# Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ################################################################################ swagger: '2.0' ###################################################### # Prolog ###################################################### info: version: "v1.0" title: "WSO2 API Manager - Store" description: | This document specifies a **RESTful API** for WSO2 **API Manager** - Store. It is written with [swagger 2](http://swagger.io/). contact: name: "WSO2" url: "http://wso2.com/products/api-manager/" email: "architecture@wso2.com" license: name: "Apache 2.0" url: "http://www.apache.org/licenses/LICENSE-2.0.html" ###################################################### # The fixed parts of the URLs of the API ###################################################### # The schemes supported by the API schemes: - https # The domain of the API. # This is configured by the customer during deployment. # The given host is just an example. host: apis.wso2.com # The base path of the API. # Will be prefixed to all paths. basePath: /api/am/store/v1.0 # The following media types can be passed as input in message bodies of the API. # The actual media type must be specified in the Content-Type header field of the request. # The default is json, i.e. the Content-Type header is not needed to # be set, but supporting it serves extensibility. consumes: - application/json # The following media types may be passed as output in message bodies of the API. # The media type(s) consumable by the requestor is specified in the Accept header field # of the corresponding request. # The actual media type returned will be specfied in the Content-Type header field # of the of the response. # The default of the Accept header is json, i.e. there is not needed to # set the value, but supporting it serves extensibility. produces: - application/json securityDefinitions: OAuth2Security: type: oauth2 flow: password tokenUrl: https://localhost:9443/token scopes: openid: Authorize access to user details apim:subscribe: Subscribe API apim:api_key: Generate API Keys apim:app_update: Update an application apim:app_manage: Manage application apim:sub_manage: Manage subscriptions apim:self-signup: Self Sign-up apim:dedicated_gateway: Updating dedicated Gateway apim:store_settings: Retrieve store settings apim:sub_alert_manage: Retrieve, subscribe and configure store alert types ###################################################### # The "API Collection" resource APIs ###################################################### paths: /apis: #----------------------------------------------------- # Retrieving the list of all APIs qualifying under a given search condition #----------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-curl: "curl https://localhost:9443/api/am/store/v1.0/apis" x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/apis" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"previous\": \"\",\n \"list\": [\n {\n \"provider\": \"admin\",\n \"version\": \"1.0.0\",\n \"description\": \"This API provide Account Status Validation.\",\n \"status\": \"PUBLISHED\",\n \"name\": \"AccountVal\",\n \"context\": \"/account/1.0.0\",\n \"id\": \"2e81f147-c8a8-4f68-b4f0-69e0e7510b01\"\n },\n {\n \"provider\": \"admin\",\n \"version\": \"1.0.0\",\n \"description\": null,\n \"status\": \"PUBLISHED\",\n \"name\": \"api1\",\n \"context\": \"/api1/1.0.0\",\n \"id\": \"3e22d2fb-277a-4e9e-8c7e-1c0f7f73960e\"\n },\n {\n \"provider\": \"admin\",\n \"version\": \"2.0.0\",\n \"description\": \"Verify a phone number\",\n \"status\": \"PUBLISHED\",\n \"name\": \"PhoneVerification\",\n \"context\": \"/phoneverify/2.0.0\",\n \"id\": \"c43a325c-260b-4302-81cb-768eafaa3aed\"\n }\n ],\n \"count\": 3,\n \"next\": \"\"\n}" x-examples: $ref: docs/examples/apis/apis.yaml#/get summary: | Retrieve/Search APIs description: | This operation provides you a list of available APIs qualifying under a given search condition. Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. This operation supports retriving APIs of other tenants. The required tenant domain need to be specified as a header `X-WSO2-Tenant`. If not specified super tenant's APIs will be retrieved. If you used an Authorization header, the user's tenant associated with the access token will be used. **NOTE:** * By default, this operation retrieves Published APIs. In order to retrieve Prototyped APIs, you need to use **query** parameter and specify **status:PROTOTYPED**. * This operation does not require an Authorization header by default. But if it is provided, it will be validated and checked for permissions of the user, hence you may be able to see APIs which are restricted for special permissions/roles. parameters: - $ref : '#/parameters/limit' - $ref : '#/parameters/offset' - $ref : '#/parameters/requestedTenant' - name : query in: query description: | **Search condition**. You can search in attributes by using an **":"** modifier. Eg. "provider:wso2" will match an API if the provider of the API is exactly "wso2". Additionally you can use wildcards. Eg. "provider:wso2*" will match an API if the provider of the API starts with "wso2". Supported attribute modifiers are [**version, context, status, description, subcontext, doc, provider, tag**] If no advanced attribute modifier has been specified, search will match the given query string against API Name. type: string - $ref : "#/parameters/If-None-Match" tags: - APIs responses: 200: description: | OK. List of qualifying APIs is returned. schema: $ref: '#/definitions/APIList' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # The "Individual API" resource APIs ###################################################### /apis/{apiId}: #----------------------------------------------------- # Retrieve the details of an API definition #----------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-curl: "curl https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed" x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\r\n \"thumbnailUrl\": null,\r\n \"throttlingPolicies\": [\"Unlimited\"],\r\n \"businessInformation\": {\r\n \"technicalOwner\": \"John Doe\",\r\n \"technicalOwnerEmail\": \"architecture@pizzashack.com\",\r\n \"businessOwner\": \"Jane Roe\",\r\n \"businessOwnerEmail\": \"marketing@pizzashack.com\"\r\n },\r\n \"apiDefinition\": \"{\\\"paths\\\":{\\\"/order\\\":{\\\"post\\\":{\\\"x-auth-type\\\":\\\"Application & Application User\\\",\\\"x-throttling-tier\\\":\\\"Unlimited\\\",\\\"description\\\":\\\"Create a new Order\\\",\\\"parameters\\\":[{\\\"schema\\\":{\\\"$ref\\\":\\\"#/definitions/Order\\\"},\\\"description\\\":\\\"Order object that needs to be added\\\",\\\"name\\\":\\\"body\\\",\\\"required\\\":true,\\\"in\\\":\\\"body\\\"}],\\\"responses\\\":{\\\"201\\\":{\\\"headers\\\":{\\\"Location\\\":{\\\"description\\\":\\\"The URL of the newly created resource.\\\",\\\"type\\\":\\\"string\\\"},\\\"Content-Type\\\":{\\\"description\\\":\\\"The content type of the body.\\\",\\\"type\\\":\\\"string\\\"}},\\\"schema\\\":{\\\"$ref\\\":\\\"#/definitions/Order\\\"},\\\"description\\\":\\\"Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity.\\\"}}}},\\\"/order/{orderId}\\\":{\\\"get\\\":{\\\"x-auth-type\\\":\\\"Application & Application User\\\",\\\"x-throttling-tier\\\":\\\"Unlimited\\\",\\\"description\\\":\\\"Get details of an Order\\\",\\\"parameters\\\":[{\\\"description\\\":\\\"Order Id\\\",\\\"name\\\":\\\"orderId\\\",\\\"format\\\":\\\"string\\\",\\\"type\\\":\\\"string\\\",\\\"required\\\":true,\\\"in\\\":\\\"path\\\"}],\\\"responses\\\":{\\\"200\\\":{\\\"schema\\\":{\\\"$ref\\\":\\\"#/definitions/Order\\\"},\\\"headers\\\":{},\\\"description\\\":\\\"OK Requested Order will be returned\\\"}}}}},\\\"schemes\\\":[\\\"https\\\"],\\\"produces\\\":[\\\"application/json\\\"],\\\"swagger\\\":\\\"2.0\\\",\\\"definitions\\\":{\\\"Order\\\":{\\\"title\\\":\\\"Pizza Order\\\",\\\"properties\\\":{\\\"customerName\\\":{\\\"type\\\":\\\"string\\\"},\\\"delivered\\\":{\\\"type\\\":\\\"boolean\\\"},\\\"address\\\":{\\\"type\\\":\\\"string\\\"},\\\"pizzaType\\\":{\\\"type\\\":\\\"string\\\"},\\\"creditCardNumber\\\":{\\\"type\\\":\\\"string\\\"},\\\"quantity\\\":{\\\"type\\\":\\\"number\\\"},\\\"orderId\\\":{\\\"type\\\":\\\"string\\\"}},\\\"required\\\":[\\\"orderId\\\"]}},\\\"consumes\\\":[\\\"application/json\\\"],\\\"info\\\":{\\\"title\\\":\\\"PizzaShackAPI\\\",\\\"description\\\":\\\"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\\\\n\\\",\\\"license\\\":{\\\"name\\\":\\\"Apache 2.0\\\",\\\"url\\\":\\\"http://www.apache.org/licenses/LICENSE-2.0.html\\\"},\\\"contact\\\":{\\\"email\\\":\\\"architecture@pizzashack.com\\\",\\\"name\\\":\\\"John Doe\\\",\\\"url\\\":\\\"http://www.pizzashack.com\\\"},\\\"version\\\":\\\"1.0.0\\\"}}\",\r\n \"wsdlUri\": null,\r\n \"isDefaultVersion\": false,\r\n \"endpointURLs\": [ {\r\n \"environmentName\": \"Production and Sandbox\",\r\n \"environmentType\": \"hybrid\",\r\n \"environmentURLs\": {\r\n \"http\": \"http://localhost:8280//pizzashack/1.0.0\",\r\n \"https\": \"https://localhost:8243//pizzashack/1.0.0\"\r\n }\r\n }],\r\n \"transport\": [\r\n \"http\",\r\n \"https\"\r\n ],\r\n \"tags\": [\"pizza\"],\r\n \"version\": \"1.0.0\",\r\n \"description\": \"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\\r\\n\",\r\n \"provider\": \"admin\",\r\n \"name\": \"PizzaShackAPI\",\r\n \"context\": \"/pizzashack/1.0.0\",\r\n \"id\": \"8848faaa-7fd1-478a-baa2-48a4ebb92c98\",\r\n \"status\": \"PUBLISHED\"\r\n} " summary: | Get details of an API description: | Using this operation, you can retrieve complete details of a single API. You need to provide the Id of the API to retrive it. `X-WSO2-Tenant` header can be used to retrive an API of a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But if it is provided, it will be validated and checked for permissions of the user, hence you may be able to see APIs which are restricted for special permissions/roles. \n parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' tags: - APIs responses: 200: description: | OK. Requested API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. type: string schema: $ref: '#/definitions/API' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested API does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' /apis/{apiId}/swagger: #----------------------------------------------------- # Retrieve the API swagger definition #----------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/swagger x-wso2-curl: "curl https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/swagger" x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/swagger" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"paths\": {\"/*\": {\"get\": {\n \"x-auth-type\": \"Application\",\n \"x-throttling-tier\": \"Unlimited\",\n \"responses\": {\"200\": {\"description\": \"OK\"}}\n }}},\n \"x-wso2-security\": {\"apim\": {\"x-wso2-scopes\": []}},\n \"swagger\": \"2.0\",\n \"info\": {\n \"title\": \"PhoneVerification\",\n \"description\": \"Verify a phone number\",\n \"contact\": {\n \"email\": \"xx@ee.com\",\n \"name\": \"xx\"\n },\n \"version\": \"2.0.0\"\n }\n}\n" summary: | Get swagger definition description: | You can use this operation to retrieve the swagger definition of an API. `X-WSO2-Tenant` header can be used to retrive the swagger definition an API of a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's swagger definition, you need to provide Authorization header. parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/labelName' - $ref: '#/parameters/environmentName' - $ref: '#/parameters/If-None-Match' - $ref: '#/parameters/requestedTenant' tags: - APIs responses: 200: schema: type: string example: "" description: | OK. Requested swagger document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested API does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' /apis/{apiId}/graphql-schema: #----------------------------------------------------- # Retrieve the GraphQL schema definition #----------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/graphql-schema x-wso2-curl: "curl https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/swagger" x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/graphql-schema" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"paths\": {\"/*\": {\"get\": {\n \"x-auth-type\": \"Application\",\n \"x-throttling-tier\": \"Unlimited\",\n \"responses\": {\"200\": {\"description\": \"OK\"}}\n }}},\n \"x-wso2-security\": {\"apim\": {\"x-wso2-scopes\": []}},\n \"swagger\": \"2.0\",\n \"info\": {\n \"title\": \"PhoneVerification\",\n \"description\": \"Verify a phone number\",\n \"contact\": {\n \"email\": \"xx@ee.com\",\n \"name\": \"xx\"\n },\n \"version\": \"2.0.0\"\n }\n}\n" summary: | Get graphQL definition description: | You can use this operation to retrieve the swagger definition of an API. `X-WSO2-Tenant` header can be used to retrive the swagger definition an API of a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's swagger definition, you need to provide Authorization header. parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/If-None-Match' - $ref: '#/parameters/requestedTenant' tags: - APIs responses: 200: description: | OK. Requested swagger document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested API does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' /apis/{apiId}/sdks/{language}: #----------------------------------------------------- # Generate an SDK (System Development Kit) for an API in a requested language #----------------------------------------------------- get: produces: - application/zip security: - OAuth2Security: - apim:subscribe x-wso2-curl: "curl -X GET -k -H \"Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" https://localhost:9443/api/am/store/v1.0/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/sdks/java > Swagger Petstore_java_1.0.0.zip" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/sdks/java Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-disposition : attachment; filename=\"Swagger Petstore_java_1.0.0.zip\"\nContent-type : application/zip" summary: | Generate a SDK for an API description: | This operation can be used to generate SDKs (System Development Kits), for the APIs available in the API Store, for a requested development language. parameters: - in : path name: apiId type: string required: true description: | ID of the specific API for which the SDK is required. - in: path name: language type : string required : true description: | Programming language of the SDK that is required. - $ref: '#/parameters/requestedTenant' tags: - SDKs responses: 200: description: | OK. SDK generated successfully. 400: description: | Bad Request. Requested SDK Language is not supported. schema: $ref: '#/definitions/Error' 404: description: | Not found. Requested API does not exist. schema: $ref: '#/definitions/Error' 500: description: | Internal Server Error. Error while generating SDK. schema: $ref: '#/definitions/Error' ################################################################ # The WSDL resource of "Individual API" resource APIs ################################################################ /apis/{apiId}/wsdl: #----------------------------------------------------- # Retrieve the API WSDL definition #----------------------------------------------------- get: security: - OAuth2Security: [] operationId: getWSDLOfAPI produces: - application/json - application/wsdl - application/zip x-examples: $ref: docs/examples/apis/wsdl/apiId_wsdl_get.yaml summary: Get API WSDL definition description: | This operation can be used to retrieve the swagger definition of an API. parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/labelName' - $ref: '#/parameters/environmentName' - $ref: '#/parameters/If-None-Match' - $ref : '#/parameters/requestedTenant' tags: - APIs responses: 200: description: | OK. Requested WSDL document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). 404: description: | Not Found. Requested API does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # The "Document Collection" resource APIs ###################################################### /apis/{apiId}/documents: #----------------------------------------------------- # Retrieve the documents associated with an API that qualify under a search condition #----------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents x-wso2-curl: "curl https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents" x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"previous\": \"\",\n \"list\": [\n {\n \"sourceType\": \"INLINE\",\n \"sourceUrl\": null,\n \"otherTypeName\": null,\n \"documentId\": \"850a4f34-db2c-4d23-9d85-3f95fbfb082c\",\n \"summary\": \"This is a sample documentation for v1.0.0\",\n \"name\": \"PhoneVerification API Documentation\",\n \"type\": \"HOWTO\"\n },\n {\n \"sourceType\": \"URL\",\n \"sourceUrl\": \"http://wiki.cdyne.com/index.php/Phone_Verification\",\n \"otherTypeName\": null,\n \"documentId\": \"98e18be8-5861-43c7-ba26-8cbbccd3a76f\",\n \"summary\": \"This is the URL for online documentation\",\n \"name\": \"Online Documentation\",\n \"type\": \"SAMPLES\"\n },\n {\n \"sourceType\": \"FILE\",\n \"sourceUrl\": null,\n \"otherTypeName\": null,\n \"documentId\": \"b66451ff-c6c2-4f6a-b91d-3821dc119b04\",\n \"summary\": \"This is a sample documentation pdf\",\n \"name\": \"Introduction to PhoneVerification API PDF\",\n \"type\": \"HOWTO\"\n }\n ],\n \"count\": 3,\n \"next\": \"\"\n}" summary: | Get a list of documents of an API description: | This operation can be used to retrive a list of documents belonging to an API by providing the id of the API. `X-WSO2-Tenant` header can be used to retrive documents of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's documents, you need to provide Authorization header. parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/limit' - $ref: '#/parameters/offset' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' tags: - API Documents responses: 200: description: | OK. Document list is returned. schema: $ref: '#/definitions/DocumentList' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested API does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # The "Individual Document" resource APIs ###################################################### '/apis/{apiId}/documents/{documentId}': #----------------------------------------------------- # Retrieve a particular document of a certain API #----------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents/850a4f34-db2c-4d23-9d85-3f95fbfb082c x-wso2-curl: "curl \"https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents/850a4f34-db2c-4d23-9d85-3f95fbfb082c\"" x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents/850a4f34-db2c-4d23-9d85-3f95fbfb082c" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"sourceType\": \"INLINE\",\n \"sourceUrl\": null,\n \"otherTypeName\": null,\n \"documentId\": \"850a4f34-db2c-4d23-9d85-3f95fbfb082c\",\n \"summary\": \"This is a sample documentation for v1.0.0\",\n \"name\": \"PhoneVerification API Documentation\",\n \"type\": \"HOWTO\"\n}" summary: | Get a document of an API description: | This operation can be used to retrieve a particular document's metadata associated with an API. `X-WSO2-Tenant` header can be used to retrive a document of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's document, you need to provide Authorization header. parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/documentId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' tags: - Documents responses: 200: description: | OK. Document returned. schema: $ref: '#/definitions/Document' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested Document does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ################################################################ # The content resource of "Individual Document" resource APIs ################################################################ '/apis/{apiId}/documents/{documentId}/content': #------------------------------------------------------------------------------------------------- # Downloads a FILE type document/get the inline content or source url of a certain document #------------------------------------------------------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content x-wso2-curl: "curl \"https://localhost:9443/api/am/store/v1.0/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content\" > sample.pdf" x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" \"https://localhost:9443/api/am/store/v1.0/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content\" > sample.pdf" x-wso2-response: "HTTP/1.1 200 OK\nContent-Disposition: attachment; filename=\"sample.pdf\"\nContent-Type: application/octet-stream\nContent-Length: 7802\n\n%PDF-1.4\n%äüöß\n2 0 obj\n<>\nstream\n..\n>>\nstartxref\n7279\n%%EOF" summary: | Get the content of an API document description: | This operation can be used to retrive the content of an API's document. The document can be of 3 types. In each cases responses are different. 1. **Inline type**: The content of the document will be retrieved in `text/plain` content type 2. **FILE type**: The file will be downloaded with the related content type (eg. `application/pdf`) 3. **URL type**: The client will recieve the URL of the document as the Location header with the response with - `303 See Other` `X-WSO2-Tenant` header can be used to retrive the content of a document of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's document content, you need to provide Authorization header. parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/documentId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' tags: - API Documents responses: 200: description: | OK. File or inline content returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. type: string 303: description: | See Other. Source can be retrived from the URL specified at the Location header. headers: Location: description: | The Source URL of the document. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested Document does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ################################################################ # The thumbnail resource of "Individual API" resource APIs ################################################################ /apis/{apiId}/thumbnail: #------------------------------------------------------------------------------------------------- # Downloads a thumbnail image of an API #------------------------------------------------------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis/e93fb282-b456-48fc-8981-003fb89086ae/thumbnail x-wso2-curl: "curl https://localhost:9443/api/am/store/v1.0/apis/e93fb282-b456-48fc-8981-003fb89086ae/thumbnail > image.jpg" x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/apis/e93fb282-b456-48fc-8981-003fb89086ae/thumbnail > image.jpg" x-wso2-response: "HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\n\r\n[image content]" summary: Get thumbnail image description: | This operation can be used to download a thumbnail image of an API. `X-WSO2-Tenant` header can be used to retrive a thumbnail of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's thumbnail, you need to provide Authorization header. parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' tags: - APIs responses: 200: description: | OK. Thumbnail image returned headers: Content-Type: description: | The content type of the body. type: string ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested Document does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # The "Ratings Collection" resource APIs ###################################################### '/apis/{apiId}/ratings': #----------------------------------------------------- # Retrieve the list of ratings of a certain API #----------------------------------------------------- get: security: - OAuth2Security: [] summary: Retrieve API ratings description: | This operation can be used to retrieve the list of ratings of an API. `X-WSO2-Tenant` header can be used to retrieve ratings of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. x-examples: $ref: docs/examples/apis/apis_id_ratings_get.yaml parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/limit' - $ref: '#/parameters/offset' - $ref: '#/parameters/requestedTenant' tags: - Ratings responses: 200: description: | OK. Rating list returned. schema: $ref: '#/definitions/RatingList' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # The "Individual User API Rating" resource APIs ###################################################### '/apis/{apiId}/user-rating': #----------------------------------------------------- # Retrieve user rating of an API #----------------------------------------------------- get: security: - OAuth2Security: - apim:subscribe summary: Retrieve API rating of user description: | This operation can be used to get the user rating of an API. `X-WSO2-Tenant` header can be used to retrieve the logged in user rating of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. x-examples: $ref: docs/examples/apis/apis_id_user-rating.yaml#/get parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' tags: - Ratings responses: 200: description: | OK. Rating returned. schema: $ref: '#/definitions/Rating' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modified the last time. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client already has the latest version of the requested resource. 404: description: | Not Found. Requested rating does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' #----------------------------------------------------- # Add or update rating #----------------------------------------------------- put: security: - OAuth2Security: - apim:subscribe summary: Add or update logged in user's rating for an API description: | This operation can be used to add or update an API rating. `X-WSO2-Tenant` header can be used to add or update the logged in user rating of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. x-examples: $ref: docs/examples/apis/apis_id_user-rating.yaml#/put parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/requestedTenant' - in: body name: body description: | Rating object that should to be added required: true schema: $ref: '#/definitions/Rating' tags: - Ratings responses: 200: description: | OK. Successful response with the newly created or updated object as entity in the body. schema: $ref: '#/definitions/Rating' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. type: string 400: description: | Bad Request. Invalid request or validation error. schema: $ref: '#/definitions/Error' 415: description: | Unsupported media type. The entity of the request was not in a supported format. schema: $ref: '#/definitions/Error' #----------------------------------------------------- # Delete user rating #----------------------------------------------------- delete: security: - OAuth2Security: - apim:subscribe summary: Delete user API rating description: | This operation can be used to delete logged in user API rating. `X-WSO2-Tenant` header can be used to delete the logged in user rating of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. x-examples: $ref: docs/examples/apis/apis_id_user-rating.yaml#/delete parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-Match' tags: - Ratings responses: 200: description: | OK. Resource successfully deleted. ###################################################### # The "Comments Collection" resource API ###################################################### '/apis/{apiId}/comments': #----------------------------------------------------- # Retrieve a list of all comments of a certain API #----------------------------------------------------- get: summary: Retrieve API comments security: - OAuth2Security: [] description: | Get a list of Comments that are already added to APIs operationId: getAllCommentsOfAPI parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/limit' - $ref: '#/parameters/offset' x-examples: $ref: docs/examples/apis/comments.yaml#/get tags: - Comments responses: 200: description: | OK. Comments list is returned. schema: $ref: '#/definitions/CommentList' 401: description: | Unauthorized. The user is not authorized to view the comments. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' #----------------------------------------------------- # Add a new Comment #----------------------------------------------------- post: summary: Add an API comment security: - OAuth2Security: - apim:subscribe x-scope: apim:subscribe operationId: addCommentToAPI parameters: - $ref: '#/parameters/apiId' - in: body name: body description: | Comment object that should to be added required: true schema: $ref: '#/definitions/Comment' x-examples: $ref: docs/examples/apis/comments.yaml#/post tags: - Comments responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. schema: $ref: '#/definitions/Comment' headers: Location: description: | Location to the newly created Comment. type: string ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. type: string 400: description: | Bad Request. Invalid request or validation error. schema: $ref: '#/definitions/Error' 401: description: | Unauthorized. The user is not authorized to add the comment. schema: $ref: '#/definitions/Error' 415: description: | Unsupported media type. The entity of the request was in a not supported format. schema: $ref: '#/definitions/Error' ######################################################### # "Individual API comment" resource APIs ######################################################### '/apis/{apiId}/comments/{commentId}': #----------------------------------------------------------------------- # Retrieve an individual Comment for a certain API #----------------------------------------------------------------------- get: summary: Get details of an API comment security: - OAuth2Security: [] description: | Get the individual comment given by a username for a certain API. operationId: getCommentOfAPI parameters: - $ref: '#/parameters/commentId' - $ref: '#/parameters/apiId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' x-examples: $ref: docs/examples/apis/comment_id-comments.yaml#/get tags: - Comments responses: 200: description: | OK. Comment returned. schema: $ref: '#/definitions/Comment' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 401: description: | Unauthorized. The user is not authorized to view the comment. schema: $ref: '#/definitions/Error' 404: description: | Not Found. Requested comment does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' #----------------------------------------------------- # Delete a particular Comment #----------------------------------------------------- delete: summary: Delete an API comment security: - OAuth2Security: - apim:subscribe x-scope: apim:subscribe description: | Remove a Comment operationId: deleteComment parameters: - $ref: '#/parameters/commentId' - $ref: '#/parameters/apiId' - $ref: '#/parameters/If-Match' x-examples: $ref: docs/examples/apis/comment_id-comments.yaml#/delete tags: - Comments responses: 200: description: | OK. Resource successfully deleted. 401: description: | Unauthorized. The user is not authorized to delete the comment. schema: $ref: '#/definitions/Error' 404: description: | Not Found. Resource to be deleted does not exist. schema: $ref: '#/definitions/Error' ###################################################### # The "API Throttling Policy" resource APIs ###################################################### '/apis/{apiId}/subscription-policies': #----------------------------------------------------- # Retrieve subscription throttling policies of an API #----------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-curl: "curl \"https://localhost:9443/api/am/store/v1.0//apis/268c9e55-3dc1-4f47-82e7-977e5343d077/subscription-policies\"" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/apis/268c9e55-3dc1-4f47-82e7-977e5343d077/subscription-policies x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/apis/268c9e55-3dc1-4f47-82e7-977e5343d077/subscription-policies" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n[{\n \"unitTime\": 60000,\n \"tierPlan\": \"FREE\",\n \"stopOnQuotaReach\": true,\n \"policyLevel\": \"api\",\n \"requestCount\": 1,\n \"description\": \"Allows 1 request(s) per minute.\",\n \"name\": \"Bronze\",\n \"attributes\": {}\n}]" summary: | Get details of the subscription throttling policies of an API description: | This operation can be used to retrieve details of the subscription throttling policy of an API by specifying the API Id. `X-WSO2-Tenant` header can be used to retrive API subscription throttling policies that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/parameters/apiId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' tags: - APIs responses: 200: description: | OK. Throttling Policy returned schema: $ref: '#/definitions/ThrottlingPolicy' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested Throttling Policy does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported. schema: $ref: '#/definitions/Error' ###################################################### # The "Application Collection" resource APIs ###################################################### /applications: #----------------------------------------------------- # Retrieve a list of all applications of a certain subscriber #----------------------------------------------------- get: security: - OAuth2Security: - apim:subscribe x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/applications Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" \"https://localhost:9443/api/am/store/v1.0/applications\"" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"previous\": \"\",\n \"list\": [\n {\n \"groupId\": \"\",\n \"subscriber\": \"admin\",\n \"throttlingTier\": \"Unlimited\",\n \"applicationId\": \"367a2361-8db5-4140-8133-c6c8dc7fa0c4\",\n \"description\": \"\",\n \"status\": \"APPROVED\",\n \"name\": \"app1\"\n },\n {\n \"groupId\": \"\",\n \"subscriber\": \"admin\",\n \"throttlingPolicy\": \"Unlimited\",\n \"applicationId\": \"896658a0-b4ee-4535-bbfa-806c894a4015\",\n \"description\": null,\n \"status\": \"APPROVED\",\n \"name\": \"DefaultApplication\"\n }\n ],\n \"count\": 2,\n \"next\": \"\"\n}" summary: | Retrieve/Search applications description: | This operation can be used to retrieve list of applications that is belonged to the user associated with the provided access token. parameters: - $ref: '#/parameters/groupId' - name : query in: query description: | **Search condition**. You can search for an application by specifying the name as "query" attribute. Eg. "app1" will match an application if the name is exactly "app1". Currently this does not support wildcards. Given name must exactly match the application name. type: string - name: sortBy in: query type: string enum: - name - throttlingPolicy - status - name: sortOrder in: query type: string enum: - asc - desc - $ref: '#/parameters/limit' - $ref: '#/parameters/offset' - $ref: '#/parameters/If-None-Match' tags: - Applications responses: 200: description: | OK. Application list returned. schema: $ref: '#/definitions/ApplicationList' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 400: description: | Bad Request. Invalid request or validation error. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported. schema: $ref: '#/definitions/Error' #----------------------------------------------------- # Create a new application #----------------------------------------------------- post: security: - OAuth2Security: - apim:app_manage x-scope: apim:subscribe x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" -H \"Content-Type: application/json\" -X POST -d @data.json \"https://localhost:9443/api/am/store/v1.0/applications\"" x-wso2-request: "POST https://localhost:9443/api/am/store/v1.0/applications\nAuthorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\n\n{\n \"throttlingPolicy\": \"Unlimited\",\n \"description\": \"sample app description\",\n \"name\": \"sampleapp\",\n \"callbackUrl\": \"http://my.server.com/callback\"\n \"groupId\": \"org1\"\n}" x-wso2-response: "HTTP/1.1 201 Created\nLocation: https://localhost:9443/api/am/store/v1.0/applications/c30f3a6e-ffa4-4ae7-afce-224d1f820524\nContent-Type: application/json\n\n{\n \"groupId\": null,\n \"callbackUrl\": \"http://my.server.com/callback\",\n \"subscriber\": \"admin\",\n \"throttlingPolicy\": \"Unlimited\",\n \"applicationId\": \"c30f3a6e-ffa4-4ae7-afce-224d1f820524\",\n \"description\": \"sample app description\",\n \"status\": \"APPROVED\",\n \"name\": \"sampleapp\",\n \"keys\": []\n}" summary: | Create a new application description: | This operation can be used to create a new application specifying the details of the application in the payload. parameters: - in: body name: body description: | Application object that is to be created. required: true schema: $ref: '#/definitions/Application' tags: - Applications responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. schema: $ref: '#/definitions/Application' headers: Location: description: | Location of the newly created Application. type: string ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request type: string 202: description: | Accepted. The request has been accepted. schema: $ref: '#/definitions/WorkflowResponse' headers: Location: description: | Location of the newly created Application. type: string 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 409: description: | Conflict. Application already exists. schema: $ref: '#/definitions/Error' 415: description: | Unsupported media type. The entity of the request was in a not supported format. schema: $ref: '#/definitions/Error' ###################################################### # The "Individual Application" resource APIs ###################################################### '/applications/{applicationId}': #----------------------------------------------------- # Retrieve the details about a certain application #----------------------------------------------------- get: security: - OAuth2Security: - apim:subscribe x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" \"https://localhost:9443/api/am/store/v1.0/applications/896658a0-b4ee-4535-bbfa-806c894a4015\"" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/applications/896658a0-b4ee-4535-bbfa-806c894a4015 Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"groupId\": \"\",\n \"callbackUrl\": null,\n \"subscriber\": \"admin\",\n \"throttlingPolicy\": \"Unlimited\",\n \"applicationId\": \"896658a0-b4ee-4535-bbfa-806c894a4015\",\n \"description\": null,\n \"status\": \"APPROVED\",\n \"name\": \"DefaultApplication\",\n \"keys\": [ {\n \"consumerKey\": \"AVoREWiB16kY_GTIzscl40GYYZQa\",\n \"consumerSecret\": \"KXQxmS8W3xDvvJH4AfR6xrhKIeIa\",\n \"keyState\": \"COMPLETED\",\n \"keyType\": \"PRODUCTION\",\n \"supportedGrantTypes\": null,\n \"token\": {\n \"validityTime\": 3600,\n \"accessToken\": \"3887da6d111f0429c6dff47a46e87209\",\n \"tokenScopes\": [\n \"am_application_scope\",\n \"default\"\n ]\n }\n }]\n}" summary: | Get details of an application description: | This operation can be used to retrieve details of an individual application specifying the application id in the URI. parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/If-None-Match' tags: - Applications responses: 200: description: | OK. Application returned. schema: $ref: '#/definitions/Application' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested application does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' #----------------------------------------------------- # Update a certain application #----------------------------------------------------- put: security: - OAuth2Security: - apim:app_manage - apim:app_update x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" -H \"Content-Type: application/json\" -X PUT -d @data.json \"https://localhost:9443/api/am/store/v1.0/applications/c30f3a6e-ffa4-4ae7-afce-224d1f820524\"" x-wso2-request: "PUT https://localhost:9443/api/am/store/v1.0/applications/c30f3a6e-ffa4-4ae7-afce-224d1f820524\nAuthorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\n\n{\n \"callbackUrl\": \"\",\n \"throttlingPolicy\": \"Bronze\",\n \"description\": \"sample app description updated\",\n \"name\": \"sampleapp\",\n \"groupId\": \"org1\"\n}" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"groupId\": null,\n \"callbackUrl\": \"\",\n \"subscriber\": \"admin\",\n \"throttlingPolicy\": \"Bronze\",\n \"applicationId\": \"c30f3a6e-ffa4-4ae7-afce-224d1f820524\",\n \"description\": \"sample app description updated\",\n \"status\": \"APPROVED\",\n \"name\": \"sampleapp\",\n \"keys\": []\n}" summary: | Update an application description: | This operation can be used to update an application. Upon succesfull you will retrieve the updated application as the response. parameters: - $ref: '#/parameters/applicationId' - in: body name: body description: | Application object that needs to be updated required: true schema: $ref: '#/definitions/Application' - $ref: '#/parameters/If-Match' tags: - Applications responses: 200: description: | OK. Application updated. schema: $ref: '#/definitions/Application' headers: Location: description: | The URL of the newly created resource. type: string ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. type: string 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource to be updated does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' #----------------------------------------------------- # Delete a certain application #----------------------------------------------------- delete: security: - OAuth2Security: - apim:app_manage x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" -X DELETE \"https://localhost:9443/api/am/store/v1.0/applications/367a2361-8db5-4140-8133-c6c8dc7fa0c4\"" x-wso2-request: | DELETE https://localhost:9443/api/am/store/v1.0/applications/367a2361-8db5-4140-8133-c6c8dc7fa0c4 Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK" summary: | Remove an application description: | This operation can be used to remove an application specifying its id. parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/If-Match' tags: - Applications responses: 200: description: | OK. Resource successfully deleted. 202: description: | Accepted. The request has been accepted. schema: $ref: '#/definitions/WorkflowResponse' headers: Location: description: | Location of the existing Application. type: string 404: description: | Not Found. Resource to be deleted does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ####################################################### # The "Generate Keys" Processing Function resource API ####################################################### '/applications/{applicationId}/generate-keys': #----------------------------------------------------- # Generate keys for an application #----------------------------------------------------- post: summary: Generate application keys security: - OAuth2Security: - apim:app_manage - apim:app_update description: | Generate keys (Consumer key/secret) for application parameters: - $ref: '#/parameters/applicationId' - in: body name: body description: | Application key generation request object required: true schema: $ref: '#/definitions/ApplicationKeyGenerateRequest' tags: - Application Keys responses: 200: description: | OK. Keys are generated. schema: $ref: '#/definitions/ApplicationKey' 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource to be updated does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ############################################################## # The "Map Application Keys" Processing Function resource API ############################################################## '/applications/{applicationId}/map-keys': #----------------------------------------------------- # Mapping keys for an application #----------------------------------------------------- post: summary: Map application keys security: - OAuth2Security: - apim:subscribe description: | Map keys (Consumer key/secret) to an application parameters: - $ref: '#/parameters/applicationId' - in: body name: body description: | Application key mapping request object required: true schema: $ref: '#/definitions/ApplicationKeyMappingRequest' tags: - Application Keys responses: 200: description: | OK. Keys are mapped. schema: $ref: '#/definitions/ApplicationKey' 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource to be updated does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ###################################################### # The "Application Keys" resource APIs ###################################################### '/applications/{applicationId}/keys': #----------------------------------------------------- # Get all keys of an application #----------------------------------------------------- get: summary: Retrieve all application keys security: - OAuth2Security: - apim:subscribe description: | Retrieve keys (Consumer key/secret) of application parameters: - $ref: '#/parameters/applicationId' tags: - Application Keys responses: 200: description: | OK. Keys are returned. schema: $ref: '#/definitions/ApplicationKeyList' 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ###################################################### # The "Application Keys of One Type" resource APIs ###################################################### '/applications/{applicationId}/keys/{keyType}': #----------------------------------------------------- # Get a key of an application by key type #----------------------------------------------------- get: security: - OAuth2Security: - apim:subscribe x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" \"https://localhost:9443/api/am/store/v1.0/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION\"" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n {\n \"consumerKey\": \"QwEtRHd4NJkcFuRUfAT5af8XEEoa\",\n \"consumerSecret\": \"7Fairfeu321ENjOR9w2xgJl3i70a\",\n \"supportedGrantTypes\": [\n \"refresh_token\",\n \"urn:ietf:params:oauth:grant-type:saml2-bearer\",\n \"password\",\n \"client_credentials\",\n \"iwa:ntlm\"\n ],\n \"callbackUrl\": \"http://sample/com/callback\",\n \"keyState\": \"COMPLETED\",\n \"keyType\": \"SANDBOX\"}\n" summary: | Get key details of a given type description: | This operation can be used to retrieve key details of an individual application specifying the key type in the URI. parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/keyType' - $ref: '#/parameters/groupId' tags: - Application Keys responses: 200: description: | OK. Keys of given type are returned. schema: $ref: '#/definitions/ApplicationKey' 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' #-------------------------------------------------------------------- # Update grant types and callback url of an application #-------------------------------------------------------------------- put: security: - OAuth2Security: - apim:app_manage - apim:app_update x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" -H \"Content-Type: application/json\" -X PUT -d @data.json \"https://localhost:9443/api/am/store/v1.0/applications/c30f3a6e-ffa4-4ae7-afce-224d1f820524/keys/SANDBOX\"" x-wso2-request: | PUT https://localhost:9443/api/am/store/v1.0/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/SANDBOX Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 { "supportedGrantTypes": [ "refresh_token", "urn:ietf:params:oauth:grant-type:saml2-bearer", "password", "client_credentials", "iwa:ntlm" ], "callbackUrl": "http://sample/com/callback" } x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n {\n \"consumerKey\": \"QwEtRHd4NJkcFuRUfAT5af8XEEoa\",\n \"consumerSecret\": \"7Fairfeu321ENjOR9w2xgJl3i70a\",\n \"supportedGrantTypes\": [\n \"refresh_token\",\n \"urn:ietf:params:oauth:grant-type:saml2-bearer\",\n \"password\",\n \"client_credentials\",\n \"iwa:ntlm\"\n ],\n \"callbackUrl\": \"http://sample/com/callback\",\n \"keyState\": \"COMPLETED\",\n \"keyType\": \"PRODUCTION\"}\n" summary: | Update grant types and callback url of an application description: | This operation can be used to update grant types and callback url of an application. (Consumer Key and Consumer Secret are ignored) Upon succesfull you will retrieve the updated key details as the response. parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/keyType' - in: body name: body description: | Grant types/Callback URL update request object required: true schema: $ref: '#/definitions/ApplicationKey' tags: - Application Keys responses: 200: description: | Ok. Grant types or/and callback url is/are updated. schema: $ref: '#/definitions/ApplicationKey' 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource to be updated does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ############################################################ # The "Regenerate Secret" Processing Function resource API ############################################################ '/applications/{applicationId}/keys/{keyType}/regenerate-secret': #----------------------------------------------------- # Re generate consumer secret for an application #----------------------------------------------------- post: security: - OAuth2Security: - apim:subscribe x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" -H \"Content-Type: application/json\" -X POST -d @data.json \"https://localhost:9443/api/am/store/v1.0/applications/regenerate-consumersecret\"" x-wso2-request: "POST https://localhost:9443/api/am/store/v1.0/applications/regenerate-consumersecret\nAuthorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\n\n{\n \"consumerKey\": \"AVoREWiB16kY_GTIzscl40GYYZQa\"\n}" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"consumerSecret\": \"8V7DDKtKGtuG_9GDjaOJ5sijdX0a\",\n \"consumerKey\": \"LOFL8He72MSGVil4SS_bsh9O8MQa\"\n}" summary: | Re-generate consumer secret description: | This operation can be used to re generate consumer secret for an application for the give key type parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/keyType' tags: - Application Keys responses: 200: description: | OK. Keys are re generated. schema: $ref: '#/definitions/ApplicationKeyReGenerateResponse' headers: Content-Type: description: | The content type of the body. type: string ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).‚ type: string 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource to be updated does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met (Will be supported in future). schema: $ref: '#/definitions/Error' ###################################################### # The "Cleanup" Processing Function resource API ###################################################### '/applications/{applicationId}/keys/{keyType}/clean-up': #----------------------------------------------------- # clean up keys after failed key generation of an application #----------------------------------------------------- post: security: - OAuth2Security: - apim:subscribe summary: Clean up application keys description: | Clean up keys after failed key generation of an application parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/keyType' - $ref: '#/parameters/If-Match' tags: - Application Keys responses: 200: description: | OK. Clean up is performed 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource to be updated does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ###################################################### # The "Generate Token" Processing Function resource API ###################################################### '/applications/{applicationId}/keys/{keyType}/generate-token': #----------------------------------------------------- # Generate a token for an application #----------------------------------------------------- post: security: - OAuth2Security: - apim:subscribe summary: Generate application token description: | Generate an access token for application by client_credentials grant type parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/keyType' - in: body name: body description: | Application token generation request object required: true schema: $ref: '#/definitions/ApplicationTokenGenerateRequest' - $ref: '#/parameters/If-Match' tags: - Application Tokens responses: 200: description: | OK. Token is generated. schema: $ref: '#/definitions/ApplicationToken' 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource to be updated does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ###################################################### # The "Generate API Key" Processing Function resource API ###################################################### '/applications/{applicationId}/api-keys/{keyType}/generate': #----------------------------------------------------- # Generate apikey for an application #----------------------------------------------------- post: security: - OAuth2Security: - apim:api_key summary: Generate API Key description: | Generate a self contained API Key for the application parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/keyType' - in: body name: body description: | API Key generation request object schema: $ref: '#/definitions/APIKeyGenerateRequest' - $ref: '#/parameters/If-Match' tags: - API Keys responses: 200: description: | OK. apikey generated. schema: $ref: '#/definitions/APIKey' 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 404: description: | Not Found. The resource to be updated does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ###################################################### # The "Generate API Key" Processing Function resource API ###################################################### '/applications/{applicationId}/api-keys/{keyType}/revoke': #----------------------------------------------------- # Revoke apikey for an application #----------------------------------------------------- post: security: - OAuth2Security: - apim:api_key summary: Revoke API Key description: | Revoke a self contained API Key for the application parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/keyType' - in: body name: body description: | API Key revoke request object schema: $ref: '#/definitions/APIKeyRevokeRequest' - $ref: '#/parameters/If-Match' tags: - API Keys responses: 200: description: | OK. apikey revoked successfully. 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' '/applications/{applicationId}/scopes': get: security: - OAuth2Security: - apim:subscribe x-wso2-request: |- GET https://127.0.0.1:9443/api/am/store/v1.0/applications/896658a0-b4ee-4535-bbfa-806c894a4015/scopes Authorization: Beareraa0ddec1ac656744234477f20fafcb0d x-wso2-curl: 'curl -k -H "Authorization: Bearer aa0ddec1ac656744234477f20fafcb0d" "https://127.0.0.1:9443/api/am/store/v1.0/applications/896658a0-b4ee-4535-bbfa-806c894a4015/scopes"' x-wso2-response: |- HTTP/1.1 200 OK Content-Type: application/json { "list": [ { "key":"api_scope", "name":"API Scope", "roles":null, "description":"" }] } summary: | Get scopes of application description: | Get scopes associated with a particular application based on subscribed APIs parameters: - $ref: '#/parameters/applicationId' - $ref: '#/parameters/filterByUserRoles' - $ref: '#/parameters/If-None-Match' tags: - Application Scopes responses: '200': description: | OK. Scope returned. schema: $ref: '#/definitions/ScopeList' headers: Content-Type: description: | The content type of the body. type: string ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional reuquests. type: string '304': description: | Not Modified. Empty body because the client has already the latest version of the requested resource. '401': description: | Un authorized. The user is not authorized to view the application . schema: $ref: '#/definitions/Error' '404': description: | Not Found. Requested application does not exist. schema: $ref: '#/definitions/Error' '406': description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # Export Application Resource API ###################################################### /export/applications: get: security: - OAuth2Security: - apim:subscribe produces: - application/zip x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" https://localhost:9443/api/am/store/v1.0/export/applications?appId=xxx > exported-application.zip" x-wso2-request: | GET https://127.0.0.1:9443/api/am/store/v1.0/export/applications?appId=xxx Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\n Connection: keep-alive\n Content-Disposition: attachment; filename=\"exported-applications.zip\"\n Content-Type: application/zip" summary: Export details related to an Application. description: | This operation can be used to export details related to a perticular application. parameters: - name: appId in: query description: | Application Search Query required: true type: string tags: - Import and Export Applications responses: 200: description: | OK. Export Configuration returned. headers: Content-Type: description: | The content type of the body. type: string schema: type: file 404: description: | Not Found. Requested Application does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ###################################################### # Import Application Resource API ###################################################### /import/applications: put: security: - OAuth2Security: - apim:subscribe consumes: - multipart/form-data x-wso2-curl: "curl -k -F \"file=@exported.zip\" -X PUT -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" https://localhost:9443/api/am/store/v1.0/import/applications" x-wso2-request: | PUT https://127.0.0.1:9443/api/am/store/v1.0/import/applications Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type:application/json\n\n{\"applicationUUID\":\"645b8e32-3643-48e5-ab42-aed853a8cd77\",\"workflowResponse\":{\"workflowStatus\":\"APPROVED\"}}" summary: Imports an Updates an Application. description: | This operation can be used to import an existing Application. parameters: - name: file in: formData description: | Zip archive consisting on exported application configuration required: true type: file tags: - Import and Export Applications responses: 200: description: | OK. Successful response with the updated object as entity in the body. schema: $ref: '#/definitions/Application' headers: Content-Type: description: | The content type of the body. type: string 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' post: security: - OAuth2Security: - apim:subscribe consumes: - multipart/form-data x-wso2-curl: "curl -k -F \"file=@exported.zip\" -X POST -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" https://localhost:9443/api/am/store/v1.0/import/applications" x-wso2-request: | POST https://127.0.0.1:9443/api/am/store/v1.0/import/applications Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\"name\":\"sampleApp2\",\"uuid\":\"5e3ac21a-cc14-4404-95f1-659900c165c4\",\"description\":\"sample app 2\",\"throttlingPolicy\":{\"uuid\":\"5b74ec82-264e-4104-91ef-fdd41b981798\",\"policyName\":\"50PerMin\",\"isDeployed\":false},\"status\":\"APPROVED\",\"createdUser\":\"admin\",\"createdTime\":{\"date\":{\"year\":2017,\"month\":11,\"day\":8},\"time\":{\"hour\":4,\"minute\":10,\"second\":4,\"nano\":434000000}}}" summary: Imports an Application. description: | This operation can be used to import an existing Application. parameters: - name: file in: formData description: | Zip archive consisting on exported application configuration required: true type: file tags: - Import and Export Applications responses: 200: description: | OK. Successful response with the updated object as entity in the body. schema: $ref: '#/definitions/Application' headers: Content-Type: description: | The content type of the body. type: string 400: description: | Bad Request. Invalid request or validation error schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ###################################################### # The "Subscription Collection" resource APIs ###################################################### /subscriptions: #----------------------------------------------------- # Retrieve all subscriptions of a certain API and application #----------------------------------------------------- get: security: - OAuth2Security: - apim:subscribe x-scope: apim:subscribe x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" \"https://localhost:9443/api/am/store/v1.0/subscriptions?apiId=c43a325c-260b-4302-81cb-768eafaa3aed\"" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/subscriptions?apiId=c43a325c-260b-4302-81cb-768eafaa3aed Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"previous\": \"\",\n \"list\": [\n {\n \"throttlingPolicy\": \"Bronze\",\n \"subscriptionId\": \"03b8ef2b-5ae5-41f5-968e-52fa7fbd5d33\",\n \"apiIdentifier\": \"admin-PhoneVerification-2.0.0\",\n \"applicationId\": \"896658a0-b4ee-4535-bbfa-806c894a4015\",\n \"status\": \"UNBLOCKED\"\n },\n {\n \"throttlingPolicy\": \"Bronze\",\n \"subscriptionId\": \"5ed42650-9f5e-4dd4-94f3-3f09f1b17354\",\n \"apiIdentifier\": \"admin-PhoneVerification-2.0.0\",\n \"applicationId\": \"846118a5-3b25-4c22-a983-2d0278936f09\",\n \"status\": \"UNBLOCKED\"\n }\n ],\n \"count\": 2,\n \"next\": \"\"\n}" summary: | Get all subscriptions description: | This operation can be used to retrieve a list of subscriptions of the user associated with the provided access token. This operation is capable of 1. Retrieving applications which are subscibed to a specific API. `GET https://localhost:9443/api/am/store/v1.0/subscriptions?apiId=c43a325c-260b-4302-81cb-768eafaa3aed` 2. Retrieving APIs which are subscribed by a specific application. `GET https://localhost:9443/api/am/store/v1.0/subscriptions?applicationId=c43a325c-260b-4302-81cb-768eafaa3aed` **IMPORTANT:** * It is mandatory to provide either **apiId** or **applicationId**. parameters: - $ref: '#/parameters/apiId-Q' - $ref: '#/parameters/applicationId-Q' - $ref: '#/parameters/apiType-Q' - $ref: '#/parameters/groupId' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/offset' - $ref: '#/parameters/limit' - $ref: '#/parameters/If-None-Match' tags: - Subscriptions responses: 200: description: | OK. Subscription list returned. schema: $ref: '#/definitions/SubscriptionList' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' #----------------------------------------------------- # Create a new subscription #----------------------------------------------------- post: security: - OAuth2Security: - apim:sub_manage x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" -H \"Content-Type: application/json\" -X POST -d @data.json \"https://localhost:9443/api/am/store/v1.0/subscriptions\"" x-wso2-request: "POST https://localhost:9443/api/am/store/v1.0/subscriptions\nAuthorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\n\n{\n \"throttlingPolicy\": \"Gold\",\n \"apiIdentifier\": \"c43a325c-260b-4302-81cb-768eafaa3aed\",\n \"applicationId\": \"c30f3a6e-ffa4-4ae7-afce-224d1f820524\"\n}" x-wso2-response: "HTTP/1.1 201 Created\nLocation: https://localhost:9443/api/am/store/v1.0/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9\nContent-Type: application/json\n\n{\n \"throttlingPolicy\": \"Gold\",\n \"subscriptionId\": \"5b65808c-cdf2-43e1-a695-de63e3ad0ae9\",\n \"apiIdentifier\": \"admin-PhoneVerification-2.0.0\",\n \"applicationId\": \"c30f3a6e-ffa4-4ae7-afce-224d1f820524\",\n \"status\": \"UNBLOCKED\"\n}" summary: | Add a new subscription description: | This operation can be used to add a new subscription providing the id of the API and the application. parameters: - in: body name: body description: | Subscription object that should to be added required: true schema: $ref: '#/definitions/Subscription' - $ref: '#/parameters/requestedTenant' tags: - Subscriptions responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. schema: $ref: '#/definitions/Subscription' headers: Location: description: | Location to the newly created subscription. type: string ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. type: string 202: description: | Accepted. The request has been accepted. schema: $ref: '#/definitions/WorkflowResponse' headers: Location: description: | Location of the newly created subscription. type: string 400: description: | Bad Request. Invalid request or validation error. schema: $ref: '#/definitions/Error' 415: description: | Unsupported media type. The entity of the request was in a not supported format. ###################################################### # The "Multiple Subscriptions" resource API ###################################################### '/subscriptions/multiple': #----------------------------------------------------- # Create a batch of Subscriptions #----------------------------------------------------- post: security: - OAuth2Security: - apim:subscribe x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" -H \"Content-Type: application/json\" -X POST -d @data.json \"https://localhost:9443/api/am/store/v1.0/subscriptions/multiple\"" x-wso2-request: "POST https://localhost:9443/api/am/store/v1.0/subscriptions/multiple\nAuthorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\n\n{\n \"throttlingPolicy\": \"Gold\",\n \"apiIdentifier\": \"c43a325c-260b-4302-81cb-768eafaa3aed\",\n \"applicationId\": \"c30f3a6e-ffa4-4ae7-afce-224d1f820524\"\n}" x-wso2-response: "HTTP/1.1 201 Created\nLocation: https://localhost:9443/api/am/store/v1.0/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9\nContent-Type: application/json\n\n{\n \"throttlingPolicy\": \"Gold\",\n \"subscriptionId\": \"5b65808c-cdf2-43e1-a695-de63e3ad0ae9\",\n \"apiIdentifier\": \"admin-PhoneVerification-2.0.0\",\n \"applicationId\": \"c30f3a6e-ffa4-4ae7-afce-224d1f820524\",\n \"status\": \"UNBLOCKED\"\n}" summary: | Add new subscriptions description: | This operation can be used to add a new subscriptions providing the ids of the APIs and the applications. parameters: - in: body name: body description: | Subscription objects that should to be added required: true schema: type: array items: $ref: '#/definitions/Subscription' - $ref: '#/parameters/requestedTenant' tags: - Subscriptions responses: 200: description: | OK. Successful response with the newly created objects as entity in the body. schema: type: array items: $ref: '#/definitions/Subscription' headers: Content-Type: description: | The content type of the body. type: string ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). type: string 400: description: | Bad Request. Invalid request or validation error. schema: $ref: '#/definitions/Error' 415: description: | Unsupported media type. The entity of the request was in a not supported format. ###################################################### # The "Individual Subscription" resource APIs ###################################################### '/subscriptions/{subscriptionId}': #----------------------------------------------------- # Retrieve a certain subscription #----------------------------------------------------- get: security: - OAuth2Security: - apim:subscribe x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" \"https://localhost:9443/api/am/store/v1.0/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9\"" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9 Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"throttlingPolicy\": \"Gold\",\n \"subscriptionId\": \"5b65808c-cdf2-43e1-a695-de63e3ad0ae9\",\n \"apiIdentifier\": \"admin-PhoneVerification-2.0.0\",\n \"applicationId\": \"c30f3a6e-ffa4-4ae7-afce-224d1f820524\",\n \"status\": \"UNBLOCKED\"\n}" summary: | Get details of a subscription description: | This operation can be used to get details of a single subscription. parameters: - $ref: '#/parameters/subscriptionId' - $ref: '#/parameters/If-None-Match' tags: - Subscriptions responses: 200: description: | OK. Subscription returned schema: $ref: '#/definitions/Subscription' headers: ETag: description: 'Entity Tag of the response resource. Used by caches, or in conditional requests.' type: string Last-Modified: description: 'Date and time the resource has been modifed the last time. Used by caches, or in conditional reuquests.' type: string '304': description: | Not Modified. Empty body because the client has already the latest version of the requested resource. '404': description: | Not Found. Requested Subscription does not exist. schema: $ref: '#/definitions/Error' #----------------------------------------------------- # Delete a certain subscription #----------------------------------------------------- delete: security: - OAuth2Security: - apim:sub_manage x-scope: apim:subscribe x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" -X DELETE \"https://localhost:9443/api/am/store/v1.0/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9\"" x-wso2-request: | DELETE https://localhost:9443/api/am/store/v1.0/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9 x-wso2-response: "HTTP/1.1 200 OK" summary: | Remove a subscription description: | This operation can be used to remove a subscription. parameters: - $ref: '#/parameters/subscriptionId' - $ref: '#/parameters/If-Match' tags: - Subscriptions responses: 200: description: | OK. Resource successfully deleted. 202: description: | Accepted. The request has been accepted. schema: $ref: '#/definitions/WorkflowResponse' headers: Location: description: | Location of the existing subscription. type: string 404: description: | Not Found. Resource to be deleted does not exist. schema: $ref: '#/definitions/Error' 412: description: | Precondition Failed. The request has not been performed because one of the preconditions is not met. schema: $ref: '#/definitions/Error' ###################################################### # The get usage billing resource APIs ###################################################### '/subscriptions/{subscriptionId}/usage': get: x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" https://127.0.0.1:9443/api/am/store/v1.0/subscriptions/64eca60b-2e55-4c38-8603-e9e6bad7d809/usage" x-wso2-request: | GET https://127.0.0.1:9443/api/am/store/v1.0/subscriptions/64eca60b-2e55-4c38-8603-e9e6bad7d809/usage Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"object\": \"invoice\",\n \"account_country\": \"US\",\n \"account_name\": \"test.com\",\n \"amount_due\": \"0\",\n \"amount_paid\": \"0\"\n \"amount_remaining\": \"0\"\n}" security: - OAuth2Security: - apim:sub_manage summary: Get details of a pending invoice for a monetized subscription with metered billing. description: | This operation can be used to get details of a pending invoice for a monetized subscription with metered billing. parameters: - $ref: '#/parameters/subscriptionId' tags: - API Monetization responses: 200: description: | OK. Details of a pending invoice returned. schema: $ref: '#/definitions/APIMonetizationUsage' headers: Content-Type: description: The content type of the body. type: string ETag: description: 'Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).' type: string Last-Modified: description: 'Date and time the resource has been modified the last time. Used by caches, or in conditional requests (Will be supported in future).' type: string '304': description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). '404': description: | Not Found. Requested Subscription does not exist. schema: $ref: '#/definitions/Error' ###################################################### # The "Throttling Policy Collection" resource APIs ###################################################### /throttling-policies/{policyLevel}: #----------------------------------------------------- # Retrieve the list of all available throttling Policies for given level #----------------------------------------------------- get: summary: Get all available throttling policies security: - OAuth2Security: [] description: | Get available Throttling Policies parameters: - $ref: '#/parameters/limit' - $ref: '#/parameters/offset' - $ref: '#/parameters/policyLevel' - $ref: '#/parameters/If-None-Match' - $ref: '#/parameters/requestedTenant' tags: - Throttling Policies responses: 200: description: | OK. List of throttling policies returned. schema: type: array items: $ref: '#/definitions/ThrottlingPolicyList' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # The "Individual Throttling Policy" resource APIs ###################################################### '/throttling-policies/{policyLevel}/{policyId}': #----------------------------------------------------- # Retrieve a certain throttling policy #----------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-curl: "curl \"https://localhost:9443/api/am/store/v1.0/throttling-policies/api/Bronze\"" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/throttling-policies/api/Bronze x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/throttling-policies/api/Bronze" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"unitTime\": 60000,\n \"tierPlan\": \"FREE\",\n \"stopOnQuotaReach\": true,\n \"policyLevel\": \"api\",\n \"requestCount\": 1,\n \"description\": \"Allows 1 request(s) per minute.\",\n \"name\": \"Bronze\",\n \"attributes\": {}\n}" summary: | Get details of a throttling policy description: | This operation can be used to retrieve details of a single throttling policy by specifying the policy level and policy name. `X-WSO2-Tenant` header can be used to retrive throttling policy that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/parameters/policyId' - $ref: '#/parameters/policyLevel' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' tags: - Throttling Policies responses: 200: description: | OK. Throttling Policy returned schema: $ref: '#/definitions/ThrottlingPolicy' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested Throttling Policy does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported. schema: $ref: '#/definitions/Error' ###################################################### # The "Tag Collection" resource API ###################################################### /tags: #----------------------------------------------------- # Retrieve the list of tags qualifying under a search condition #----------------------------------------------------- get: security: - OAuth2Security: [] x-wso2-curl: "curl \"https://localhost:9443/api/am/store/v1.0/tags\"" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/tags x-wso2-curl-tenant: "curl -k -H \"X-WSO2-Tenant:test.com\" https://localhost:9443/api/am/store/v1.0/tags" x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"previous\": \"\",\n \"list\": [\n {\n \"weight\": 1,\n \"name\": \"mobile\"\n },\n {\n \"weight\": 1,\n \"name\": \"multimedia\"\n },\n {\n \"weight\": 1,\n \"name\": \"phone\"\n }\n ],\n \"count\": 3,\n \"next\": \"\"\n}" summary: | Get all tags description: | This operation can be used to retrieve a list of tags that are already added to APIs. `X-WSO2-Tenant` header can be used to retrive tags that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's tags, you need to provide Authorization header. parameters: - $ref: '#/parameters/limit' - $ref: '#/parameters/offset' - $ref: '#/parameters/requestedTenant' - $ref: '#/parameters/If-None-Match' tags: - Tags responses: 200: description: | OK. Tag list is returned. schema: $ref: '#/definitions/TagList' headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. 404: description: | Not Found. Requested API does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # The "Content Search Results" resource APIs ###################################################### /search: #----------------------------------------------------- # Retrieve the matching results #----------------------------------------------------- get: security: - OAuth2Security: [] produces: - application/json x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" https://localhost:9443/api/am/store/v0.13/search?query=sample" x-wso2-request: | GET https://localhost:9443/api/am/store/v0.13/search Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n{\n \"previous\": \"\",\n \"list\": [\n {\n \"provider\": \"admin\",\n \"version\": \"1.0.0\",\n \"description\": \"This sample API provides Account Status Validation\",\n \"name\": \"AccountVal\",\n \"context\": \"/account\",\n \"id\": \"2e81f147-c8a8-4f68-b4f0-69e0e7510b01\",\n \"status\": \"PUBLISHED\"\n },\n {\n \"provider\": \"admin\",\n \"version\": \"1.0.0\",\n \"description\": null,\n \"name\": \"api1\",\n \"context\": \"/api1\",\n \"id\": \"3e22d2fb-277a-4e9e-8c7e-1c0f7f73960e\",\n \"status\": \"PUBLISHED\"\n }\n ],\n \"next\": \"\",\n \"count\": 2\n}" summary: | Retrieve/Search APIs and API Documents by content description: | This operation provides you a list of available APIs and API Documents qualifying the given keyword match. parameters: - $ref : '#/parameters/limit' - $ref : '#/parameters/offset' - $ref : '#/parameters/requestedTenant' - name : query in: query description: | **Search**. You can search by using providing the search term in the query parameters. type: string - $ref : "#/parameters/If-None-Match" tags: - Unified Search responses: 200: description: | OK. List of qualifying APIs and docs is returned. schema: $ref: '#/definitions/SearchResultList' headers: Content-Type: description: The content type of the body. type: string ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). type: string 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # The "Self Signup" functional resource APIs ###################################################### /self-signup: #----------------------------------------------------- # Register a new user #----------------------------------------------------- post: summary: Register a new user security: - OAuth2Security: - apim:self-signup x-scope: apim:self-signup description: | User self signup API parameters: - in: body name: body description: | User object to represent the new user required: true schema: $ref: '#/definitions/User' tags: - Sign Up responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. schema: $ref: '#/definitions/User' 202: description: | Accepted. The request has been accepted. schema: $ref: '#/definitions/WorkflowResponse' 400: description: | Bad Request. Invalid request or validation error. schema: $ref: '#/definitions/Error' ###################################################### # The "SDK Generation Languages" list resource APIs ###################################################### /sdk-gen/languages: #----------------------------------------------------- # Provide a list of supported languages for SDK (System Development Kit) generation #----------------------------------------------------- get: produces: - application/json security: - OAuth2Security: - apim:subscribe x-scope: apim:subscribe #TODO Remove when vendor extensions are removed x-wso2-curl: "curl -X GET -k -H \"Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" https://localhost:9443/api/am/store/v1.0/sdk-gen/languages" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/sdk-gen/languages Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type : application/json" summary: | Get a list of supported SDK languages description: | This operation will provide a list of programming languages that are supported by the swagger codegen library for generating System Development Kits (SDKs) for APIs available in the API Manager Store tags: - SDKs responses: 200: description: | OK. List of supported languages for generating SDKs. 404: description: | Not Found. The list of languages is not found. schema: $ref: '#/definitions/Error' 500: description: | Internal Server Error. Error while retrieving the list. schema: $ref: '#/definitions/Error' ###################################################### # The Store settings List ###################################################### /settings: #----------------------------------------------------- # Retrieve store settings #----------------------------------------------------- get: summary: Retreive store settings security: - OAuth2Security: - apim:store_settings description: | Retreive store settings tags: - Settings responses: 200: description: | OK. Settings returned schema: $ref: '#/definitions/Settings' 404: description: | Not Found. Requested Settings does not exist. schema: $ref: '#/definitions/Error' ###################################################### # The "Application Attributes" resource APIs ###################################################### /settings/application-attributes: #-------------------------------------------------------- # Retrieve all application attributes from configuration #-------------------------------------------------------- get: security: - OAuth2Security: - apim:subscribe x-wso2-curl: "curl -k -H \"Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8\" \"https://localhost:9443/api/am/store/v1.0/applications/attributes\"" x-wso2-request: | GET https://localhost:9443/api/am/store/v1.0/settings/attributes Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 x-wso2-response: "HTTP/1.1 200 OK\nContent-Type: application/json\n\n[\n {\n \"Description\": \"Sample description of the attribute\",\n \"Required\": true,\n \"Attribute\": \"External Reference Id\",\n \"Hidden\": false\n},\n {\n \"Description\": \"Sample description of the attribute\",\n \"Required\": true,\n \"Attribute\": \"Billing Id\",\n \"Hidden\": true,\n \"Default\": \"xxxx\"\n}\n]" summary: | Get all application attributes from configuration description: | This operation can be used to retrieve the application attributes from configuration. It will not return hidden attributes. parameters: - $ref: '#/parameters/If-None-Match' tags: - Settings responses: 200: description: | OK. Application attributes returned. headers: Content-Type: description: | The content type of the body. type: string schema: $ref: '#/definitions/ApplicationAttributeList' 404: description: | Not Found. Requested application does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' ###################################################### # The tenant resource APIs ###################################################### '/tenants': #-------------------------------------------------------- # Retrieve tenants by state #-------------------------------------------------------- get: security: - OAuth2Security: [] x-examples: $ref: docs/examples/tenants/tenants.yaml summary: | Get get tenants by state description: | This operation is to get tenants by state parameters: - name: state description: | The state represents the current state of the tenant Supported states are [ active, inactive] in: query type: string required: false default: 'active' enum: - active - inactive - $ref: '#/parameters/limit' - $ref: '#/parameters/offset' tags: - tenants responses: 200: description: | OK. Tenant names returned. headers: Content-Type: description: | The content type of the body. type: string schema: $ref: '#/definitions/TenantList' 404: description: | Not Found. Requested application does not exist. schema: $ref: '#/definitions/Error' 406: description: | Not Acceptable. The requested media type is not supported schema: $ref: '#/definitions/Error' #################################################### # Store Alerts management REST API #################################################### '/alert-types': #-------------------------------------------------- # Retrieve the list of api store alert types. #-------------------------------------------------- get: security: - OAuth2Security: - apim:sub_alert_manage x-examples: $ref: docs/examples/alerts/alerts.yaml#/get operationId: getStoreAlertTypes summary: | Get the list of API Store alert types. description: | This operation is used to get the list of supportd alert types for the 'subscriber' agent. tags: - Alerts responses: 200: description: | OK. The list of subscriber alert types are returned. headers: Content-Type: description: | The content type of the body. type: string schema: $ref: '#/definitions/AlertTypesList' 500: description: | Internal Server Error. An internal server error occurred while retrieving the alert types. schema: $ref: '#/definitions/Error' '/alert-subscriptions': #-------------------------------------------------- # Retrieve the list of alerts subscribed by the user. #-------------------------------------------------- get: security: - OAuth2Security: - apim:sub_alert_manage x-examples: $ref: docs/examples/alerts/alerts_subscriptions.yaml#/get summary: | Get the list of API Store alert types subscribed by the user. operationId: getSubscribedAlertTypes description: | This operation is used to get the list of subscribed alert types by the user. tags: - Alert Subscriptions responses: 200: description: | OK. The list of subscribed alert types are returned. headers: Content-Type: description: | The content type of the body. type: string schema: $ref: '#/definitions/AlertsInfo' 500: description: | Internal Server Error An error occurred while retrieving subscribed alert types by user. schema: $ref: '#/definitions/Error' #-------------------------------------------------- # Subscribe to the selected alert types by the user. #-------------------------------------------------- put: security: - OAuth2Security: - apim:sub_alert_manage x-examples: $ref: docs/examples/alerts/alerts_subscriptions.yaml#/put summary: | Subscribe to the selected alert types by the user. operationId: subscribeToAlerts description: | This operation is used to get the list of subscribed alert types by the user. parameters: - in: body name: body description: The alerts list and the email list to subscribe. required: true schema: $ref: '#/definitions/AlertsInfo' tags: - Alert Subscriptions responses: 201: description: | OK. Successful response with the newly subscribed alerts. headers: Content-Type: description: | The content type of the body. type: string schema: $ref: '#/definitions/AlertsInfoResponse' 400: description: | Bad Request. Invalid Request or request validation failure. 500: description: | Internal Server Error An internal server error occurred while subscribing to alerts. schema: $ref: '#/definitions/Error' #-------------------------------------------------- # Unsubscribe the user from all the alerts types #-------------------------------------------------- delete: security: - OAuth2Security: - apim:sub_alert_manage x-examples: $ref: docs/examples/alerts/alerts_subscriptions.yaml#/delete summary: | Unsubscribe user from all the alert types. operationId: unsubscribeAllAlerts description: | This operation is used to unsubscribe the respective user from all the alert types. tags: - Alert Subscriptions responses: 200: description: | OK. The user is unsubscribed from the alerts successfully. headers: Content-Type: description: | The content type of the body. type: string 500: description: | Internal Server Error schema: $ref: '#/definitions/Error' ################################################## # Alert configuration api ################################################# '/alerts/{alertType}/configurations': #---------------------------------------------- # Get the alert configs #---------------------------------------------- get: security: - OAuth2Security: - apim:sub_alert_manage x-examples: $ref: docs/examples/alerts/alerts_config.yaml#/get summary: | Get all AbnormalRequestsPerMin alert configurations operationId: getAllAlertConfigs description: | This operation is used to get all configurations of the AbnormalRequestsPerMin alert type. tags: - Alert Configuration parameters: - $ref: '#/parameters/alertType' responses: 200: description: | OK. The store alert configuration. headers: Content-Type: description: | The content type of the body. type: string schema: $ref: '#/definitions/AlertConfigList' 500: description: | Internal Server Error An error occurred while retrieving subscribed alert types by user. schema: $ref: '#/definitions/Error' '/alerts/{alertType}/configurations/{configurationId}': #---------------------------------------------- # Add alert config #---------------------------------------------- put: security: - OAuth2Security: - apim:sub_alert_manage x-examples: $ref: docs/examples/alerts/alerts_config.yaml#/put summary: | Add AbnormalRequestsPerMin alert configurations. operationId: addAlertConfig description: | This operation is used to add configuration for the AbnormalRequestsPerMin alert type. parameters: - $ref: '#/parameters/alertType' - $ref: '#/parameters/configurationId' - in: body name: body description: Configuration for AbnormalRequestCount alert type required: true schema: $ref: '#/definitions/AlertConfigInfo' tags: - Alert Configuration responses: 201: description: | Created. Successful response with newly created object as entity. Location header contains URL of newly created entity. headers: Location: description: | The location of the newly created entity. type: string schema: $ref: '#/definitions/AlertConfig' 400: description: | Bad Request The request parameters validation failed. schema: $ref: '#/definitions/Error' 500: description: | Internal Server Error An error occurred while retrieving subscribed alert types by user. schema: $ref: '#/definitions/Error' #---------------------------------------------- # Delete alert configuration #---------------------------------------------- delete: security: - OAuth2Security: - apim:sub_alert_manage x-examples: $ref: docs/examples/alerts/alerts_config.yaml#/delete summary: | Delete the selected configuration from AbnormalRequestsPerMin alert type. operationId: deleteAlertConfig description: | This operation is used to delete configuration from the AbnormalRequestsPerMin alert type. parameters: - $ref: '#/parameters/alertType' - $ref: '#/parameters/configurationId' tags: - Alert Configuration responses: 200: description: | OK. The alert config is deleted successfully. 400: description: | Bad Request The request parameters validation failed. schema: $ref: '#/definitions/Error' 404: description: | Not Found. The provided alert configuration is not found. schema: $ref: '#/definitions/Error' 500: description: | Internal Server Error An error occurred while retrieving subscribed alert types by user. schema: $ref: '#/definitions/Error' ###################################################### # Parameters - required by some of the APIs above ###################################################### parameters: # Requested Tenant domain # Specified as a header parameter requestedTenant: name: X-WSO2-Tenant in: header description: | For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be retirieved from. required: false type: string # API Identifier # Specified as part of the path expression apiId: name: apiId in: path description: | **API ID** consisting of the **UUID** of the API. required: true type: string # API product Identifier # Specified as part of the path expression apiProductId: name: apiProductId in: path description: | **API Product ID** consisting of the **UUID** of the API Product. required: true type: string x-encoded: true # API Identifier # Specified as part of the query string apiId-Q: name: apiId in: query description: | **API ID** consisting of the **UUID** of the API. type: string # API Type # Specified as part of the query string apiType-Q: name: apiType in: query description: | **API TYPE** Identifies the type API(API or API_PRODUCT). type: string # SDK language language: name: language in: query description: | Programming language to generate SDK. required: true type: string # Document Identifier # Specified as part of the path expression documentId: name: documentId in: path description: | Document Identifier required: true type: string # Application Identifier # Specified as part of the path expression applicationId: name: applicationId in: path description: | Application Identifier consisting of the UUID of the Application. required: true type: string # Filter By user roles # Specified as part of the query string filterByUserRoles: name: filterByUserRoles in: query description : | Filter user by roles. required : false type: boolean # Application Identifier # Specified as part of the query string applicationId-Q: name: applicationId in: query description: | **Application Identifier** consisting of the UUID of the Application. type: string # Group Identifier of the application groupId: name: groupId in: query description: | Application Group Id required: false type: string # Subscription Identifier # Specified as part of the path expression subscriptionId: name: subscriptionId in: path description: | Subscription Id required: true type: string # Policy Id # Specified as part of the path expression policyId: name: policyId in: path description: | Policy Id represented as a UUID required: true type: string # Comment Identifier # Specified as part of the path expression commentId: name: commentId in: path description: | Comment Id required: true type: string # Rating Identifier # Specified as part of the path expression ratingId: name: ratingId in: path description: | Rating Id required: true type: string # Throttling Policy Type # Specified as part of the path expression policyLevel: name: policyLevel in: path description: | List Application or Subscription type thro. type: string enum: - application - subscription required: true # Label Name # Specified as part of the query string labelName: name: labelName in: query description: | Name of the API microgateway labels type: string # API Gateway Environment Name # Specified as part of the query string environmentName: name: environmentName in: query description: | Name of the API gateway environment. type: string # Used for pagination: # The maximum number of resoures to be returned by a GET limit: name: limit in: query description: | Maximum size of resource array to return. default: 25 type: integer # Used for pagination: # The order number of an instance in a qualified set of resoures # at which to start to return the next batch of qualified resources offset: name: offset in: query description: | Starting point within the complete list of items qualified. default: 0 type: integer # Application Key Type # Specified as part of the path expression keyType: name: keyType in: path description: | **Application Key Type** standing for the type of the keys (i.e. Production or Sandbox). required: true type: string enum: - PRODUCTION - SANDBOX # The HTTP If-None-Match header # Used to avoid retrieving data that are already cached If-None-Match: name: If-None-Match in: header description: | Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resourec. type : string # The HTTP If-Match header # Used to avoid concurrent updates If-Match: name: If-Match in: header description: | Validator for conditional requests; based on ETag. type: string # The alertType parameter alertType: name: alertType in: path type: string required: true description: | The alert type. # The alert subscription id parameter configurationId: name: configurationId type: string in: path required: true description: | The alert configuration id. ###################################################### # The resources used by some of the APIs above within the message body ###################################################### definitions: #----------------------------------------------------- # The API List resource #----------------------------------------------------- APIList: title: API List properties: count: type: integer description: | Number of APIs returned. example: 1 list: type: array items: $ref: '#/definitions/APIInfo' pagination: $ref: '#/definitions/Pagination' example: count: 2 list: - id: 01234567-0123-0123-0123-012345678901 name: CalculatorAPI description: A calculator API that supports basic operations context: /CalculatorAPI version: 1.0.0 provider: admin lifeCycleStatus: PUBLISHED thumbnailUri: /apis/01234567-0123-0123-0123-012345678901/thumbnail - id: 01123567-1233-5453-0212-12353678901 name: PizzaShackAPI description: A Pizza ordering API context: /PizzaShackAPI version: 1.0.0 provider: admin lifeCycleStatus: PUBLISHED thumbnailUri: /apis/01123567-1233-5453-0212-12353678901/thumbnail pagination: offset: 2 limit: 2 total: 10 next: "/apis?limit=2&offset=4" previous: "/apis?limit=2&offset=0" #----------------------------------------------------- # The Standard API Info resource #----------------------------------------------------- APIInfo: title: API Info object with basic API details. properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorAPI description: type: string example: A calculator API that supports basic operations context: type: string example: CalculatorAPI version: type: string example: 1.0.0 type: type: string example: WS provider: description: | If the provider value is not given, the user invoking the API will be used as the provider. type: string example: admin lifeCycleStatus: type: string example: PUBLISHED thumbnailUri: type: string example: /apis/01234567-0123-0123-0123-012345678901/thumbnail avgRating: type: string description: Average rating of the API example: 4.5 throttlingPolicies: type: array description: List of throttling policies of the API items: type: string example: ["Unlimited", "Bronze"] advertiseInfo: description: The advertise info of the API $ref: '#/definitions/AdvertiseInfo' businessInformation: $ref: '#/definitions/APIBusinessInformation' isSubscriptionAvailable: type: boolean example: false #----------------------------------------------------- # The Standard API resource #----------------------------------------------------- API: title: API object required: - name - context - version - provider - lifeCycleStatus properties: id: type: string description: | UUID of the api example: 01234567-0123-0123-0123-012345678901 name: type: string description: Name of the API example: CalculatorAPI description: type: string description: A brief description about the API example: A calculator API that supports basic operations context: type: string description: A string that represents thecontext of the user's request example: CalculatorAPI version: type: string description: The version of the API example: 1.0.0 provider: description: | If the provider value is not given user invoking the api will be used as the provider. type: string example: admin apiDefinition: description: | Swagger definition of the API which contains details about URI templates and scopes type: string example: "{\"paths\":{\"\\/substract\":{\"get\":{\"x-auth-type\":\"Application & Application User\",\"x-throttling-tier\":\"Unlimited\",\"parameters\":[{\"name\":\"x\",\"required\":true,\"type\":\"string\",\"in\":\"query\"},{\"name\":\"y\",\"required\":true,\"type\":\"string\",\"in\":\"query\"}],\"responses\":{\"200\":{}}}},\"\\/add\":{\"get\":{\"x-auth-type\":\"Application & Application User\",\"x-throttling-tier\":\"Unlimited\",\"parameters\":[{\"name\":\"x\",\"required\":true,\"type\":\"string\",\"in\":\"query\"},{\"name\":\"y\",\"required\":true,\"type\":\"string\",\"in\":\"query\"}],\"responses\":{\"200\":{}}}}},\"swagger\":\"2.0\",\"info\":{\"title\":\"CalculatorAPI\",\"version\":\"1.0.0\"}}" wsdlUri: description: | WSDL URL if the API is based on a WSDL endpoint type: string example: "http://www.webservicex.com/globalweather.asmx?wsdl" lifeCycleStatus: type: string description: This describes in which status of the lifecycle the API is. example: PUBLISHED isDefaultVersion: type: boolean example: false type: type: string description: This describes the transport type of the API example: WS transport: type: array items: description: | Supported transports for the API (http and/or https). type: string example: ["http","https"] operations: type: array items: $ref: '#/definitions/APIOperations' authorizationHeader: type: string description: | Name of the Authorization header used for invoking the API. If it is not set, Authorization header name specified in tenant or system level will be used. securityScheme: type: array description: | Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If it is not set OAuth2 will be set as the security for the current API. items: type: string tags: type: array description: Search keywords related to the API items: type: string example: ["substract","add"] tiers: type: array description: The subscription tiers selected for the particular API items: properties: tierName: type: string example: Gold tierPlan: type: string example: COMMERCIAL monetizationAttributes: properties: fixedPrice: type: string example: "10" pricePerRequest: type: string example: "1" currencyType: type: string example: "USD" billingCycle: type: string example: "month" hasThumbnail: type: boolean example: true default: false additionalProperties: description: | Custom(user defined) properties of API type: object additionalProperties: type: string example: {} monetization: $ref: '#/definitions/APIMonetizationInfo' endpointURLs: type: array items: properties: environmentName: type: string example: Production and Sandbox environmentType: type: string example: hybrid URLs: properties: http: type: string description: HTTP environment URL example: "http://localhost:8280/phoneverify/1.0.0" https: type: string description: HTTPS environment URL example: "https://localhost:8243/phoneverify/1.0.0" ws: type: string description: WS environment URL example: "ws://localhost:9099/phoneverify/1.0.0" wss: type: string description: WSS environment URL example: "wss://localhost:9099/phoneverify/1.0.0" defaultVersionURLs: properties: http: type: string description: HTTP environment default URL example: "http://localhost:8280/phoneverify/" https: type: string description: HTTPS environment default URL example: "https://localhost:8243/phoneverify/" ws: type: string description: WS environment default URL example: "ws://localhost:9099/phoneverify/" wss: type: string description: WSS environment default URL example: "ws://localhost:9099/phoneverify/" businessInformation: $ref: '#/definitions/APIBusinessInformation' labels: description: | Labels of micro-gateway environments attached to the API. type: array items: $ref: '#/definitions/Label' environmentList: type: array description: The environment list configured with non empty endpoint URLs for the particular API. items: type: string example: ["PRODUCTION","SANDBOX"] scopes: type: array items: $ref: '#/definitions/ScopeInfo' avgRating: type: string description: The average rating of the API example: 4.5 advertiseInfo: description: The advertise info of the API $ref: '#/definitions/AdvertiseInfo' isSubscriptionAvailable: type: boolean example: false #----------------------------------------------------- # The Label resource #----------------------------------------------------- Label: title: Label required: - name properties: name: type: string example: "Public" description: type: string accessUrls: type: array items: type: string example: "http://localhost:9443/" #----------------------------------------------------- # The API monetization resource #----------------------------------------------------- APIMonetizationInfo: title: API monetization object required: - enabled properties: enabled: type: boolean description: Flag to indicate the monetization status example: true #----------------------------------------------------- # The Application List resource #----------------------------------------------------- ApplicationList: title: Application List properties: count: type: integer description: | Number of applications returned. example: 1 list: type: array items: $ref: '#/definitions/ApplicationInfo' pagination: $ref: '#/definitions/Pagination' # example: # next: "/applications?limit=1&offset=2&groupId=" # previous: "/applications?limit=1&offset=0&groupId=" #----------------------------------------------------- # The Application resource #----------------------------------------------------- Application: title: Application required: - name - throttlingPolicy properties: applicationId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorApp throttlingPolicy: type: string example: Unlimited description: type: string example: Sample calculator application tokenType: type: string enum: - OAUTH - JWT description: | Type of the access token generated for this application. **OAUTH:** A UUID based access token which is issued by default. **JWT:** A self-contained, signed JWT based access token. **Note:** This can be only used in Microgateway environments. default: JWT example: JWT status: type: string example: APPROVED default: "" groups: type: array items: type: string example: "" subscriptionCount: type: integer keys: type: array items: $ref: '#/definitions/ApplicationKey' example: [] attributes: type: object additionalProperties: type: string example: External Reference ID, Billing Tier subscriptionScopes: type: array items: type: string example: ["admin"] owner: description: | Application created user type: string example: admin hashEnabled: type: boolean #----------------------------------------------------- # The Application Info resource #----------------------------------------------------- ApplicationInfo: title: Application info object with basic application details properties: applicationId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorApp throttlingPolicy: type: string example: Unlimited description: type: string example: Sample calculator application status: type: string example: APPROVED default: "" groups: type: array items: type: string example: "" subscriptionCount: type: integer attributes: type: object example: External Reference ID, Billing Tier owner: type: string example: admin #----------------------------------------------------- # The Document List resource #----------------------------------------------------- DocumentList: title: Document List properties: count: type: integer description: | Number of Documents returned. example: 1 list: type: array items: $ref: '#/definitions/Document' pagination: $ref: '#/definitions/Pagination' # example: # next: "/apis/01234567-0123-0123-0123-012345678901/documents?limit=1&offset=2" # previous: "/apis/01234567-0123-0123-0123-012345678901/documents?limit=1&offset=0" #----------------------------------------------------- # The Document resource #----------------------------------------------------- Document: title: Document required: - name - type - sourceType properties: documentId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorDoc type: type: string enum: - HOWTO - SAMPLES - PUBLIC_FORUM - SUPPORT_FORUM - API_MESSAGE_FORMAT - SWAGGER_DOC - OTHER example: HOWTO summary: type: string example: "Summary of Calculator Documentation" sourceType: type: string enum: - INLINE - MARKDOWN - URL - FILE example: INLINE sourceUrl: type: string example: "" otherTypeName: type: string example: "" #----------------------------------------------------- # The Throttling Policy List resource #----------------------------------------------------- ThrottlingPolicyList: title: Throttling Policy List properties: count: type: integer description: | Number of Throttling Policies returned. example: 1 list: type: array items: $ref: '#/definitions/ThrottlingPolicy' pagination: $ref: '#/definitions/Pagination' # example: # next: "/throttling-policies/subscription?limit=1&offset=2" # previous: "/throttling-policies/subscription?limit=1&offset=0" #----------------------------------------------------- # The Throttling Policy resource #----------------------------------------------------- ThrottlingPolicy: title: Throttling Policy required: - name - tierPlan - requestCount - unitTime - stopOnQuotaReach properties: name: type: string example: Platinum description: type: string example: "Allows 50 request(s) per minute." policyLevel: type: string enum: - application - subscription example: subscription attributes: description: | Custom attributes added to the throttling policy type: object additionalProperties: type: string example: {} requestCount: description: | Maximum number of requests which can be sent within a provided unit time type: integer format: int64 example: 50 unitTime: type: integer format: int64 example: 60000 tierPlan: description: | This attribute declares whether this tier is available under commercial or free type: string enum: - FREE - COMMERCIAL example: FREE stopOnQuotaReach: description: | If this attribute is set to false, you are capabale of sending requests even if the request count exceeded within a unit time type: boolean example: true monetizationAttributes: $ref: '#/definitions/MonetizationInfo' throttlingPolicyPermissions: $ref: '#/definitions/ThrottlingPolicyPermissionInfo' #----------------------------------------------------- # The Subscription List resource #----------------------------------------------------- SubscriptionList: title: Subscription List properties: count: type: integer description: | Number of Subscriptions returned. example: 1 list: type: array items: $ref: '#/definitions/Subscription' pagination: $ref: '#/definitions/Pagination' # example: # next: "/subscriptions?limit=1&offset=2&apiId=01234567-0123-0123-0123-012345678901&groupId=" # previous: "/subscriptions?limit=1&offset=0&apiId=01234567-0123-0123-0123-012345678901&groupId=" #----------------------------------------------------- # API Business Information resource #----------------------------------------------------- APIBusinessInformation: properties: businessOwner: type: string example: businessowner businessOwnerEmail: type: string example: businessowner@wso2.com technicalOwner: type: string example: technicalowner technicalOwnerEmail: type: string example: technicalowner@wso2.com #----------------------------------------------------- # The Subscription resource #----------------------------------------------------- Subscription: title: Subscription required: - applicationId - throttlingPolicy - apiName - apiVersion properties: subscriptionId: type: string description: The UUID of the subscription example: faae5fcc-cbae-40c4-bf43-89931630d313 applicationId: type: string description: The UUID of the application example: b3ade481-30b0-4b38-9a67-498a40873a6d apiId: type: string description: The unique identifier of the API. apiInfo: $ref: '#/definitions/APIInfo' applicationInfo: $ref: '#/definitions/ApplicationInfo' throttlingPolicy: type: string example: Unlimited type: type: string enum: - API - API_PRODUCT status: type: string enum: - BLOCKED - PROD_ONLY_BLOCKED - UNBLOCKED - ON_HOLD - REJECTED example: UNBLOCKED #----------------------------------------------------- # The Tag resource #----------------------------------------------------- Tag: title: Tag required: - name - weight properties: value: type: string example: tag1 count: type: integer example: 5 #----------------------------------------------------- # The Tag List resource #----------------------------------------------------- TagList: title: Tag List properties: count: type: integer description: | Number of Tags returned. example: 1 list: type: array items: $ref: '#/definitions/Tag' pagination: $ref: '#/definitions/Pagination' # example: # next: "/tags?limit=1&offset=2" # previous: "/tags?limit=1&offset=0" #----------------------------------------------------- # The Rating resource #----------------------------------------------------- Rating: title: Rating required: - rating properties: ratingId: type: string apiId: type: string ratedBy: type: string rating: type: integer #----------------------------------------------------- # The Rating List resource #----------------------------------------------------- RatingList: title: Rating List properties: avgRating: type: string description: | Average Rating of the API userRating: type: integer description: | Rating given by the user count: type: integer description: | Number of Subscriber Ratings returned. example: 1 list: type: array items: $ref: '#/definitions/Rating' pagination: $ref: '#/definitions/Pagination' # example: # next: "/ratings?limit=1&offset=2" # previous: "/ratings?limit=1&offset=0" #----------------------------------------------------- # The Comment resource #----------------------------------------------------- Comment: title: Comment required: - content properties: id: type: string content: type: string createdTime: type: string example: 2017-02-20T13:57:16.229 createdBy: type: string #----------------------------------------------------- # The Comments List resource #----------------------------------------------------- CommentList: title: Comments List properties: count: type: integer description: | Number of Comments returned. example: 1 list: type: array items: $ref: '#/definitions/Comment' pagination: $ref: '#/definitions/Pagination' # example: # next: "/comments?limit=1&offset=2" # previous: "/comments?limit=1&offset=0" #----------------------------------------------------- # The Error resource #----------------------------------------------------- Error: title: Error object returned with 4XX HTTP status required: - code - message properties: code: type: integer format: int64 message: type: string description: Error message. description: type: string description: | A detail description about the error message. moreInfo: type: string description: | Preferably an url with more details about the error. error: type: array description: | If there are more than one error list them out. For example, list out validation errors by each field. items: $ref: '#/definitions/ErrorListItem' #----------------------------------------------------- # The Error List Item resource #----------------------------------------------------- ErrorListItem: title: Description of individual errors that may have occurred during a request. required: - code - message properties: code: type: string message: type: string description: | Description about individual errors occurred #----------------------------------------------------- # The Application Token resource #----------------------------------------------------- ApplicationToken : title: Application token details to invoke APIs properties: accessToken: type: string description: Access token example: 01234567890123456789012345678901 tokenScopes: type: array items: type: string description: Valid comma seperated scopes for the access token example: default,read_api,write_api validityTime: type: integer format: int64 description: Maximum validity time for the access token example: 3600 #----------------------------------------------------- # The APIKey resource #----------------------------------------------------- APIKey : title: API Key details to invoke APIs properties: apikey: type: string description: API Key example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= validityTime: type: integer format: int32 example: 3600 #----------------------------------------------------- # The Application Key resource #----------------------------------------------------- ApplicationKey : title: Application key details properties: consumerKey: type: string description: Consumer key of the application example: vYDoc9s7IgAFdkSyNDaswBX7ejoa consumerSecret: type: string description: Consumer secret of the application example: TIDlOFkpzB7WjufO3OJUhy1fsvAa supportedGrantTypes: type: array items: type: string description: The grant types that are supported by the application example: ["client_credentials","password"] callbackUrl: type: string description: Callback URL example: "http://sample.com/callback/url" keyState: type: string description: Describes the state of the key generation. example: APPROVED keyType: description: Describes to which endpoint the key belongs type: string enum: - PRODUCTION - SANDBOX example: PRODUCTION groupId: type: string description: Application group id (if any). example: 02 token: $ref: '#/definitions/ApplicationToken' #----------------------------------------------------- # The Application Key Re generation Response schema #----------------------------------------------------- ApplicationKeyReGenerateResponse : title: Application key details after re generating consumer secret properties: consumerKey: type: string description: The consumer key associated with the application, used to indetify the client example: vYDoc9s7IgAFdkSyNDaswBX7ejoa consumerSecret: type: string description: The client secret that is used to authenticate the client with the authentication server example: TIDlOFkpzB7WjufO3OJUhy1fsvAa #----------------------------------------------------- # The Application Keys List resource #----------------------------------------------------- ApplicationKeyList: title: Application Keys List properties: count: type: integer description: | Number of applications keys returned. example: 1 list: type: array items: $ref: '#/definitions/ApplicationKey' #----------------------------------------------------- # The Application Key Generation Request schema #----------------------------------------------------- ApplicationKeyGenerateRequest : title: Application key generation request object required: - keyType - grantTypesToBeSupported properties: keyType: type: string enum: - PRODUCTION - SANDBOX grantTypesToBeSupported: type: array items: type: string description: Grant types that should be supported by the application callbackUrl: type: string description: Callback URL scopes: type: array items: type: string description: Allowed scopes for the access token example: ["am_application_scope","default"] validityTime: type: string example: 3600 clientId: type: string description: Client ID for generating access token. example: "" clientSecret: type: string description: Client secret for generating access token. This is given together with the client Id. example: "" additionalProperties: type: string description: Additional properties needed. example: "" #----------------------------------------------------- # The Application Key Mapping Request schema #----------------------------------------------------- ApplicationKeyMappingRequest : title: Application key provision request object required: - consumerKey - consumerSecret - keyType properties: consumerKey: type: string description: Consumer key of the application consumerSecret: type: string description: Consumer secret of the application keyType: type: string enum: - PRODUCTION - SANDBOX #----------------------------------------------------- # The Application Token Generation Request schema #----------------------------------------------------- ApplicationTokenGenerateRequest : title: Application access token generation request object properties: consumerSecret: type: string description: Consumer secret of the application validityPeriod: type: integer format: int64 description: Token validity period scopes: type: array items: type: string description: Allowed scopes (space seperated) for the access token revokeToken: type: string description: Token to be revoked, if any additionalProperties: type: object description: Additional parameters if Authorization server needs any #----------------------------------------------------- # The APIKey Generation Request schema #----------------------------------------------------- APIKeyGenerateRequest : title: API Key generation request object properties: validityPeriod: type: integer format: int32 description: Token validity period additionalProperties: type: object description: Additional parameters if Authorization server needs any #----------------------------------------------------- # The APIKey Revoke Request schema #----------------------------------------------------- APIKeyRevokeRequest : title: API Key revoke request object properties: apikey: type: string description: API Key to revoke #----------------------------------------------------- # Scope Info resource #----------------------------------------------------- ScopeInfo: title: API Scope info object with scope details properties: key: type: string example: admin_scope name: type: string example: admin scope roles: type: array items: type: string description: Allowed roles for the scope example: ["manager","developer"] description: type: string description: Description of the scope ScopeList : title : Scope list properties: count: type: integer description: | Number of results returned. example: 1 list : type : array items: $ref: '#/definitions/ScopeInfo' pagination: $ref: '#/definitions/Pagination' #----------------------------------------------------- # Throttling Policy Permission Info resource #----------------------------------------------------- ThrottlingPolicyPermissionInfo: title: Throttling Policy Permission info object with throttling policy permission details properties: type: type: string enum: - allow - deny roles: type: array items: type: string description: roles for this permission example: ["manager","developer"] #----------------------------------------------------- # The Monetization Info resource #----------------------------------------------------- MonetizationInfo: title: Monetization properties: billingType : type: string example: "fixedPrice" enum: - fixedPrice - dynamicRate billingCycle: type: string example: "month" fixedPrice: type: string example: "10" pricePerRequest: type: string example: "1" currencyType: type: string example: "USD" #----------------------------------------------------- # The API monetization usage resource #----------------------------------------------------- APIMonetizationUsage: title: API monetization usage object properties: properties: type: object description: Map of custom properties related to monetization usage additionalProperties: type: string #----------------------------------------------------- # The workflow executor's response resource #----------------------------------------------------- WorkflowResponse: title: workflow Response required: - workflowStatus properties: workflowStatus: description: | This attribute declares whether this workflow task is approved or rejected. type: string enum: - CREATED - APPROVED - REJECTED - REGISTERED example: APPROVED jsonPayload: description: | Attributes that returned after the workflow execution type: string #----------------------------------------------------- # The Self Signup User resource #----------------------------------------------------- User: title: User required: - username - password - firstName - lastName - email properties: username: type: string password: type: string firstName: type: string lastName: type: string email: type: string APIOperations: title: Operation properties: id: type: string example: "apioperation" target: type: string verb: type: string #----------------------------------------------------- # The Result List resource #----------------------------------------------------- SearchResultList: title: Search Result List properties: count: type: integer description: | Number of results returned. example: 1 list: type: array items: $ref: '#/definitions/SearchResult' pagination: $ref: '#/definitions/Pagination' SearchResult: title: Search Result required: - "name" discriminator: "name" properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: TestAPI type: type: string enum: - DOC - API example: API transportType: type: string description: Accepted values are HTTP, WS, SOAPTOREST, GRAPHQL APISearchResult: title: API Result allOf: - $ref: '#/definitions/SearchResult' - properties: description: type: string description: A brief description about the API example: A calculator API that supports basic operations context: type: string description: A string that represents the context of the user's request example: CalculatorAPI version: type: string description: The version of the API example: 1.0.0 provider: description: | If the provider value is notgiven, the user invoking the API will be used as the provider. type: string example: admin status: type: string description: This describes in which status of the lifecycle the API is example: CREATED thumbnailUri: type: string example: /apis/01234567-0123-0123-0123-012345678901/thumbnail businessInformation: $ref: '#/definitions/APIBusinessInformation' avgRating: type: string description: Average rating of the API example: 4.5 DocumentSearchResult: title: Document Result allOf: - $ref: '#/definitions/SearchResult' - properties: docType: type: string enum: - HOWTO - SAMPLES - PUBLIC_FORUM - SUPPORT_FORUM - API_MESSAGE_FORMAT - SWAGGER_DOC - OTHER example: HOWTO summary: type: string example: "Summary of Calculator Documentation" sourceType: type: string enum: - INLINE - URL - FILE example: INLINE sourceUrl: type: string example: "" otherTypeName: type: string example: "" visibility: type: string enum: - OWNER_ONLY - PRIVATE - API_LEVEL example: API_LEVEL apiName: type: string description: The name of the associated API example: TestAPI apiVersion: type: string description: The version of the associated API example: 1.0.0 apiProvider: type: string example: admin apiUUID: type: string #----------------------------------------------------- # The pagination resource #----------------------------------------------------- Pagination: title: Pagination properties: offset: type: integer example: 0 limit: type: integer example: 1 total: type: integer example: 10 next: type: string description: | Link to the next subset of resources qualified. Empty if no more resources are to be returned. previous: type: string description: | Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. #----------------------------------------------------- # The settings resource #----------------------------------------------------- Settings: title: Settings properties: grantTypes: type: array items: type: string scopes: type: array items: type: string applicationSharingEnabled: type: boolean default: false mapExistingAuthApps: type: boolean default: false apiGatewayEndpoint: type: string #----------------------------------------------------- # The Application Attribute resource #----------------------------------------------------- ApplicationAttribute : title: Application attributes properties: description: type: string description: description of the application attribute example: "Sample description of the attribute" required: type: string description: whether this is a required attribute example: "false" attribute: type: string description: the name of the attribute example: "External Reference Id" hidden: type: string description: whether this is a hidden attribute example: "false" #----------------------------------------------------- # The Application Attribute List resource #----------------------------------------------------- ApplicationAttributeList : title: Application Attributes List properties: count: type: integer description: | Number of application attributes returned. example: 1 list: type: array items: $ref: '#/definitions/ApplicationAttribute' #----------------------------------------------------- # The Tenant resource #----------------------------------------------------- Tenant : title: Tenant properties: domain: type: string description: tenant domain example: "wso2.com" status: type: string description: current status of the tenant active/inactive example: "active" #----------------------------------------------------- # The Tenant List resource #----------------------------------------------------- TenantList : title: Tenant list properties: count: type: integer description: | Number of tenants returned. example: 1 list: type: array items: $ref: '#/definitions/Tenant' pagination: $ref: '#/definitions/Pagination' #----------------------------------------------------- # The API Advertise Info resource #----------------------------------------------------- AdvertiseInfo : title: API Advertise info object with advertise details properties: advertised: type: boolean example: true originalStoreUrl: type: string example: https://localhost:9443/store apiOwner: type: string example: admin #---------------------------------------------- # The Alert list resource. #---------------------------------------------- AlertTypesList: title: Alert Types List properties: count: type: integer description: The number of alerts example: 3 alerts: type: array items: $ref: '#/definitions/AlertType' #---------------------------------------------- # The AlertType resource. #---------------------------------------------- AlertType: title: Alert Type properties: id: type: integer description: The alert Id example: 1 name: type: string description: The name of the alert. example: "AbnormalRequestsPerMin" requireConfiguration: type: boolean description: Whether the alert type require additional configurations. example: true #---------------------------------------------- # The Alert resource. #---------------------------------------------- Alert: title: Alert properties: id: type: integer description: The alert Id example: 1 name: type: string description: The name of the alert. example: "AbnormalRequestsPerMin" configuration: type: array items: $ref: '#/definitions/AlertConfig' #----------------------------------------------- # The Alert Info resource definition. #----------------------------------------------- AlertsInfo: title: Alerts Info properties: alerts: type: array items: $ref: '#/definitions/Alert' emailList: type: array items: type: string #----------------------------------------------- # The Alert Info Response resource definition. #----------------------------------------------- AlertsInfoResponse: title: Alerts Info Response properties: alerts: type: array items: $ref: '#/definitions/Alert' emailList: type: array items: type: string failedConfigurations: type: array items: $ref: '#/definitions/AlertConfig' #----------------------------------------------- # The Alert Config List resource definition. #----------------------------------------------- AlertConfigList: title: Alert Configuration List properties: count: type: integer example: 1 list: type: array items: $ref: '#/definitions/AlertConfig' #----------------------------------------------- # The Alert Config resource definition. #----------------------------------------------- AlertConfig: title: Alert Configuration properties: configurationId: type: string description: The alert config subscription id. example: UGl6emFTaGFja0FQSSsxLjAuMCtEZWZhdWx0QXBwbGljYXRpb24K configuration: type: object description: The config parameters. additionalProperties: type: string example: apiName: 'PizzaShackAPI' apiVersion: '1.0.0' applicationName: 'DefaultApplication' requestConunt: '12' #----------------------------------------------- # The Alert Config Info resource definition. #----------------------------------------------- AlertConfigInfo: title: Alert Configuration Info type: object description: The config parameters. additionalProperties: type: string example: apiName: 'PizzaShackAPI' apiVersion: '1.0.0' applicationName: 'DefaultApplication' requestConunt: '12' #----------------------------------------------------- # END-OF-FILE #-----------------------------------------------------