.com WebsubSubscriptionConfiguration: type: object properties: enable: type: boolean default: false description: Toggle enable WebSub subscription configuration secret: type: string description: Secret key to be used for subscription signingAlgorithm: type: string description: The algorithm used for signing signatureHeader: type: string description: The header uses to send the signature APICorsConfiguration: type: object properties: corsConfigurationEnabled: type: boolean default: false accessControlAllowOrigins: type: array items: type: string accessControlAllowCredentials: type: boolean default: false accessControlAllowHeaders: type: array items: type: string accessControlAllowMethods: type: array items: type: string description: | CORS configuration for the API Endpoint: title: Endpoints type: object properties: id: type: string description: | UUID of the Endpoint entry example: 01234567-0123-0123-0123-012345678901 name: type: string description: | name of the Endpoint entry example: Endpoint 1 endpointConfig: type: object properties: endpointType: type: string example: FAIL_OVER enum: - SINGLE - LOAD_BALANCED - FAIL_OVER list: type: array items: $ref: '#/components/schemas/EndpointConfig' endpointSecurity: type: object properties: enabled: type: boolean example: false type: type: string example: basic username: type: string example: basic password: type: string example: basic maxTps: type: integer description: Endpoint max tps format: int64 example: 1000 type: type: string example: http EndpointConfig: title: Endpoint Configuration type: object properties: url: type: string description: | Service url of the endpoint example: http://localhost:8280 timeout: type: string description: | Time out of the endpoint example: "1000" attributes: type: array items: type: object properties: name: type: string example: Suspension time value: type: string example: 2s EndpointList: title: Endpoint List type: object properties: count: type: integer description: | Number of Endpoints returned. example: 1 list: type: array items: $ref: '#/components/schemas/Endpoint' Organization: title: Organization required: - organizationId type: object properties: organizationId: type: string example: ece92bdc-e1e6-325c-b6f4-656208a041e9 readOnly: true description: | UUID of the organization. externalOrganizationId: type: string example: ece92bdc-e1e6-325c-b6f4-656208a041e9 description: | External id of the organization. parentOrganizationId: type: string readOnly: true example: ece92bdc-e1e6-325c-b6f4-656208a041e9 description: | UUID of the parent organization if there is any. displayName: maxLength: 255 minLength: 1 type: string example: My Organization description: maxLength: 1023 type: string example: My Organization Description OrganizationList: title: Organization List type: object properties: count: type: integer description: | Number of Organizationa returned. example: 1 list: type: array items: $ref: '#/components/schemas/Organization' Scope: title: Scope required: - name type: object properties: id: type: string description: | UUID of the Scope. Valid only for shared scopes. readOnly: true example: 01234567-0123-0123-0123-012345678901 name: maxLength: 255 minLength: 1 type: string description: | name of Scope example: apim:api_view displayName: maxLength: 255 type: string description: | display name of Scope example: api_view description: maxLength: 512 type: string description: | description of Scope example: This Scope can used to view Apis bindings: type: array description: | role bindings list of the Scope example: - admin - Internal/creator - Internal/publisher items: type: string usageCount: type: integer description: | usage count of Scope readOnly: true example: 3 SharedScopeUsage: title: SharedScopeUsage required: - id - name type: object properties: id: type: string description: | UUID of the Scope. Valid only for shared scopes. example: 01234567-0123-0123-0123-012345678901 name: type: string description: | name of Scope example: apim:api_view usedApiList: deprecated: true type: array description: | API list which have used the shared scope. [DEPRECATED] Use `usages` instead. Retained only for backward compatibility. items: $ref: '#/components/schemas/SharedScopeUsedAPIInfo' usages: type: array description: | List of entities which have used the shared scope items: $ref: '#/components/schemas/SharedScopeUsageEntity' SharedScopeUsedAPIInfo: title: API object using shared scope required: - context - name - version type: object properties: name: type: string example: CalculatorAPI context: type: string example: CalculatorAPI version: type: string example: 1.0.0 provider: type: string description: | If the provider value is not given user invoking the api will be used as the provider. example: admin revisionID: type: string example: Revision 1 usedResourceList: type: array description: | Resource list which have used the shared scope within this API items: $ref: '#/components/schemas/SharedScopeUsedAPIResourceInfo' SharedScopeUsedAPIResourceInfo: title: API resource object using shared scope type: object properties: target: type: string example: /add verb: type: string example: POST SharedScopeUsageEntity: title: Entity using shared scope required: - context - name - version type: object properties: name: type: string example: CalculatorAPI context: type: string example: CalculatorAPI version: type: string example: 1.0.0 provider: type: string description: | If the provider value is not given user invoking the api will be used as the provider. example: admin revisionId: type: string example: Revision 1 type: type: string description: | Entity type. example: MCP usedResourceList: type: array description: | Resource list which have used the shared scope. items: $ref: '#/components/schemas/SharedScopeUsedResourceInfo' SharedScopeUsedResourceInfo: title: Resource object using shared scope type: object properties: target: type: string example: /add verb: type: string example: POST APIScope: title: APIScope required: - scope type: object properties: scope: $ref: '#/components/schemas/Scope' shared: type: boolean description: | States whether scope is shared. This will not be honored when updating/adding scopes to APIs or when adding/updating Shared Scopes. example: true MCPServerScope: title: MCPServerScope required: - scope type: object properties: scope: $ref: '#/components/schemas/Scope' shared: type: boolean description: | States whether scope is shared. This will not be honored when updating/adding scopes to MCP Servers or when adding/updating Shared Scopes. example: true MCPServerOperation: title: MCPServerOperation type: object properties: id: type: string example: postapiresource target: type: string example: listBooks feature: type: string description: Operation type for MCP Server (e.g., TOOL) enum: - TOOL authType: type: string example: Application & Application User default: Any throttlingPolicy: type: string example: Unlimited scopes: type: array example: [ ] items: type: string payloadSchema: type: string example: "" uriMapping: type: string example: "" schemaDefinition: type: string example: "" description: type: string example: this is an operation of get orderId operationPolicies: $ref: '#/components/schemas/APIOperationPolicies' backendOperationMapping: $ref: '#/components/schemas/BackendOperationMapping' apiOperationMapping: $ref: '#/components/schemas/APIOperationMapping' APIOperations: title: Operation type: object properties: id: type: string example: postapiresource target: type: string example: /order/{orderId} verb: type: string example: POST authType: type: string example: Application & Application User default: Any throttlingPolicy: type: string example: Unlimited scopes: type: array example: [] items: type: string usedProductIds: type: array example: [] items: type: string amznResourceName: type: string example: "" amznResourceTimeout: type: integer amznResourceContentEncode: type: boolean payloadSchema: type: string example: "" uriMapping: type: string example: "" operationPolicies: $ref: '#/components/schemas/APIOperationPolicies' BackendOperationMapping: title: API Operation Backend Mapping type: object properties: backendId: type: string description: Backend API UUID example: "a29ff7d8-8057-4e88-94a4-f583dd968c6a" backendOperation: $ref: '#/components/schemas/BackendOperation' APIOperationMapping: title: API Operation Mapping type: object properties: apiId: type: string description: | UUID of the referenced API readOnly: true example: 01234567-0123-0123-0123-012345678901 apiName: maxLength: 150 minLength: 1 pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\[\]\/]*$)' type: string example: PizzaShackAPI apiVersion: maxLength: 30 minLength: 1 type: string pattern: '^[^~!@#;:%^*()+={}|\\<>"'',&/$\[\]\s+\/]+$' example: 1.0.0 apiContext: maxLength: 232 minLength: 1 type: string example: 1.0.0 backendOperation: $ref: '#/components/schemas/BackendOperation' BackendOperation: title: Backend Operation type: object properties: target: type: string description: Backend target path example: /order/{orderId} verb: type: string description: Backend target method enum: - GET - POST - PUT - DELETE - PATCH - HEAD - OPTIONS - TOOL example: POST BackendList: title: BackendList type: object properties: count: type: integer description: | Number of backends returned. example: 1 list: type: array items: $ref: '#/components/schemas/Backend' Backend: title: Backend Data type: object properties: id: type: string description: Backend API ID consisting of the UUID of the Endpoint example: 0c4439fd-9416-3c2e-be6e-1086e0b9aa93 name: type: string description: Backend name endpointConfig: type: object properties: { } description: Endpoint configuration of the backend. definition: type: string description: Definition of the backend OrganizationPolicies: title: Organization based Subscription Policies type: object required: - organizationID properties: organizationID: type: string example: "36c87e00-57f0-4000-9f97-b379acc4e577" policies: type: array example: ["Silver", "Gold", "Unlimited"] items: type: string ScopeList: title: Scope List type: object properties: count: type: integer description: | Number of Scopes returned. example: 1 list: type: array items: $ref: '#/components/schemas/Scope' pagination: $ref: '#/components/schemas/Pagination' ExternalStore: title: External Store type: object properties: id: type: string description: | The external store identifier, which is a unique value. example: Store123# displayName: type: string description: | The name of the external API Store that is displayed in the Publisher UI. example: UKStore type: type: string description: | The type of the Store. This can be a WSO2-specific API Store or an external one. example: wso2 endpoint: type: string description: | The endpoint URL of the external store example: http://localhost:9764/store APIExternalStore: title: API External Store type: object properties: id: type: string description: | The external store identifier, which is a unique value. example: Store123# lastUpdatedTime: type: string description: | The recent timestamp which a given API is updated in the external store. example: 2019-09-09T13:57:16.229 APIExternalStoreList: title: API External Store List type: object properties: count: type: integer description: | Number of external stores returned. example: 1 list: type: array items: $ref: '#/components/schemas/APIExternalStore' ExternalStoreList: title: External Store List type: object properties: count: type: integer description: | Number of external stores returned. example: 1 list: type: array items: $ref: '#/components/schemas/ExternalStore' Certificates: title: Certificates type: object properties: count: type: integer example: 1 certificates: type: array items: $ref: '#/components/schemas/CertMetadata' pagination: $ref: '#/components/schemas/Pagination' description: Representation of a list of certificates CertMetadata: title: Certificate type: object properties: alias: type: string example: wso2carbon endpoint: type: string example: www.abc.com description: Representation of the details of a certificate CertificateInfo: title: Certificate information type: object properties: status: type: string example: Active validity: $ref: '#/components/schemas/CertificateValidity' version: type: string example: V3 subject: type: string example: CN=wso2.com, OU=wso2, O=wso2, L=Colombo, ST=Western, C=LK CertificateValidity: title: Certificate Valid period type: object properties: from: type: string example: 12-12-2017 to: type: string example: 01-01-2019 ClientCertificates: title: Client Certificates type: object properties: count: type: integer example: 1 certificates: type: array items: $ref: '#/components/schemas/ClientCertMetadata' pagination: $ref: '#/components/schemas/Pagination' description: Representation of a list of client certificates ClientCertMetadata: title: Client certificate meta data type: object properties: alias: type: string example: wso2carbon apiId: type: string example: 64eca60b-2e55-4c38-8603-e9e6bad7d809 tier: type: string example: Gold description: Meta data of certificate LifecycleState: title: Lifecycle State type: object properties: state: type: string example: Created checkItems: type: array items: type: object properties: name: type: string example: Deprecate old versions after publishing the API value: type: boolean example: false requiredStates: type: array example: [] items: type: string availableTransitions: type: array items: type: object properties: event: type: string example: Publish targetState: type: string example: Published LifecycleHistory: title: Lifecycle history item list type: object properties: count: type: integer example: 1 list: type: array items: $ref: '#/components/schemas/LifecycleHistoryItem' LifecycleHistoryItem: title: Lifecycle history item type: object properties: previousState: type: string example: Created postState: type: string example: Published user: type: string example: admin updatedTime: type: string format: dateTime example: 2019-02-31T23:59:60Z WorkflowResponse: title: workflow Response required: - workflowStatus type: object properties: workflowStatus: type: string description: | This attribute declares whether this workflow task is approved or rejected. example: APPROVED enum: - CREATED - APPROVED - REJECTED - REGISTERED jsonPayload: type: string description: | Attributes that returned after the workflow execution example: null lifecycleState: $ref: '#/components/schemas/LifecycleState' OpenAPIDefinitionValidationResponse: title: OpenAPI Definition Validation Response required: - isValid type: object properties: isValid: type: boolean description: | This attribute declares whether this definition is valid or not. example: true content: type: string description: | OpenAPI definition content. info: type: object properties: name: type: string example: PetStore version: type: string example: 1.0.0 context: type: string example: /petstore description: type: string example: A sample API that uses a petstore as an example to demonstrate swagger-2.0 specification openAPIVersion: type: string example: 3.0.0 endpoints: type: array description: | contains host/servers specified in the OpenAPI file/URL items: type: string example: https://localhost:9443/am/sample/pizzashack/v3/api/ operations: type: array description: | contains operations specified in the OpenAPI file/URL items: $ref: '#/components/schemas/APIOperations' description: | API definition information errors: type: array description: | If there are more than one error list them out. For example, list out validation errors by each field. items: $ref: '#/components/schemas/ErrorListItem' WSDLValidationResponse: title: WSDL Definition Validation Response required: - isValid type: object properties: isValid: type: boolean description: | This attribute declares whether this definition is valid or not. example: true errors: type: array description: | If there are more than one error list them out. For example, list out validation errors by each field. items: $ref: '#/components/schemas/ErrorListItem' wsdlInfo: type: object properties: version: type: string description: | WSDL version example: "1.1" endpoints: type: array description: | A list of endpoints the service exposes items: type: object properties: name: type: string description: Name of the endpoint example: StockQuoteSoap location: type: string description: Endpoint URL example: http://www.webservicex.net/stockquote.asmx description: Summary of the WSDL including the basic information GraphQLValidationResponse: title: GraphQL API definition validation Response required: - errorMessage - isValid type: object properties: isValid: type: boolean description: | This attribute declares whether this definition is valid or not. example: true errorMessage: type: string description: | This attribute declares the validation error message graphQLInfo: type: object properties: operations: type: array items: $ref: '#/components/schemas/APIOperations' graphQLSchema: $ref: '#/components/schemas/GraphQLSchema' description: Summary of the GraphQL including the basic information MCPServerValidationRequest: title: MCP URL Validation Request type: object properties: url: type: string description: The URL to be validated. example: https://example.com/mcp securityInfo: $ref: '#/components/schemas/SecurityInfo' SecurityInfo: title: MCP Server Security Information type: object description: Optional security headers to use during URL validation. properties: isSecure: type: boolean description: Indicates whether the URL is secure (HTTPS) or not (HTTP). default: false header: type: string description: Header name used for authentication, if required. example: Authorization value: type: string description: Value used for the authentication header. example: Bearer MCPServerValidationResponse: title: MCP Server validation Response required: - errorMessage - isValid type: object properties: isValid: type: boolean description: | This attribute declares whether this definition is valid or not. example: true errorMessage: type: string description: | This attribute declares the validation error message content: type: string description: | MCP Server schema definition content. toolInfo: type: object properties: operations: type: array items: $ref: '#/components/schemas/MCPServerOperation' ApiEndpointValidationResponse: title: API Endpoint url validation response required: - statusCode - statusMessage type: object properties: statusCode: type: integer description: HTTP status code example: 200 statusMessage: type: string description: string example: OK error: type: string description: | If an error occurs, the error message will be set to this property. If not, this will remain null. example: null ThreatProtectionPolicyList: title: Threat Protection Policy List type: object properties: list: type: array items: $ref: '#/components/schemas/ThreatProtectionPolicy' ThreatProtectionPolicy: title: Threat Protection Policy Schema required: - name - policy - type type: object properties: uuid: type: string description: Policy ID name: type: string description: Name of the policy type: type: string description: Type of the policy policy: type: string description: policy as a json string SearchResultList: title: Unified Search Result List type: object properties: count: type: integer description: | Number of results returned. example: 1 list: type: array items: type: object pagination: $ref: '#/components/schemas/Pagination' SearchResult: title: Search Result required: - name type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: TestAPI type: type: string example: API enum: - DOC - API - APIProduct - DEFINITION - MCP transportType: type: string description: Accepted values are HTTP, WS, SOAPTOREST, GRAPHQL discriminator: propertyName: name APISearchResult: title: API Result allOf: - $ref: '#/components/schemas/SearchResult' - type: object properties: displayName: description: Human-friendly name shown in UI. Length limited to DB column size. type: string example: Pizza Shack API description: type: string description: A brief description about the API example: A calculator API that supports basic operations context: type: string description: A string that represents the context of the user's request example: CalculatorAPI contextTemplate: type: string description: The templated context of the API example: CalculatorAPI/{version} version: type: string description: The version of the API example: 1.0.0 provider: type: string description: | If the provider value is not given, the user invoking the API will be used as the provider. example: admin status: type: string description: This describes in which status of the lifecycle the API is example: CREATED thumbnailUri: type: string example: /apis/01234567-0123-0123-0123-012345678901/thumbnail advertiseOnly: type: boolean example: true gatewayVendor: title: Field to identify gateway vendor type: string description: Vendor of the gateway where the API is deployed. example: wso2 gatewayType: title: Field to identify gateway type. type: string description: The type of the gateway. example: wso2/synapse hasThumbnail: type: boolean example: true monetizedInfo: type: boolean example: true businessOwner: type: string example: Business Owner businessOwnerEmail: type: string example: businessowner@abc.com TechnicalOwner: type: string example: Technical Owner TechnicalOwnerEmail: type: string example: technicalowner@abc.com createdTime: type: string description: Created time as unix timestamp in milliseconds. example: 1756199448644 updatedTime: type: string description: Update time as unix timestamp in milliseconds. example: 1756199448644 APIProductSearchResult: title: API Result allOf: - $ref: '#/components/schemas/SearchResult' - type: object properties: displayName: description: Human-friendly name shown in UI. Length limited to DB column size. type: string example: Pizza Shack API description: type: string description: A brief description about the API example: A calculator API that supports basic operations context: type: string description: A string that represents the context of the user's request example: CalculatorAPI version: type: string description: The version of the API Product example: 1.0.0 provider: type: string description: | If the provider value is not given, the user invoking the API will be used as the provider. example: admin status: type: string description: This describes in which status of the lifecycle the APIPRODUCT is example: PUBLISHED thumbnailUri: type: string example: /apis/01234567-0123-0123-0123-012345678901/thumbnail hasThumbnail: type: boolean example: true monetizedInfo: type: boolean example: true businessOwner: type: string example: Business Owner businessOwnerEmail: type: string example: businessowner@abc.com TechnicalOwner: type: string example: Technical Owner TechnicalOwnerEmail: type: string example: technicalowner@abc.com egress: type: boolean description: Whether the API is Egress or not example: false createdTime: type: string description: Created time as unix timestamp in milliseconds. example: 1756199448644 updatedTime: type: string description: Update time as unix timestamp in milliseconds. example: 1756199448644 APIMonetizationInfo: title: API monetization object required: - enabled type: object properties: enabled: type: boolean description: Flag to indicate the monetization status example: true properties: type: object additionalProperties: type: string description: Map of custom properties related to monetization DocumentSearchResult: title: Document Result allOf: - $ref: '#/components/schemas/SearchResult' - type: object properties: docType: type: string example: HOWTO enum: - HOWTO - SAMPLES - PUBLIC_FORUM - SUPPORT_FORUM - API_MESSAGE_FORMAT - SWAGGER_DOC - OTHER summary: type: string example: Summary of Calculator Documentation sourceType: type: string example: INLINE enum: - INLINE - URL - FILE - MARKDOWN sourceUrl: type: string example: "" otherTypeName: type: string example: "" visibility: type: string example: API_LEVEL enum: - OWNER_ONLY - PRIVATE - API_LEVEL apiName: type: string description: The name of the associated API example: TestAPI apiDisplayName: description: Human-friendly name shown in UI for associated API. Length limited to DB column size. type: string example: Pizza Shack API apiVersion: type: string description: The version of the associated API example: 1.0.0 apiProvider: type: string example: admin apiUUID: type: string associatedType: type: string createdTime: type: string description: Created time as unix timestamp in milliseconds. example: 1756199448644 updatedTime: type: string description: Update time as unix timestamp in milliseconds. example: 1756199448644 APIDefinitionSearchResult: title: API Definition Search Result allOf: - $ref: '#/components/schemas/SearchResult' - type: object properties: apiDisplayName: description: Human-friendly name shown in UI for associated API. Length limited to DB column size. type: string example: Pizza Shack API apiName: type: string description: The name of the associated API example: TestAPI apiVersion: type: string description: The version of the associated API example: 1.0.0 apiContext: type: string description: The context of the associated API example: /test apiUUID: type: string description: The UUID of the associated API apiProvider: type: string description: The provider name of the associated API example: publisher apiType: type: string description: The type of the associated API example: REST associatedType: type: string description: API or APIProduct example: API createdTime: type: string description: Created time as unix timestamp in milliseconds. example: 1756199448644 updatedTime: type: string description: Update time as unix timestamp in milliseconds. example: 1756199448644 MockResponsePayloadList: title: Mock Response Payload list type: object properties: list: type: array items: $ref: '#/components/schemas/MockResponsePayloadInfo' MockResponsePayloadInfo: title: Mock Response Payload info object type: object properties: path: type: string description: path of the resource example: /menu content: type: string description: new modified code example: "var accept = \"\\\"\"+mc.getProperty('AcceptHeader')+\"\\\"\"\ ;\nvar responseCode = mc.getProperty('query.param.responseCode');\nvar\ \ responseCodeStr = \"\\\"\"+responseCode+\"\\\"\";\nvar responses = [];\n\ \nif (!responses[200]) {\n responses [200] = [];\n}\nresponses[200][\"\ application/json\"] = \n[ {\n \"price\" : \"string\",\n \"description\"\ \ : \"string\",\n \"name\" : \"string\",\n \"image\" : \"string\"\n\ } ]\n\n/*if (!responses[304]) {\n responses[304] = [];\n}\nresponses[304][\"\ application/(json or xml)\"] = {}/<>*/\n\nif (!responses[406]) {\n responses\ \ [406] = [];\n}\nresponses[406][\"application/json\"] = \n{\n \"message\"\ \ : \"string\",\n \"error\" : [ {\n \"message\" : \"string\",\n \ \ \"code\" : 0\n } ],\n \"description\" : \"string\",\n \"code\" :\ \ 0,\n \"moreInfo\" : \"string\"\n}\n\nresponses[501] = [];\nresponses[501][\"\ application/json\"] = {\n\"code\" : 501,\n\"description\" : \"Not Implemented\"\ }\nresponses[501][\"application/xml\"] = 501Not\ \ Implemented;\n\nif (!responses[responseCode])\ \ {\n responseCode = 501;\n}\n\nif (responseCode == null) {\n responseCode\ \ = 200;\n responseCodeStr = \"200\";\n}\n\nif (accept == null || !responses[responseCode][accept])\ \ {\n accept = \"application/json\";\n}\n\nif (accept === \"application/json\"\ ) {\n mc.setProperty('CONTENT_TYPE', 'application/json');\n mc.setProperty('HTTP_SC',\ \ responseCodeStr);\n mc.setPayloadJSON(responses[responseCode][\"application/json\"\ ]);\n} else if (accept === \"application/xml\") {\n mc.setProperty('CONTENT_TYPE',\ \ 'application/xml');\n mc.setProperty('HTTP_SC', responseCodeStr);\n\ \ mc.setPayloadXML(responses[responseCode][\"application/xml\"]);\n}" verb: type: string example: POST ResourcePolicyList: title: Resource policy List type: object properties: list: type: array items: $ref: '#/components/schemas/ResourcePolicyInfo' count: type: integer description: | Number of policy resources returned. example: 1 ResourcePolicyInfo: title: Resource policy Info object with conversion policy resource details. type: object properties: id: type: string description: | UUID of the resource policy registry artifact readOnly: true example: 01234567-0123-0123-0123-012345678901 httpVerb: type: string description: HTTP verb used for the resource path example: get resourcePath: type: string description: A string that represents the resource path of the api for the related resource policy example: checkPhoneNumber content: type: string description: The resource policy content example:

Settings: title: SettingsDTO type: object properties: devportalUrl: type: string description: The Developer Portal URL example: https://localhost:9443/devportal environment: type: array items: $ref: '#/components/schemas/Environment' gatewayTypes: type: array example: - Regular - APK - AWS items: type: string GatewayFeatureCatalog: title: Gateway feature Catalog type: object properties: gatewayFeatures: type: object additionalProperties: type: object apiTypes: type: object additionalProperties: type: array items: type: string scopes: type: array example: - apim:api_create - apim:api_manage - apim:api_publish items: type: string monetizationAttributes: type: array example: [] items: $ref: '#/components/schemas/MonetizationAttribute' subscriberContactAttributes: type: object items: $ref: '#/components/schemas/SubscriberContactAttribute' securityAuditProperties: type: object properties: {} externalStoresEnabled: type: boolean description: | Is External Stores configuration enabled example: true docVisibilityEnabled: type: boolean description: | Is Document Visibility configuration enabled example: false portalConfigurationOnlyModeEnabled: type: boolean description: | Is Portal Configuration Only Mode enabled example: false default: false retryCallWithNewOAuthTokenEnabled: type: boolean description: | Is Retry Call With New OAuth Token Enabled example: true default: true crossTenantSubscriptionEnabled: type: boolean description: | Is Cross Tenant Subscriptions Enabled example: false default: false defaultAdvancePolicy: type: string description: Default Advance Policy. defaultSubscriptionPolicy: type: string description: Default Subscription Policy. authorizationHeader: type: string description: Authorization Header example: authorization IsJWTEnabledForLoginTokens: type: boolean default: false orgAccessControlEnabled: type: boolean description: | Is Organization-based access control configuration enabled example: true allowSubscriptionValidationDisabling: type: boolean description: | Allow subscription validation disabling for OAuth tokens default: true designAssistantEnabled: type: boolean description: | Specifies whether Design Assistant enabled default: true aiAuthTokenProvided: type: boolean description: Checks if the auth token is provided for AI service usage. default: false isGatewayNotificationEnabled: type: boolean description: Is Gateway Notification Enabled default: false isMCPSupportEnabled: type: boolean description: This indicates whether the MCP support is enabled or not. default: true customProperties: type: array items: type: object properties: name: type: string description: | Custom property name example: Department description: type: string description: Description of custom property example: Relevant Department required: type: boolean example: false SecurityAuditAttribute: title: SecurityAuditAttributeDTO type: object properties: isGlobal: type: boolean example: false overrideGlobal: type: boolean example: false apiToken: type: string example: b1267ytf-b7gc-4aee-924d-ece81241efec collectionId: type: string example: 456ef957-5a79-449f-83y3-9027945d3c60 baseUrl: type: string WSDLInfo: title: WSDL information of the API. This is only available if the API is a SOAP API. type: object properties: type: type: string description: Indicates whether the WSDL is a single WSDL or an archive in ZIP format enum: - WSDL - ZIP Pagination: title: Pagination type: object properties: offset: type: integer example: 0 limit: type: integer example: 1 total: type: integer example: 10 next: type: string description: | Link to the next subset of resources qualified. Empty if no more resources are to be returned. previous: type: string description: | Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. #----------------------------------------------------- # The Subscriber Contact resource #----------------------------------------------------- SubscriberContactAttribute: title: Subscriber Contact attribute object properties: recipient: type: string description: | recipient type of the email delimiter: type: string description: | delimiter to seperate the email address MonetizationAttribute: title: Monetization attribute object type: object properties: required: type: boolean description: | Is attribute required example: true name: type: string description: | Name of the attribute displayName: type: string description: | Display name of the attribute description: type: string description: | Description of the attribute hidden: type: boolean description: | Is attribute hidden default: type: string description: | Default value of the attribute Tenant: title: Tenant type: object properties: domain: type: string description: tenant domain example: wso2.com status: type: string description: current status of the tenant active/inactive example: active TenantList: title: Tenant list type: object properties: count: type: integer description: | Number of tenants returned. example: 1 list: type: array items: $ref: '#/components/schemas/Tenant' pagination: $ref: '#/components/schemas/Pagination' AdvertiseInfo: title: API Advertise info object with advertise details type: object properties: advertised: type: boolean example: true apiExternalProductionEndpoint: type: string example: https://localhost:9443/devportal apiExternalSandboxEndpoint: type: string example: https://localhost:9443/devportal originalDevPortalUrl: type: string example: https://localhost:9443/devportal apiOwner: type: string example: admin vendor: type: string default: WSO2 enum: - WSO2 - AWS APICategory: title: API Category required: - name type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: Finance description: type: string example: Finance related APIs APICategoryList: title: API Category List type: object properties: count: type: integer description: | Number of API categories returned. example: 1 list: type: array items: $ref: '#/components/schemas/APICategory' KeyManagerInfo: title: Key Manager Info required: - name - type type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: WSO2 IS displayName: type: string description: | display name of Keymanager example: Keymanager1 type: type: string example: IS description: type: string example: This is a key manager for Developers enabled: type: boolean example: true additionalProperties: type: array items: type: object properties: {} KeyManagerList: title: Key Manager List type: object properties: count: type: integer description: | Number of Key managers returned. example: 1 list: type: array items: $ref: '#/components/schemas/KeyManagerInfo' APIKey: title: API Key details to invoke APIs type: object properties: apikey: type: string description: API Key example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= validityTime: type: integer format: int32 example: 3600 EnvironmentProperties: title: Envionment specific API properties request body type: object additionalProperties: type: string example: productionEndpoint: https://localhost:9443/pizzashack/v3/api/ sandboxEndpoint: https://localhost:9443/pizzashack/v3/api/ AsyncAPISpecificationValidationResponse: title: AsyncAPI Specification Validation Response required: - isValid type: object properties: isValid: type: boolean description: This attribute declares whether this definition is valid or not. example: true content: type: string description: AsyncAPI specification content info: type: object properties: name: type: string example: Streetlights version: type: string example: 1.0.0 context: type: string example: /streetlights description: type: string example: A sample API that uses a streetlights as an example to demonstrate AsyncAPI specifications asyncAPIVersion: type: string example: 2.0 protocol: type: string example: WEBSUB endpoints: type: array description: contains host/servers specified in the AsyncAPI file/URL items: type: string example: "https://localhost:9443/am/sample/pizzashack/v3/api/" gatewayVendor: type: string example: wso2 asyncTransportProtocols: type: array description: contains available transports for an async API items: type: string example: http description: API definition information errors: type: array description: If there are more than one error list them out. For example, list out validation error by each field. items: $ref: '#/components/schemas/ErrorListItem' OperationPolicy: title: API Operation Policy type: object required: - policyName properties: policyName: type: string policyVersion: type: string default: v1 policyType: type: string policyId: type: string parameters: type: object additionalProperties: type: object APIOperationPolicies: title: API Operation Level Policies properties: request: type: array items: $ref: '#/components/schemas/OperationPolicy' response: type: array items: $ref: '#/components/schemas/OperationPolicy' fault: type: array items: $ref: '#/components/schemas/OperationPolicy' MCPServerOperationPolicies: title: MCP Server Operation Level Policies properties: request: type: array items: $ref: '#/components/schemas/OperationPolicy' response: type: array items: $ref: '#/components/schemas/OperationPolicy' fault: type: array items: $ref: '#/components/schemas/OperationPolicy' OrganizationInfo: title: Organization Info type: object properties: organizationId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: My Organization GatewayPolicyMappings: title: Gateway Policy Mappings type: object required: - policyMapping - displayName properties: id: type: string example: 121223q41-24141-124124124-12414 policyMapping: $ref: '#/components/schemas/APIOperationPolicies' description: type: string description: A brief description about the policy mapping example: Set header value to the request with item type and response header set with served server name displayName: type: string description: Meaningful name to identify the policy mapping example: item_type_setter appliedGatewayLabels: type: array items: type: string example: gatewayLabel_1 GatewayPolicyMappingDeploymentInfo: title: Gateway Policy Mapping and Deployment Information type: object properties: id: type: string example: 121223q41-24141-124124124-12414 description: type: string description: A brief description about the policy mapping example: Set header value to the request with item type and response header set with served server name displayName: type: string description: Meaningful name to identify the policy mapping example: item_type_setter appliedGatewayLabels: type: array items: type: string example: gatewayLabel_1 GatewayPolicyMappingInfo: title: Gateway Policy Mapping Information type: object properties: id: type: string example: 121223q41-24141-124124124-12414 description: type: string description: A brief description about the policy mapping example: Set header value to the request with item type and response header set with served server name displayName: type: string description: Meaningful name to identify the policy mapping example: item_type_setter GatewayPolicyDeployment: title: Details to map, deploy, undeploy policy mappings to gateways required: - gatewayLabel - gatewayDeployment type: object properties: gatewayLabel: type: string example: gatewayLabel_1 gatewayDeployment: type: boolean example: true mappingUUID: type: string example: 01234567-0123-0123-0123-012345678901 GatewayPolicyMappingDataList: title: Gateway Policy Mapping List type: object properties: count: type: integer description: | Number of gateway policy mappings returned. example: 1 list: type: array items: $ref: '#/components/schemas/GatewayPolicyMappingDeploymentInfo' pagination: $ref: '#/components/schemas/Pagination' GatewayEnvironmentProtocolURI: title: Gateway Environment protocols and URIs required: - protocol - endpointURI type: object properties: protocol: type: string example: default endpointURI: type: string example: default OperationPolicyDataList: title: Operation policy List type: object properties: count: type: integer description: | Number of operation policies returned. example: 1 list: type: array items: $ref: '#/components/schemas/OperationPolicyData' pagination: $ref: '#/components/schemas/Pagination' OperationPolicyData: title: Operation Policy Data type: object properties: category: type: string example: Mediation id: type: string example: 121223q41-24141-124124124-12414 name: type: string example: removeHeaderPolicy version: type: string example: v1 default: v1 displayName: type: string example: Remove Header Policy description: type: string example: With this policy, user can add a new header to the request applicableFlows: type: array items: type: string example: in supportedGateways: type: array items: type: string example: Synapse supportedApiTypes: type: array items: type: object properties: {} description: | Supported API types as an array of strings, or an array of maps [HTTP, SOAP] [{apiType: HTTP, subType: AI}, {apiType: SOAP}] example: [HTTP, SOAP] isAPISpecific: type: boolean example: true md5: type: string example: 121223q41-24141-124124124-12414 policyAttributes: type: array items: $ref: '#/components/schemas/OperationPolicySpecAttribute' OperationPolicySpecAttribute: title: OperationPolicySpecAttribute type: object properties: name: type: string description: Name of the attibute example: headerName displayName: type: string description: Display name of the attibute example: Header Name description: type: string description: Description of the attibute example: Name of the header to be removed validationRegex: type: string description: UI validation regex for the attibute example: /^[a-z\s]{0,255}$/i type: type: string description: Type of the attibute example: string required: type: boolean description: Is this attibute mandetory for the policy example: true defaultValue: type: string description: Default value for the attribute example: true allowedValues: type: array description: If the attribute type is enum, this array should contain all the possible values for the enum. items: type: string example: ["GET","POST","PUT"] ImportAPIResponse: title: Import API Response type: object properties: id: type: string description: | UUID of the imported API example: 01234567-0123-0123-0123-012345678901 revision: type: string description: | Revision of the imported API example: 1 Label: title: Label required: - name type: object properties: id: type: string readOnly: true example: d7cf8523-9180-4255-84fa-6cb171c1f779 name: maxLength: 255 minLength: 1 type: string example: Health description: maxLength: 1024 type: string example: Health related APIs RequestLabelList: title: Label ID List for Request type: object properties: labels: type: array description: List of label IDs. items: type: string example: d7cf8523-9180-4255-84fa-6cb171c1f779 LabelList: title: Label List type: object properties: count: type: integer description: Number of labels returned. example: 1 list: type: array description: List of labels. items: $ref: '#/components/schemas/Label' pagination: $ref: '#/components/schemas/Pagination' responses: BadRequest: description: Bad Request. Invalid request or validation error. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 400 message: Bad Request description: Invalid request or validation error moreInfo: "" error: [] Conflict: description: Conflict. Specified resource already exists. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 409 message: Conflict description: Specified resource already exists moreInfo: "" error: [] Forbidden: description: Forbidden. The request must be conditional but no condition has been specified. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 403 message: Forbidden description: The request must be conditional but no condition has been specified moreInfo: "" error: [] InternalServerError: description: Internal Server Error. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 500 message: Internal Server Error description: The server encountered an internal error. Please contact administrator. moreInfo: "" error: [] NotAcceptable: description: Not Acceptable. The requested media type is not supported. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 406 message: Not Acceptable description: The requested media type is not supported moreInfo: "" error: [] NotFound: description: Not Found. The specified resource does not exist. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 404 message: Not Found description: The specified resource does not exist moreInfo: "" error: [] PreconditionFailed: description: Precondition Failed. The request has not been performed because one of the preconditions is not met. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 412 message: Precondition Failed description: The request has not been performed because one of the preconditions is not met moreInfo: "" error: [] Unauthorized: description: Unauthorized. The user is not authorized. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 401 message: Unauthorized description: The user is not authorized moreInfo: "" error: [] UnsupportedMediaType: description: Unsupported Media Type. The entity of the request was not in a supported format. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 415 message: Unsupported media type description: The entity of the request was not in a supported format moreInfo: "" error: [] parameters: replyLimit: name: replyLimit in: query description: | Maximum size of replies array to return. schema: type: integer default: 25 replyOffset: name: replyOffset in: query description: | Starting point within the complete list of replies. schema: type: integer default: 0 commentId: name: commentId in: path description: | Comment Id required: true schema: type: string parentCommentID: name: replyTo in: query description: | ID of the perent comment. schema: type: string includeCommenterInfo: name: includeCommenterInfo in: query description: | Whether we need to display commentor details. schema: type: boolean default : false apiId: name: apiId in: path description: | **API ID** consisting of the **UUID** of the API. required: true schema: type: string endpointId: name: endpointId in: path description: | **Endpoint ID** consisting of the **UUID** of the Endpoint** required: true schema: type: string mcpServerId: name: mcpServerId in: path description: | **MCP Server ID** consisting of the **UUID** of the MCP Server. required: true schema: type: string backendId: name: backendId in: path description: | **Backend ID** consisting of the **UUID** of the Backend**. required: true schema: type: string mcpServerId-Q: name: mcpServerId in: query description: | **MCP Server ID** consisting of the **UUID** of the MCP Server**. required: true schema: type: string apiId-Q: name: apiId in: query description: | **API ID** consisting of the **UUID** of the API**. required: true schema: type: string apiId-Q-Opt: name: apiId in: query description: | **API ID** consisting of the **UUID** of the API. The combination of the provider of the API, name of the API and the version is also accepted as a valid API I. Should be formatted as **provider-name-version**. schema: type: string labelType-Q: name: labelType in: query description: | **API ID** consisting of the **UUID** of the API. The combination of the provider of the API, name of the API and the version is also accepted as a valid API I. Should be formatted as **provider-name-version**. schema: type: string name: name: name in: path description: | Name of the API required: true schema: type: string version: name: version in: path description: | Version of the API required: true schema: type: string apiName-Q: name: name in: query description: | Name of the API schema: type: string apiVersion-Q: name: version in: query description: | Version of the API schema: type: string apiProvider-Q: name: providerName in: query description: | Provider name of the API schema: type: string documentId: name: documentId in: path description: | Document Identifier required: true schema: type: string applicationId: name: applicationId in: path description: | **Application Identifier** consisting of the UUID of the Application. required: true schema: type: string subscriptionId: name: subscriptionId in: path description: | Subscription Id required: true schema: type: string resourcePolicyId: name: resourcePolicyId in: path description: | registry resource Id required: true schema: type: string subscriptionId-Q: name: subscriptionId in: query description: | Subscription Id required: true schema: type: string operationPolicyId: name: operationPolicyId in: path description: | Operation policy Id required: true schema: type: string gatewayPolicyMappingId: name: gatewayPolicyMappingId in: path description: | Gateway policy mapping Id required: true schema: type: string # API Revision Identifier # Specified as part of the path expression revisionId: name: revisionId in: path description: | Revision ID of an API required: true schema: type: string # API Revision Environment # Specified as part of the path expression envName: name: envName in: path description: | Environment name of an Revision required: true schema: type: string # API Revision Identifier # Specified as part of the query string revisionId-Q: name: revisionId in: query description: | Revision ID of an API schema: type: string workflowReferenceId-Q: name: workflowReferenceId in: query description: | Workflow reference id required: true schema: type: string revisionNum-Q: name: revisionNumber in: query description: | Revision Number of an API schema: type: string deploymentId: name: deploymentId in: path description: | Base64 URL encoded value of the name of an environment required: true schema: type: string policyName: name: policyName in: path description: | Tier name required: true schema: type: string policyName-Q: name: policyName in: query description: | Name of the policy required: true schema: type: string policyLevel: name: policyLevel in: path description: | List API or Application or Resource type policies. required: true schema: type: string enum: - api - subcription policyLevel-Q: name: policyLevel in: query description: | List API or Application or Resource type policies. required: true schema: type: string enum: - api - subcription limit: name: limit in: query description: | Maximum size of resource array to return. schema: type: integer default: 25 policyLimit: name: limit in: query description: | Maximum size of policy array to return. schema: type: integer Accept: name: Accept in: header description: | Media types acceptable for the response. Default is application/json. schema: type: string default: application/json isAiApi: name: isAiApi in: query description: | Indicates the quota policy type to be AI API quota or not. schema: type: boolean default: false organizationID: name: organizationID in: query description: | Indicates the organization ID schema: type: string offset: name: offset in: query description: | Starting point within the complete list of items qualified. schema: type: integer default: 0 If-None-Match: name: If-None-Match in: header description: | Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource. schema: type: string If-Match: name: If-Match in: header description: | Validator for conditional requests; based on ETag. schema: type: string scopeName: name: scopeId in: path description: | Base64 URL encoded value of the scope name required: true schema: type: string scopeId: name: scopeId in: path description: | Scope Id consisting the UUID of the shared scope required: true schema: type: string threatProtectionPolicyId: name: policyId in: path description: | The UUID of a Policy required: true schema: type: string roleId: name: roleId in: path description: | The Base 64 URL encoded role name with domain. If the given role is in secondary user-store, role ID should be derived as Base64URLEncode({user-store-name}/{role-name}). If the given role is in PRIMARY user-store, role ID can be derived as Base64URLEncode(role-name) required: true schema: type: string requestedTenant: name: X-WSO2-Tenant in: header description: | For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be retirieved from. schema: type: string apiProductId: name: apiProductId in: path description: | **API Product ID** consisting of the **UUID** of the API Product. Using the **UUID** in the API call is recommended. required: true schema: type: string x-encoded: true x-encoded: true tenantDomain: name: tenantDomain in: path description: | The domain of a specific tenant required: true schema: type: string alertType: name: alertType in: path description: The alert type. required: true schema: type: string configurationId: name: configurationId in: path description: The alert configuration id. required: true schema: type: string tierQuotaType: name: tierQuotaType description: Filter the subscription base on tier quota type in: query schema: type: string envId: name: envId in: path description: | **Env ID** consisting of the **UUID** of the gateway environment. required: true schema: type: string apiProductId-Q: name: apiProductId in: query description: | **API Product ID** consisting of the **UUID** of the API Product. The combination of the provider, name and the version of the API Product is also accepted as a valid API Product ID. Should be formatted as **provider-name-version**. required: true schema: type: string requestBodies: threatProtectionPolicy: description: | Threat protection policy request parameter content: application/json: schema: $ref: '#/components/schemas/ThreatProtectionPolicy' required: true securitySchemes: OAuth2Security: type: oauth2 flows: password: tokenUrl: https://localhost:9443/oauth2/token scopes: openid: Authorize access to user details apim:api_view: View API apim:policies_import_export: Export and import policies related operations apim:api_create: Create API apim:api_delete: Delete API apim:api_publish: Publish API apim:api_manage: Manage all API related operations apim:subscription_view: View Subscription apim:subscription_block: Block Subscription apim:subscription_manage: Manage all Subscription related operations apim:threat_protection_policy_create: Create threat protection policies apim:threat_protection_policy_manage: Update and delete threat protection policies apim:document_create: Create API documents #deprecate apim:document_manage: Create, update and delete API documents apim:api_mediation_policy_manage: View, create, update and remove API specific mediation policies apim:mediation_policy_view: View mediation policies apim:mediation_policy_create: Create mediation policies apim:mediation_policy_manage: Update and delete mediation policies apim:common_operation_policy_view: View common operation policies apim:common_operation_policy_manage: Add, Update and Delete common operation policies apim:gateway_policy_view: View gateway policies apim:gateway_policy_manage: Add, Update and Delete gateway policies apim:client_certificates_view: View client certificates apim:client_certificates_add: Add client certificates apim:client_certificates_update: Update and delete client certificates apim:client_certificates_manage: View, create, update and remove client certificates apim:ep_certificates_view: View backend endpoint certificates apim:ep_certificates_add: Add backend endpoint certificates apim:ep_certificates_update: Update and delete backend endpoint certificates apim:ep_certificates_manage: View, create, update and remove endpoint certificates apim:publisher_settings: Retrieve store settings apim:pub_alert_manage: Get/ subscribe/ configure publisher alerts apim:shared_scope_manage: Manage shared scopes apim:app_import_export: Import and export applications related operations apim:api_import_export: Import and export APIs related operations apim:api_product_import_export: Import and export API Products related operations apim:api_generate_key: Generate Internal Key apim:admin: Manage all admin operations apim:comment_view: Read permission to comments apim:comment_write: Write permission to comments apim:comment_manage: Read and Write comments apim:tier_view: View throttling policies apim:tier_manage: View, update and delete throttling policies apim:api_list_view: View, Retrieve API list apim:api_definition_view: View, Retrieve API definition apim:subscription_approval_view: Approve subscription creation requests apim:subscription_approval_manage: Approve subscription update requests apim:llm_provider_read: Read LLM Providers apim:publisher_organization_read: Read organization apim:gov_policy_read: Retrieve governance policies apim:gov_result_read: Retrieve governance results apim:gov_rule_read: Retrieve governance rules apim:mcp_server_view: View MCP Server apim:mcp_server_list_view: View, Retrieve MCP Server list apim:mcp_server_create: Create MCP Server apim:mcp_server_delete: Delete MCP Server apim:mcp_server_publish: Publish MCP Server apim:mcp_server_manage: Manage all MCP Server related operations apim:mcp_server_import_export: Import and export MCP Server related operations