# Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ################################################################################ openapi: 3.0.1 info: title: WSO2 API Manager - Developer Portal description: | This document specifies a **RESTful API** for WSO2 **API Manager** - **Developer Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.store.v1/src/main/resources/devportal-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Developer Portal REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the API, you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A Sample payload is shown below. ``` { "callbackUrl":"www.google.lk", "clientName":"rest_api_devportal", "owner":"admin", "grantType":"client_credentials password refresh_token", "saasApp":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown below to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H "Authorization: Basic Base64(admin_username:admin_password)" -H "Content-Type: application/json" \ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" \ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", "clientName": "rest_api_devportal", "callBackURL": "www.google.lk", "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", "isSaasApplication": true, "appOwner": "admin", "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.google.lk\",\"client_name\":\"rest_api_devportal\"}", "jsonAppAttribute": "{}", "tokenType": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for devportal REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorization** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d "grant_type=password&username=&password=&scope=" \ -H "Authorization: Basic base64(cliet_id:client_secret)" \ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \ -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ -d "grant_type=password&username=admin&password=admin&scope=apim:subscribe apim:api_key" ``` Shown below is a sample response to the above request. ``` { "access_token": "e79bda48-3406-3178-acce-f6e4dbdcbb12", "refresh_token": "a757795d-e69f-38b8-bd85-9aded677a97c", "scope": "apim:subscribe apim:api_key", "token_type": "Bearer", "expires_in": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with "Run in Postman" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/5bc0161b8aa7e701d7bf) contact: name: WSO2 url: http://wso2.com/products/api-manager/ email: architecture@wso2.com license: name: Apache 2.0 url: http://www.apache.org/licenses/LICENSE-2.0.html version: v2 servers: - url: https://apis.wso2.com/api/am/devportal/v2 ###################################################### # The "API Collection" resource APIs ###################################################### paths: /apis: get: tags: - APIs summary: | Retrieve/Search APIs description: | This operation provides you a list of available APIs qualifying under a given search condition. Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. This operation supports retrieving APIs of other tenants. The required tenant domain need to be specified as a header `X-WSO2-Tenant`. If not specified super tenant's APIs will be retrieved. If you used an Authorization header, the user's tenant associated with the access token will be used. **NOTE:** * By default, this operation retrieves Published APIs. In order to retrieve Prototyped APIs, you need to use **query** parameter and specify **status:PROTOTYPED**. * This operation does not require an Authorization header by default. But if it is provided, it will be validated and checked for permissions of the user, hence you may be able to see APIs which are restricted for special permissions/roles. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/requestedTenant' - name: query in: query description: | **Search condition**. You can search in attributes by using an **":"** modifier. Eg. "provider:wso2" will match an API if the provider of the API is exactly "wso2". Additionally you can use wildcards. Eg. "provider:wso2*" will match an API if the provider of the API starts with "wso2". Supported attribute modifiers are [**version, context, status, description, doc, provider, tag**] If no advanced attribute modifier has been specified, search will match the given query string against API Name. schema: type: string - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. List of qualifying APIs is returned. content: application/json: schema: $ref: '#/components/schemas/APIList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis" x-examples: $ref: docs/examples/apis/apis.yaml#/get /apis/{apiId}: get: tags: - APIs summary: | Get Details of an API description: | Using this operation, you can retrieve complete details of a single API. You need to provide the Id of the API to retrive it. `X-WSO2-Tenant` header can be used to retrieve an API of a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But if it is provided, it will be validated and checked for permissions of the user, hence you may be able to see APIs which are restricted for special permissions/roles. \n parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Requested API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modified the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/API' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed" /apis/{apiId}/swagger: get: tags: - APIs summary: | Get Swagger Definition description: | You can use this operation to retrieve the swagger definition of an API. `X-WSO2-Tenant` header can be used to retrieve the swagger definition an API of a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's swagger definition, you need to provide Authorization header. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/environmentName' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Requested swagger document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: type: string example: '{ "swagger" : "2.0", "info" : { "version" : "1.0", "title" : "PhoneVerification" }, "host" : "localhost:8243", "basePath" : "/phoneverify/1.0", "schemes" : [ "https", "http" ], "security" : [ { "default" : [ ] } ], "paths" : { "/*" : { "post" : { "consumes" : [ "text/xml", "application/soap+xml" ], "parameters" : [ { "in" : "body", "name" : "SOAP Request", "description" : "SOAP request.", "required" : true, "schema" : { "type" : "string" } }, { "name" : "SOAPAction", "in" : "header", "description" : "SOAPAction header for soap 1.1", "required" : false, "type" : "string" } ], "responses" : { "200" : { "description" : "OK" } }, "security" : [ { "default" : [ ] } ], "x-auth-type" : "Application & Application User", "x-throttling-tier" : "Unlimited" } } }, "securityDefinitions" : { "default" : { "type" : "oauth2", "authorizationUrl" : "https://localhost:8243/authorize", "flow" : "implicit" } } }' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/swagger" /apis/{apiId}/graphql-schema: get: tags: - APIs summary: | Get GraphQL Definition description: | You can use this operation to retrieve the swagger definition of an API. `X-WSO2-Tenant` header can be used to retrieve the swagger definition an API of a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's swagger definition, you need to provide Authorization header. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Requested swagger document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/graphql-schema" /apis/{apiId}/sdks/{language}: get: tags: - SDKs summary: | Generate a SDK for an API description: | This operation can be used to generate SDKs (System Development Kits), for the APIs available in the API Developer Portal, for a requested development language. parameters: - $ref: '#/components/parameters/apiId' - name: language in: path description: | Programming language of the SDK that is required. required: true schema: type: string - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. SDK generated successfully. content: application/zip: schema: type: string format: byte 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/sdks/java" > Swagger Petstore_java_1.0.0.zip /apis/{apiId}/wsdl: get: tags: - APIs summary: Get API WSDL definition description: | This operation can be used to retrieve the swagger definition of an API. operationId: getWSDLOfAPI parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/environmentName' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Requested WSDL document of the API is returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/wsdl" x-examples: $ref: docs/examples/apis/wsdl/apiId_wsdl_get.yaml ###################################################### # The "Document Collection" resource APIs ###################################################### /apis/{apiId}/documents: get: tags: - API Documents summary: | Get a List of Documents of an API description: | This operation can be used to retrive a list of documents belonging to an API by providing the id of the API. `X-WSO2-Tenant` header can be used to retrive documents of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's documents, you need to provide Authorization header. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Document list is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/DocumentList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents" ###################################################### # The "Individual Document" resource APIs ###################################################### /apis/{apiId}/documents/{documentId}: get: tags: - API Documents summary: | Get a Document of an API description: | This operation can be used to retrieve a particular document's metadata associated with an API. `X-WSO2-Tenant` header can be used to retrive a document of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's document, you need to provide Authorization header. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Document returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Document' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents/850a4f34-db2c-4d23-9d85-3f95fbfb082c" /apis/{apiId}/documents/{documentId}/content: get: tags: - API Documents summary: | Get the Content of an API Document description: | This operation can be used to retrive the content of an API's document. The document can be of 3 types. In each cases responses are different. 1. **Inline type**: The content of the document will be retrieved in `text/plain` content type 2. **FILE type**: The file will be downloaded with the related content type (eg. `application/pdf`) 3. **URL type**: The client will recieve the URL of the document as the Location header with the response with - `303 See Other` `X-WSO2-Tenant` header can be used to retrive the content of a document of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's document content, you need to provide Authorization header. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/documentId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. File or inline content returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: {} 303: description: | See Other. Source can be retrived from the URL specified at the Location header. headers: Location: description: | The Source URL of the document. schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content" /apis/{apiId}/thumbnail: get: tags: - APIs summary: Get Thumbnail Image description: | This operation can be used to download a thumbnail image of an API. `X-WSO2-Tenant` header can be used to retrive a thumbnail of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's thumbnail, you need to provide Authorization header. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Thumbnail image returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: {} 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/thumbnail" /apis/{apiId}/ratings: get: tags: - Ratings summary: Retrieve API Ratings description: | This operation can be used to retrieve the list of ratings of an API. `X-WSO2-Tenant` header can be used to retrieve ratings of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Rating list returned. content: application/json: schema: $ref: '#/components/schemas/RatingList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/ratings" x-examples: $ref: docs/examples/apis/apis_id_ratings_get.yaml /apis/{apiId}/user-rating: get: tags: - Ratings summary: Retrieve API Rating of User description: | This operation can be used to get the user rating of an API. `X-WSO2-Tenant` header can be used to retrieve the logged in user rating of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Rating returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modified the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Rating' 304: description: | Not Modified. Empty body because the client already has the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/user-rating" x-examples: $ref: docs/examples/apis/apis_id_user-rating.yaml#/get put: tags: - Ratings summary: Add or Update Logged in User's Rating for an API description: | This operation can be used to add or update an API rating. `X-WSO2-Tenant` header can be used to add or update the logged in user rating of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' requestBody: description: | Rating object that should to be added content: application/json: schema: $ref: '#/components/schemas/Rating' required: true responses: 200: description: | OK. Successful response with the newly created or updated object as entity in the body. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Rating' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/user-rating"' x-examples: $ref: docs/examples/apis/apis_id_user-rating.yaml#/put delete: tags: - Ratings summary: Delete User API Rating description: | This operation can be used to delete logged in user API rating. `X-WSO2-Tenant` header can be used to delete the logged in user rating of an API that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: {} security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/user-rating" x-examples: $ref: docs/examples/apis/apis_id_user-rating.yaml#/delete /apis/{apiId}/comments: get: tags: - Comments summary: Retrieve API Comments description: | Get a list of Comments that are already added to APIs operationId: getAllCommentsOfAPI parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/includeCommenterInfo' responses: 200: description: | OK. Comments list is returned. content: application/json: schema: $ref: '#/components/schemas/CommentList' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments" x-examples: $ref: docs/examples/apis/comments.yaml#/get post: tags: - Comments summary: Add an API Comment operationId: addCommentToAPI parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/parentCommentID' requestBody: description: | Comment object that should to be added content: application/json: schema: title: Post request body type: object properties: content: type: string maxLength: 512 description: | Content of the comment example: This is a comment category: type: string description: | Category of the comment example: general required: - content required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string Location: description: | Location to the newly created Comment. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Comment' 400: $ref: '#/components/responses/BadRequest' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 415: $ref: '#/components/responses/UnsupportedMediaType' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: 'curl -k -X POST -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments"' x-examples: $ref: docs/examples/apis/comments.yaml#/post /apis/{apiId}/comments/{commentId}: get: tags: - Comments summary: Get Details of an API Comment description: | Get the individual comment given by a username for a certain API. operationId: getCommentOfAPI parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/includeCommenterInfo' - $ref: '#/components/parameters/replyLimit' - $ref: '#/components/parameters/replyOffset' responses: 200: description: | OK. Comment returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Comment' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" x-examples: $ref: docs/examples/apis/comment_id-comments.yaml#/get patch: tags: - Comments summary: Edit a comment description: | Edit the individual comment operationId: editCommentOfAPI parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/apiId' requestBody: description: | Comment object that should to be updated content: application/json: schema: title: Patch request body type: object properties: content: type: string maxLength: 512 description: | Content of the comment example: This is a comment category: type: string description: | Category of the comment example: general required: true responses: 200: description: | OK. Comment updated. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string Location: description: | Location to the newly created Comment. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Comment' 400: $ref: '#/components/responses/BadRequest' 401: $ref: '#/components/responses/Unauthorized' 403: description: | Forbidden. The request must be conditional but no condition has been specified. 404: $ref: '#/components/responses/NotFound' 415: $ref: '#/components/responses/UnsupportedMediaType' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: 'curl -k -X PATCH -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/store/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' x-examples: $ref: docs/examples/apis/comments.yaml#/post delete: tags: - Comments summary: Delete an API Comment description: | Remove a Comment operationId: deleteComment parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: {} 401: $ref: '#/components/responses/Unauthorized' 403: description: | Forbidden. The request must be conditional but no condition has been specified. content: {} 404: $ref: '#/components/responses/NotFound' 405: description: | MethodNotAllowed. Request method is known by the server but is not supported by the target resource. content: {} 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:subscribe - apim:admin x-code-samples: - lang: Curl source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" x-examples: $ref: docs/examples/apis/comment_id-comments.yaml#/delete /apis/{apiId}/comments/{commentId}/replies: get: tags: - Comments summary: Get replies of a comment description: | Get replies of a comment operationId: getRepliesOfComment parameters: - $ref: '#/components/parameters/commentId' - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/includeCommenterInfo' responses: 200: description: | OK. Comment returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/CommentList' 401: $ref: '#/components/responses/Unauthorized' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/store/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4/replies" x-examples: $ref: docs/examples/apis/comment_id-comments.yaml#/get /apis/{apiId}/topics: get: tags: - Topics summary: | Get a list of available topics for a given async API description: | This operation will provide a list of topics available for a given Async API, based on the provided API ID. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Topic list returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/TopicList' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/store/v1/topics/5b65808c-cdf2-43e1-a695-de63e3ad0ae9" /apis/{apiId}/subscription-policies: get: tags: - APIs summary: | Get Details of the Subscription Throttling Policies of an API description: | This operation can be used to retrieve details of the subscription throttling policy of an API by specifying the API Id. `X-WSO2-Tenant` header can be used to retrive API subscription throttling policies that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/components/parameters/apiId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Throttling Policy returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ThrottlingPolicy' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/268c9e55-3dc1-4f47-82e7-977e5343d077/subscription-policies" ###################################################### # The "Application Collection" resource APIs ###################################################### /applications: get: tags: - Applications summary: | Retrieve/Search Applications description: | This operation can be used to retrieve list of applications that is belonged to the user associated with the provided access token. parameters: - $ref: '#/components/parameters/groupId' - name: query in: query description: | **Search condition**. You can search for an application by specifying the name as "query" attribute. Eg. "app1" will match an application if the name is exactly "app1". Currently this does not support wildcards. Given name must exactly match the application name. schema: type: string - name: sortBy in: query schema: type: string enum: - name - throttlingPolicy - status - name: sortOrder in: query schema: type: string enum: - asc - desc - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Application list returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 400: $ref: '#/components/responses/BadRequest' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:subscribe - apim:app_manage - apim:app_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/applications"' post: tags: - Applications summary: | Create a New Application description: | This operation can be used to create a new application specifying the details of the application in the payload. requestBody: description: | Application object that is to be created. content: application/json: schema: $ref: '#/components/schemas/Application' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request schema: type: string Location: description: | Location of the newly created Application. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Application' 202: description: | Accepted. The request has been accepted. headers: Location: description: | Location of the newly created Application. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 400: $ref: '#/components/responses/BadRequest' 409: $ref: '#/components/responses/Conflict' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications"' ###################################################### # The "Individual Application" resource APIs ###################################################### /applications/{applicationId}: get: tags: - Applications summary: | Get Details of an Application description: | This operation can be used to retrieve details of an individual application specifying the application id in the URI. parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Application returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Application' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015"' put: tags: - Applications summary: | Update an Application description: | This operation can be used to update an application. Upon succesfull you will retrieve the updated application as the response. parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/If-Match' requestBody: description: | Application object that needs to be updated content: application/json: schema: $ref: '#/components/schemas/Application' required: true responses: 200: description: | OK. Application updated. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string Location: description: | The URL of the newly created resource. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Application' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015"' delete: tags: - Applications summary: | Remove an Application description: | This operation can be used to remove an application specifying its id. parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: {} 202: description: | Accepted. The request has been accepted. headers: Location: description: | Location of the existing Application. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage - apim:app_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -X DELETE "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015"' /applications/{applicationId}/generate-keys: post: tags: - Application Keys summary: Generate Application Keys description: | Generate keys (Consumer key/secret) for application parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/requestedTenant' requestBody: description: | Application key generation request object content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyGenerateRequest' required: true responses: 200: description: | OK. Keys are generated. content: application/json: schema: $ref: '#/components/schemas/ApplicationKey' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/generate-keys"' /applications/{applicationId}/map-keys: post: tags: - Application Keys summary: Map Application Keys description: | Map keys (Consumer key/secret) to an application parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/requestedTenant' requestBody: description: | Application key mapping request object content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyMappingRequest' required: true responses: 200: description: | OK. Keys are mapped. content: application/json: schema: $ref: '#/components/schemas/ApplicationKey' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/map-keys"' /applications/{applicationId}/keys: get: tags: - Application Keys summary: Retrieve All Application Keys description: | Retrieve keys (Consumer key/secret) of application parameters: - $ref: '#/components/parameters/applicationId' responses: 200: description: | OK. Keys are returned. content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' deprecated: true security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys"' /applications/{applicationId}/keys/{keyType}: get: tags: - Application Keys summary: | Get Key Details of a Given Type description: | This operation can be used to retrieve key details of an individual application specifying the key type in the URI. parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyType' - $ref: '#/components/parameters/groupId' responses: 200: description: | OK. Keys of given type are returned. content: application/json: schema: $ref: '#/components/schemas/ApplicationKey' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' deprecated: true security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION"' put: tags: - Application Keys summary: | Update Grant Types and Callback Url of an Application description: | This operation can be used to update grant types and callback url of an application. (Consumer Key and Consumer Secret are ignored) Upon succesfull you will retrieve the updated key details as the response. parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyType' requestBody: description: | Grant types/Callback URL update request object content: application/json: schema: $ref: '#/components/schemas/ApplicationKey' required: true responses: 200: description: | Ok. Grant types or/and callback url is/are updated. content: application/json: schema: $ref: '#/components/schemas/ApplicationKey' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' deprecated: true security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION"' /applications/{applicationId}/keys/{keyType}/regenerate-secret: post: tags: - Application Keys summary: | Re-Generate Consumer Secret description: | This operation can be used to re generate consumer secret for an application for the give key type parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyType' responses: 200: description: | OK. Keys are re generated. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).‚ schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyReGenerateResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' deprecated: true security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION/regenerate-secret"' /applications/{applicationId}/keys/{keyType}/clean-up: post: tags: - Application Keys summary: Clean-Up Application Keys description: | Clean up keys after failed key generation of an application parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyType' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Clean up is performed content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' deprecated: true security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/v2/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION/clean-up"' /applications/{applicationId}/keys/{keyType}/generate-token: post: tags: - Application Tokens summary: Generate Application Token description: | Generate an access token for application by client_credentials grant type parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyType' - $ref: '#/components/parameters/If-Match' requestBody: description: | Application token generation request object content: application/json: schema: $ref: '#/components/schemas/ApplicationTokenGenerateRequest' required: true responses: 200: description: | OK. Token is generated. content: application/json: schema: $ref: '#/components/schemas/ApplicationToken' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' deprecated: true security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/keys/PRODUCTION/generate-token"' /applications/{applicationId}/oauth-keys: get: tags: - Application Keys summary: Retrieve All Application Keys description: | Retrieve keys (Consumer key/secret) of application parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Keys are returned. content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyList' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys"' /applications/{applicationId}/oauth-keys/{keyMappingId}: get: tags: - Application Keys summary: | Get Key Details of a Given Type description: | This operation can be used to retrieve key details of an individual application specifying the key type in the URI. parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyMappingId' - $ref: '#/components/parameters/groupId' responses: 200: description: | OK. Keys of given type are returned. content: application/json: schema: $ref: '#/components/schemas/ApplicationKey' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584"' put: tags: - Application Keys summary: | Update Grant Types and Callback URL of an Application description: | This operation can be used to update grant types and callback url of an application. (Consumer Key and Consumer Secret are ignored) Upon succesfull you will retrieve the updated key details as the response. parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyMappingId' requestBody: description: | Grant types/Callback URL update request object content: application/json: schema: $ref: '#/components/schemas/ApplicationKey' required: true responses: 200: description: | Ok. Grant types or/and callback url is/are updated. content: application/json: schema: $ref: '#/components/schemas/ApplicationKey' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584"' /applications/{applicationId}/oauth-keys/{keyMappingId}/regenerate-secret: post: tags: - Application Keys summary: | Re-Generate Consumer Secret description: | This operation can be used to re generate consumer secret for an application for the give key type parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyMappingId' responses: 200: description: | OK. Keys are re generated. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).‚ schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyReGenerateResponse' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584/regenerate-secret"' /applications/{applicationId}/oauth-keys/{keyMappingId}/clean-up: post: tags: - Application Keys summary: Clean-Up Application Keys description: | Clean up keys after failed key generation of an application parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyMappingId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Clean up is performed content: {} 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584/clean-up"' /applications/{applicationId}/oauth-keys/{keyMappingId}/generate-token: post: tags: - Application Tokens summary: Generate Application Token description: | Generate an access token for application by client_credentials grant type parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyMappingId' - $ref: '#/components/parameters/If-Match' requestBody: description: | Application token generation request object content: application/json: schema: $ref: '#/components/schemas/ApplicationTokenGenerateRequest' required: true responses: 200: description: | OK. Token is generated. content: application/json: schema: $ref: '#/components/schemas/ApplicationToken' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/{keyMappingId}/generate-token"' /applications/{applicationId}/api-keys/{keyType}/generate: post: tags: - API Keys summary: Generate API Key description: | Generate a self contained API Key for the application parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyType' - $ref: '#/components/parameters/If-Match' requestBody: description: | API Key generation request object content: application/json: schema: $ref: '#/components/schemas/APIKeyGenerateRequest' required: false responses: 200: description: | OK. apikey generated. content: application/json: schema: $ref: '#/components/schemas/APIKey' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage - apim:api_key x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/api-keys/PRODUCTION/generate"' /applications/{applicationId}/api-keys/{keyType}/revoke: post: tags: - API Keys summary: Revoke API Key description: | Revoke a self contained API Key for the application parameters: - $ref: '#/components/parameters/applicationId' - $ref: '#/components/parameters/keyType' - $ref: '#/components/parameters/If-Match' requestBody: description: | API Key revoke request object content: application/json: schema: $ref: '#/components/schemas/APIKeyRevokeRequest' required: false responses: 200: description: | OK. apikey revoked successfully. content: {} 400: $ref: '#/components/responses/BadRequest' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:app_manage - apim:api_key x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/applications/16cd2684-9657-4a01-a956-4efd89e96077/api-keys/PRODUCTION/revoke"' /applications/export: get: tags: - Import Export summary: Export an Application description: | This operation can be used to export the details of a particular application as a zip file. parameters: - name: appName in: query description: | Application Name required: true schema: type: string - name: appOwner in: query description: | Owner of the Application required: true schema: type: string - name: withKeys in: query description: | Export application keys schema: type: boolean - name: format in: query description: | Format of output documents. Can be YAML or JSON. schema: type: string enum: - JSON - YAML responses: 200: description: | OK. Export Successful. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/zip: schema: type: string format: binary 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:app_import_export x-code-samples: - lang: Shell source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/devportal/v2/applications/import?appName=sampleApp&appOwner=admin&withKeys=true" > exportedApplication.zip' /applications/import: post: tags: - Application (Individual) summary: Import an Application description: | This operation can be used to import an application. parameters: - name: preserveOwner in: query description: | Preserve Original Creator of the Application schema: type: boolean - name: skipSubscriptions in: query description: | Skip importing Subscriptions of the Application schema: type: boolean - name: appOwner in: query description: | Expected Owner of the Application in the Import Environment schema: type: string - name: skipApplicationKeys in: query description: | Skip importing Keys of the Application schema: type: boolean - name: update in: query description: | Update if application exists schema: type: boolean requestBody: content: multipart/form-data: schema: required: - file properties: file: type: string description: | Zip archive consisting of exported Application Configuration. format: binary required: true responses: 200: description: | OK. Successful response with the updated object information as entity in the body. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationInfo' 207: description: | Multi Status. Partially successful response with skipped APIs information object as entity in the body. content: application/json: schema: $ref: '#/components/schemas/APIInfoList' 400: $ref: '#/components/responses/BadRequest' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:app_import_export x-code-samples: - lang: Shell source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -F file=@exportedApplication.zip "https://127.0.0.1:9443/api/am/devportal/v2/applications/import?preserveOwner=true&skipSubscriptions=false&appOwner=admin&skipApplicationKeys=false&update=true"' ###################################################### # The "Subscription Collection" resource APIs ###################################################### /subscriptions: get: tags: - Subscriptions summary: | Get All Subscriptions description: | This operation can be used to retrieve a list of subscriptions of the user associated with the provided access token. This operation is capable of 1. Retrieving applications which are subscibed to a specific API. `GET https://localhost:9443/api/am/devportal/v2/subscriptions?apiId=c43a325c-260b-4302-81cb-768eafaa3aed` 2. Retrieving APIs which are subscribed by a specific application. `GET https://localhost:9443/api/am/devportal/v2/subscriptions?applicationId=c43a325c-260b-4302-81cb-768eafaa3aed` **IMPORTANT:** * It is mandatory to provide either **apiId** or **applicationId**. parameters: - $ref: '#/components/parameters/apiId-Q' - $ref: '#/components/parameters/applicationId-Q' - $ref: '#/components/parameters/groupId' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Subscription list returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SubscriptionList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:subscribe - apim:sub_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/subscriptions?apiId=02e658e7-71c7-4b1d-a623-be145b789340"' post: tags: - Subscriptions summary: | Add a New Subscription description: | This operation can be used to add a new subscription providing the id of the API and the application. parameters: - $ref: '#/components/parameters/requestedTenant' requestBody: description: | Subscription object that should to be added content: application/json: schema: $ref: '#/components/schemas/Subscription' required: true responses: 201: description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string Location: description: | Location to the newly created subscription. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Subscription' 202: description: | Accepted. The request has been accepted. headers: Location: description: | Location of the newly created subscription. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:subscribe - apim:sub_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/subscriptions"' /subscriptions/multiple: post: tags: - Subscriptions summary: | Add New Subscriptions description: | This operation can be used to add a new subscriptions providing the ids of the APIs and the applications. parameters: - $ref: '#/components/parameters/requestedTenant' requestBody: description: | Subscription objects that should to be added content: application/json: schema: type: array items: $ref: '#/components/schemas/Subscription' required: true responses: 200: description: | OK. Successful response with the newly created objects as entity in the body. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: type: array items: $ref: '#/components/schemas/Subscription' 400: $ref: '#/components/responses/BadRequest' 415: $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:subscribe - apim:sub_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/subscriptions/multiple"' ###################################################### # The "Individual Subscription" resource APIs ###################################################### /subscriptions/{subscriptionId}: get: tags: - Subscriptions summary: | Get Details of a Subscription description: | This operation can be used to get details of a single subscription. parameters: - $ref: '#/components/parameters/subscriptionId' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Subscription returned headers: ETag: description: Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: Date and time the resource has been modifed the last time. Used by caches, or in conditional reuquests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Subscription' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:subscribe - apim:sub_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9"' put: tags: - Subscriptions summary: | Update Existing Subscription description: | This operation can be used to update a subscription providing the subscription id, api id, application Id, status and updated throttling policy tier. parameters: - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/subscriptionId' requestBody: description: | Subscription object that should to be added content: application/json: schema: $ref: '#/components/schemas/Subscription' required: true responses: 200: description: | Subscription Updated. Successful response with the updated object as entity in the body. Location header contains URL of newly updates entity. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional request. schema: type: string Location: description: | Location to the updated subscription. schema: type: string content: application/json: schema: $ref: '#/components/schemas/Subscription' 202: description: | Accepted. The request has been accepted. headers: Location: description: | Location of the updated subscription. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 400: $ref: '#/components/responses/BadRequest' 404: description: | Not Found. Requested Subscription does not exist. content: {} 415: description: | Unsupported media type. The entity of the request was in a not supported format. content: {} security: - OAuth2Security: - apim:subscribe - apim:sub_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/v2/subscriptions/80369180-7d90-4ee8-99a1-19fa68512aa5"' delete: tags: - Subscriptions summary: | Remove a Subscription description: | This operation can be used to remove a subscription. parameters: - $ref: '#/components/parameters/subscriptionId' - $ref: '#/components/parameters/If-Match' responses: 200: description: | OK. Resource successfully deleted. content: {} 202: description: | Accepted. The request has been accepted. headers: Location: description: | Location of the existing subscription. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WorkflowResponse' 404: $ref: '#/components/responses/NotFound' 412: $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:subscribe - apim:sub_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X DELETE "https://localhost:9443/api/am/devportal/v2/subscriptions/80369180-7d90-4ee8-99a1-19fa68512aa5"' x-wso2-curl: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -X DELETE "https://localhost:9443/api/am/devportal/v2/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9"' x-wso2-request: | DELETE https://localhost:9443/api/am/devportal/v2/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9 x-wso2-response: HTTP/1.1 200 OK /subscriptions/{subscriptionId}/usage: get: tags: - API Monetization summary: Get Details of a Pending Invoice for a Monetized Subscription with Metered Billing. description: | This operation can be used to get details of a pending invoice for a monetized subscription with metered billing. parameters: - $ref: '#/components/parameters/subscriptionId' responses: 200: description: | OK. Details of a pending invoice returned. headers: ETag: description: Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Last-Modified: description: Date and time the resource has been modified the last time. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/APIMonetizationUsage' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:subscribe - apim:sub_manage x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9/usage"' ###################################################### # The "Throttling Policy Collection" resource APIs ###################################################### /throttling-policies/{policyLevel}: get: tags: - Throttling Policies summary: Get All Available Throttling Policies description: | Get available Throttling Policies parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/policyLevel' - $ref: '#/components/parameters/If-None-Match' - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. List of throttling policies returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: type: array items: $ref: '#/components/schemas/ThrottlingPolicyList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/throttling-policies/application" ###################################################### # The "Individual Throttling Policy" resource APIs ###################################################### /throttling-policies/{policyLevel}/{policyId}: get: tags: - Throttling Policies summary: | Get Details of a Throttling Policy description: | This operation can be used to retrieve details of a single throttling policy by specifying the policy level and policy name. `X-WSO2-Tenant` header can be used to retrive throttling policy that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. parameters: - $ref: '#/components/parameters/policyId' - $ref: '#/components/parameters/policyLevel' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Throttling Policy returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string Last-Modified: description: | Date and time the resource has been modifed the last time. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ThrottlingPolicy' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/throttling-policies/application/10PerMin" ###################################################### # The "Tag Collection" resource API ###################################################### /tags: get: tags: - Tags summary: | Get All Tags description: | This operation can be used to retrieve a list of tags that are already added to APIs. `X-WSO2-Tenant` header can be used to retrive tags that belongs to a different tenant domain. If not specified super tenant will be used. If Authorization header is present in the request, the user's tenant associated with the access token will be used. **NOTE:** * This operation does not require an Authorization header by default. But in order to see a restricted API's tags, you need to provide Authorization header. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/requestedTenant' - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Tag list is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/TagList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource. content: {} 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/tags" ###################################################### # The "Content Search Results" resource APIs ###################################################### /search: get: tags: - Unified Search summary: | Retrieve/Search APIs and API Documents by Content description: | This operation provides you a list of available APIs and API Documents qualifying the given keyword match. parameters: - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' - $ref: '#/components/parameters/requestedTenant' - name: query in: query description: | **Search**. You can search by using providing the search term in the query parameters. schema: type: string - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. List of qualifying APIs and docs is returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). schema: type: string Content-Type: description: The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/SearchResultList' 304: description: | Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/search?query=PizzaShackAPI" ###################################################### # The "SDK Generation Languages" list resource APIs ###################################################### /sdk-gen/languages: get: tags: - SDKs summary: | Get a List of Supported SDK Languages description: | This operation will provide a list of programming languages that are supported by the swagger codegen library for generating System Development Kits (SDKs) for APIs available in the API Manager Developer Portal responses: 200: description: | OK. List of supported languages for generating SDKs. content: {} 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/sdk-gen/languages" ###################################################### # The Web hook API topic details ###################################################### /webhooks/subscriptions: get: tags: - Webhooks summary: | Get available web hook subscriptions for a given application. description: | This operation will provide a list of web hook topic subscriptions for a given application. If the api id is provided results will be filtered by the api Id. parameters: - $ref: '#/components/parameters/applicationId-Q' - $ref: '#/components/parameters/apiId-Q' - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Topic list returned. headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests. schema: type: string content: application/json: schema: $ref: '#/components/schemas/WebhookSubscriptionList' 404: $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/store/v1/webhooks/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9" ###################################################### # The Developer Portal settings List ###################################################### /settings: get: tags: - Settings summary: Retreive Developer Portal settings description: | Retreive Developer Portal Settings parameters: - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Settings returned content: application/json: schema: $ref: '#/components/schemas/Settings' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:store_settings x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/settings"' /settings/application-attributes: get: tags: - Settings summary: | Get All Application Attributes from Configuration description: | This operation can be used to retrieve the application attributes from configuration. It will not return hidden attributes. parameters: - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. Application attributes returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/ApplicationAttributeList' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/settings/application-attributes"' ###################################################### # The tenant resource APIs ###################################################### /tenants: get: tags: - Tenants summary: | Get Tenants by State description: | This operation is to get tenants by state parameters: - name: state in: query description: | The state represents the current state of the tenant Supported states are [ active, inactive] schema: type: string default: active enum: - active - inactive - $ref: '#/components/parameters/limit' - $ref: '#/components/parameters/offset' responses: 200: description: | OK. Tenant names returned. headers: Content-Type: description: | The content type of the body. schema: type: string content: application/json: schema: $ref: '#/components/schemas/TenantList' 404: $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/tenants" x-examples: $ref: docs/examples/tenants/tenants.yam ###################################################### # The "Recommendations" resource API ###################################################### /recommendations: get: tags: - Recommendations summary: Give API Recommendations for a User description: This API can be used to get recommended APIs for a user who logs into the API Developer Portal responses: 200: description: | OK. Requested recommendations are returned headers: ETag: description: | Entity Tag of the response resource. Used by caches, or in conditional requests schema: type: string content: application/json: schema: $ref: '#/components/schemas/Recommendations' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/recommendations"' ###################################################### # The "Category Collection" resource API ###################################################### /api-categories: get: tags: - API Category (Collection) summary: Get All API Categories description: | Get all API categories parameters: - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Categories returned content: application/json: schema: $ref: '#/components/schemas/APICategoryList' security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/api-categories" ###################################################### # The "Key Manager Collection" resource API ###################################################### /key-managers: get: tags: - Key Managers (Collection) summary: Get All Key Managers description: | Get all Key managers parameters: - $ref: '#/components/parameters/requestedTenant' responses: 200: description: | OK. Categories returned content: application/json: schema: $ref: '#/components/schemas/KeyManagerList' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/v2/key-managers"' ###################################################### # GraphQL "Query Complexity" resource APIs ###################################################### /apis/{apiId}/graphql-policies/complexity: get: tags: - GraphQL Policies summary: Get the Complexity Related Details of an API description: | This operation can be used to retrieve complexity related details belonging to an API by providing the API id. parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Requested complexity details returned. headers: Content-Type: description: | The content of the body. schema: type: string default: application/json content: application/json: schema: $ref: '#/components/schemas/GraphQLQueryComplexityInfo' 404: description: | Not Found. Requested API does not contain any complexity details. content: {} security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/graphql-policies/complexity" /apis/{apiId}/graphql-policies/complexity/types: get: tags: - GraphQL Policies summary: Retrieve Types and Fields of a GraphQL Schema description: | This operation can be used to retrieve all types and fields of the GraphQL Schema by providing the API id. parameters: - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. Types and fields returned successfully. headers: Content-Type: description: | The content of the body. schema: type: string default: application/json content: application/json: schema: $ref: '#/components/schemas/GraphQLSchemaTypeList' 404: description: | Not Found. Retrieving types and fields failed. content: {} security: - OAuth2Security: [] x-code-samples: - lang: Curl source: curl -k "https://localhost:9443/api/am/devportal/v2/apis/e93fb282-b456-48fc-8981-003fb89086ae/graphql-policies/complexity/types" ###################################################### # User resource APIs ###################################################### /me/change-password: post: tags: - Users summary: Change the Password of the user description: | Using this operation, logged-in user can change their password. operationId: changeUserPassword requestBody: description: | Current and new password of the user content: application/json: schema: $ref: '#/components/schemas/CurrentAndNewPasswords' required: true responses: 200: description: OK. User password changed successfully content: {} 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:subscribe x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/v2/me/change-password"' components: schemas: APIList: title: API List type: object properties: count: type: integer description: | Number of APIs returned. example: 1 list: type: array items: $ref: '#/components/schemas/APIInfo' pagination: $ref: '#/components/schemas/Pagination' example: count: 2 list: - id: 01234567-0123-0123-0123-012345678901 name: CalculatorAPI description: A calculator API that supports basic operations context: /CalculatorAPI version: 1.0.0 provider: admin lifeCycleStatus: PUBLISHED thumbnailUri: /apis/01234567-0123-0123-0123-012345678901/thumbnail - id: 01123567-1233-5453-0212-12353678901 name: PizzaShackAPI description: A Pizza ordering API context: /PizzaShackAPI version: 1.0.0 provider: admin lifeCycleStatus: PUBLISHED thumbnailUri: /apis/01123567-1233-5453-0212-12353678901/thumbnail pagination: offset: 2 limit: 2 total: 10 next: /apis?limit=2&offset=4 previous: /apis?limit=2&offset=0 APIInfo: title: API Info object with basic API details. type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorAPI description: type: string example: A calculator API that supports basic operations context: type: string example: CalculatorAPI version: type: string example: 1.0.0 type: type: string example: WS provider: type: string description: | If the provider value is not given, the user invoking the API will be used as the provider. example: admin lifeCycleStatus: type: string example: PUBLISHED thumbnailUri: type: string example: /apis/01234567-0123-0123-0123-012345678901/thumbnail avgRating: type: string description: Average rating of the API example: "4.5" throttlingPolicies: type: array description: List of throttling policies of the API example: - Unlimited - Bronze items: type: string advertiseInfo: $ref: '#/components/schemas/AdvertiseInfo' businessInformation: $ref: '#/components/schemas/APIBusinessInformation' isSubscriptionAvailable: type: boolean example: false monetizationLabel: type: string example: Free APIInfoList: title: API Info List type: object properties: count: type: integer description: | Number of API Info objects returned. example: 1 list: type: array items: $ref: '#/components/schemas/APIInfo' API: title: API object required: - context - lifeCycleStatus - name - provider - version type: object properties: id: type: string description: | UUID of the api example: 01234567-0123-0123-0123-012345678901 name: type: string description: Name of the API example: CalculatorAPI description: type: string description: A brief description about the API example: A calculator API that supports basic operations context: type: string description: A string that represents thecontext of the user's request example: CalculatorAPI version: type: string description: The version of the API example: 1.0.0 provider: type: string description: | If the provider value is not given user invoking the api will be used as the provider. example: admin apiDefinition: type: string description: | Swagger definition of the API which contains details about URI templates and scopes example: '{"paths":{"\/substract":{"get":{"x-auth-type":"Application & Application User","x-throttling-tier":"Unlimited","parameters":[{"name":"x","required":true,"type":"string","in":"query"},{"name":"y","required":true,"type":"string","in":"query"}],"responses":{"200":{}}}},"\/add":{"get":{"x-auth-type":"Application & Application User","x-throttling-tier":"Unlimited","parameters":[{"name":"x","required":true,"type":"string","in":"query"},{"name":"y","required":true,"type":"string","in":"query"}],"responses":{"200":{}}}}},"swagger":"2.0","info":{"title":"CalculatorAPI","version":"1.0.0"}}' wsdlUri: type: string description: | WSDL URL if the API is based on a WSDL endpoint example: http://www.webservicex.com/globalweather.asmx?wsdl lifeCycleStatus: type: string description: This describes in which status of the lifecycle the API is. example: PUBLISHED isDefaultVersion: type: boolean example: false type: type: string description: This describes the transport type of the API example: WS transport: type: array example: - http - https items: type: string description: | Supported transports for the API (http and/or https). operations: type: array example: [] items: $ref: '#/components/schemas/APIOperations' authorizationHeader: type: string description: | Name of the Authorization header used for invoking the API. If it is not set, Authorization header name specified in tenant or system level will be used. example: Authorization securityScheme: type: array description: | Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If it is not set OAuth2 will be set as the security for the current API. example: - oauth2 - oauth_basic_auth_api_key_mandatory items: type: string tags: type: array description: Search keywords related to the API example: - substract - add items: type: string tiers: type: array description: The subscription tiers selected for the particular API items: type: object properties: tierName: type: string example: Gold tierPlan: type: string example: COMMERCIAL monetizationAttributes: type: object properties: fixedPrice: type: string example: "10" pricePerRequest: type: string example: "1" currencyType: type: string example: USD billingCycle: type: string example: month hasThumbnail: type: boolean example: true default: false additionalProperties: type: array items: type: object properties: name: type: string value: type: string display: type: boolean description: | Custom(user defined) properties of API example: {} monetization: $ref: '#/components/schemas/APIMonetizationInfo' endpointURLs: type: array items: type: object properties: environmentName: type: string example: Default environmentDisplayName: type: string example: Default environmentType: type: string example: hybrid URLs: type: object properties: http: type: string description: HTTP environment URL example: http://localhost:8280/phoneverify/1.0.0 https: type: string description: HTTPS environment URL example: https://localhost:8243/phoneverify/1.0.0 ws: type: string description: WS environment URL example: ws://localhost:9099/phoneverify/1.0.0 wss: type: string description: WSS environment URL example: wss://localhost:9099/phoneverify/1.0.0 defaultVersionURLs: type: object properties: http: type: string description: HTTP environment default URL example: http://localhost:8280/phoneverify/ https: type: string description: HTTPS environment default URL example: https://localhost:8243/phoneverify/ ws: type: string description: WS environment default URL example: ws://localhost:9099/phoneverify/ wss: type: string description: WSS environment default URL example: ws://localhost:9099/phoneverify/ businessInformation: $ref: '#/components/schemas/APIBusinessInformation' environmentList: type: array description: The environment list configured with non empty endpoint URLs for the particular API. example: - PRODUCTION - SANDBOX items: type: string scopes: type: array items: $ref: '#/components/schemas/ScopeInfo' avgRating: type: string description: The average rating of the API example: "4.5" advertiseInfo: $ref: '#/components/schemas/AdvertiseInfo' isSubscriptionAvailable: type: boolean example: false categories: type: array description: | API categories items: type: string example: "" keyManagers: type: object properties: {} description: | API Key Managers createdTime: type: string example: 2020-10-31T13:57:16.229 lastUpdatedTime: type: string example: 2020-10-31T13:57:16.229 APIMonetizationInfo: title: API monetization object required: - enabled type: object properties: enabled: type: boolean description: Flag to indicate the monetization status example: true ApplicationList: title: Application List type: object properties: count: type: integer description: | Number of applications returned. example: 1 list: type: array items: $ref: '#/components/schemas/ApplicationInfo' pagination: $ref: '#/components/schemas/Pagination' Application: title: Application required: - name - throttlingPolicy type: object properties: applicationId: type: string readOnly: true example: 01234567-0123-0123-0123-012345678901 name: maxLength: 70 minLength: 1 type: string example: CalculatorApp throttlingPolicy: minLength: 1 type: string example: Unlimited description: maxLength: 512 type: string example: Sample calculator application tokenType: type: string description: | Type of the access token generated for this application. **OAUTH:** A UUID based access token **JWT:** A self-contained, signed JWT based access token which is issued by default. example: JWT default: JWT enum: - OAUTH - JWT status: type: string readOnly: true example: APPROVED default: "" groups: type: array example: [] items: type: string subscriptionCount: type: integer readOnly: true keys: type: array readOnly: true example: [] items: $ref: '#/components/schemas/ApplicationKey' attributes: type: object additionalProperties: type: string example: {} subscriptionScopes: type: array example: [] items: $ref: '#/components/schemas/ScopeInfo' owner: type: string description: | Application created user readOnly: true example: admin hashEnabled: type: boolean readOnly: true example: false ApplicationInfo: title: Application info object with basic application details type: object properties: applicationId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorApp throttlingPolicy: type: string example: Unlimited description: type: string example: Sample calculator application status: type: string example: APPROVED default: "" groups: type: array example: "" items: type: string subscriptionCount: type: integer attributes: type: object properties: {} example: External Reference ID, Billing Tier owner: type: string example: admin DocumentList: title: Document List type: object properties: count: type: integer description: | Number of Documents returned. example: 1 list: type: array items: $ref: '#/components/schemas/Document' pagination: $ref: '#/components/schemas/Pagination' Document: title: Document required: - name - sourceType - type type: object properties: documentId: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorDoc type: type: string example: HOWTO enum: - HOWTO - SAMPLES - PUBLIC_FORUM - SUPPORT_FORUM - API_MESSAGE_FORMAT - SWAGGER_DOC - OTHER summary: type: string example: Summary of Calculator Documentation sourceType: type: string example: INLINE enum: - INLINE - MARKDOWN - URL - FILE sourceUrl: type: string example: "" otherTypeName: type: string example: "" ThrottlingPolicyList: title: Throttling Policy List type: object properties: count: type: integer description: | Number of Throttling Policies returned. example: 1 list: type: array items: $ref: '#/components/schemas/ThrottlingPolicy' pagination: $ref: '#/components/schemas/Pagination' ThrottlingPolicy: title: Throttling Policy required: - name - requestCount - stopOnQuotaReach - tierPlan - unitTime type: object properties: name: type: string example: Platinum description: type: string example: Allows 50 request(s) per minute. policyLevel: type: string example: subscription enum: - application - subscription attributes: type: object additionalProperties: type: string description: | Custom attributes added to the throttling policy example: {} requestCount: type: integer description: | Maximum number of requests which can be sent within a provided unit time format: int64 example: 50 dataUnit: description: | Unit of data allowed to be transfered. Allowed values are "KB", "MB" and "GB" type: string example: KB unitTime: type: integer format: int64 example: 60000 timeUnit: type: string example: min rateLimitCount: type: integer default: 0 description: Burst control request count example: 10 rateLimitTimeUnit: type: string description: Burst control time unit example: min quotaPolicyType: type: string description: Default quota limit type enum: - REQUESTCOUNT - BANDWIDTHVOLUME example: REQUESTCOUNT tierPlan: type: string description: | This attribute declares whether this tier is available under commercial or free example: FREE enum: - FREE - COMMERCIAL stopOnQuotaReach: type: boolean description: | If this attribute is set to false, you are capabale of sending requests even if the request count exceeded within a unit time example: true monetizationAttributes: $ref: '#/components/schemas/MonetizationInfo' throttlingPolicyPermissions: $ref: '#/components/schemas/ThrottlingPolicyPermissionInfo' SubscriptionList: title: Subscription List type: object properties: count: type: integer description: | Number of Subscriptions returned. example: 1 list: type: array items: $ref: '#/components/schemas/Subscription' pagination: $ref: '#/components/schemas/Pagination' TopicList: title: Topic List type: object properties: count: type: integer description: | Number of Topics returned. example: 1 list: type: array items: $ref: '#/components/schemas/Topic' pagination: $ref: '#/components/schemas/Pagination' Topic: title: Topic type: object properties: apiId: type: string example: faae5fcc-cbae-40c4-bf43-89931630d313 name: type: string example: orderBooks type: type: string example: publisher WebhookSubscriptionList: title: Subscribed Webhook List type: object properties: count: type: integer description: | Number of webhook subscriptions returned. example: 1 list: type: array items: $ref: '#/components/schemas/WebhookSubscription' pagination: $ref: '#/components/schemas/Pagination' WebhookSubscription: title: Webhook Subscription type: object properties: apiId: type: string example: faae5fcc-cbae-40c4-bf43-89931630d313 appId: type: string example: faae5fcc-cbae-40c4-bf43-89931630d313 topic: type: string example: orderBooks callBackUrl: type: string example: www.orderbooksite.com deliveryTime: type: string example: faae5fcc-cbae-40c4-bf43-89931630d313 deliveryStatus: type: integer example: 1 APIBusinessInformation: type: object properties: businessOwner: type: string example: businessowner businessOwnerEmail: type: string example: businessowner@wso2.com technicalOwner: type: string example: technicalowner technicalOwnerEmail: type: string example: technicalowner@wso2.com Subscription: title: Subscription required: - applicationId - throttlingPolicy type: object properties: subscriptionId: type: string description: The UUID of the subscription readOnly: true example: faae5fcc-cbae-40c4-bf43-89931630d313 applicationId: type: string description: The UUID of the application example: b3ade481-30b0-4b38-9a67-498a40873a6d apiId: type: string description: The unique identifier of the API. example: 2962f3bb-8330-438e-baee-0ee1d6434ba4 apiInfo: $ref: '#/components/schemas/APIInfo' applicationInfo: $ref: '#/components/schemas/ApplicationInfo' throttlingPolicy: type: string example: Unlimited requestedThrottlingPolicy: type: string example: Unlimited status: type: string example: UNBLOCKED enum: - BLOCKED - PROD_ONLY_BLOCKED - UNBLOCKED - ON_HOLD - REJECTED - TIER_UPDATE_PENDING redirectionParams: type: string description: A url and other parameters the subscriber can be redirected. readOnly: true example: "" Tag: title: Tag type: object properties: value: type: string example: tag1 count: type: integer example: 5 TagList: title: Tag List type: object properties: count: type: integer description: | Number of Tags returned. example: 1 list: type: array items: $ref: '#/components/schemas/Tag' pagination: $ref: '#/components/schemas/Pagination' Rating: title: Rating required: - rating type: object properties: ratingId: type: string readOnly: true example: 32acfa7a-77f8-4fe0-bb7f-a902f36546d0 apiId: type: string readOnly: true example: e93fb282-b456-48fc-8981-003fb89086ae ratedBy: maxLength: 50 type: string readOnly: true example: admin rating: type: integer example: 4 RatingList: title: Rating List type: object properties: avgRating: type: string description: | Average Rating of the API example: "4" userRating: type: integer description: | Rating given by the user example: 4 count: type: integer description: | Number of Subscriber Ratings returned. example: 1 list: type: array items: $ref: '#/components/schemas/Rating' pagination: $ref: '#/components/schemas/Pagination' Comment: title: Comment required: - content type: object properties: id: type: string readOnly: true example: 943d3002-000c-42d3-a1b9-d6559f8a4d49 content: maxLength: 512 type: string example: This is a comment createdTime: type: string readOnly: true example : 2021-02-11-09:57:25 createdBy: type: string readOnly: true example: admin updatedTime: type: string readOnly: true example : 2021-02-12-19:57:25 category: type: string readOnly: true default: general example : general parentCommentId: type: string readOnly: true example: 6f38aea2-f41e-4ac9-b3f2-a9493d00ba97 entryPoint: type: string readOnly: true enum: [devPortal, publisher] commenterInfo: $ref: '#/components/schemas/CommenterInfo' replies: $ref: '#/components/schemas/CommentList' CommentList: title: Comments List type: object properties: count: type: integer readOnly: true description: | Number of Comments returned. example: 1 list: type: array readOnly: true items: $ref: '#/components/schemas/Comment' pagination: $ref: '#/components/schemas/Pagination' Error: title: Error object returned with 4XX HTTP status required: - code - message type: object properties: code: type: integer format: int64 message: type: string description: Error message. description: type: string description: | A detail description about the error message. moreInfo: type: string description: | Preferably an url with more details about the error. error: type: array description: | If there are more than one error list them out. For example, list out validation errors by each field. items: $ref: '#/components/schemas/ErrorListItem' ErrorListItem: title: Description of individual errors that may have occurred during a request. required: - code - message type: object properties: code: type: string message: type: string description: | Description about individual errors occurred ApplicationToken: title: Application token details to invoke APIs type: object properties: accessToken: type: string description: Access token example: 1.2345678901234568E30 tokenScopes: type: array description: Valid comma seperated scopes for the access token example: - default - read_api - write_api items: type: string validityTime: type: integer description: Maximum validity time for the access token format: int64 example: 3600 APIKey: title: API Key details to invoke APIs type: object properties: apikey: type: string description: API Key example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= validityTime: type: integer format: int32 example: 3600 ApplicationKey: title: Application key details type: object properties: keyMappingId: type: string description: Key Manager Mapping UUID readOnly: true example: 92ab520c-8847-427a-a921-3ed19b15aad7 keyManager: type: string description: Key Manager Name example: Resident Key Manager consumerKey: type: string description: Consumer key of the application readOnly: true example: vYDoc9s7IgAFdkSyNDaswBX7ejoa consumerSecret: type: string description: Consumer secret of the application readOnly: true example: TIDlOFkpzB7WjufO3OJUhy1fsvAa supportedGrantTypes: type: array description: The grant types that are supported by the application example: - client_credentials - password items: type: string callbackUrl: type: string description: Callback URL example: http://sample.com/callback/url keyState: type: string description: Describes the state of the key generation. example: APPROVED keyType: type: string description: Describes to which endpoint the key belongs example: PRODUCTION enum: - PRODUCTION - SANDBOX mode: type: string description: Describe the which mode Application Mapped. example: CREATED enum: - MAPPED - CREATED groupId: type: string description: Application group id (if any). example: "2" token: $ref: '#/components/schemas/ApplicationToken' additionalProperties: type: object properties: {} description: additionalProperties (if any). ApplicationKeyReGenerateResponse: title: Application key details after re generating consumer secret type: object properties: consumerKey: type: string description: The consumer key associated with the application, used to indetify the client example: vYDoc9s7IgAFdkSyNDaswBX7ejoa consumerSecret: type: string description: The client secret that is used to authenticate the client with the authentication server example: TIDlOFkpzB7WjufO3OJUhy1fsvAa ApplicationKeyList: title: Application Keys List type: object properties: count: type: integer description: | Number of applications keys returned. example: 1 list: type: array items: $ref: '#/components/schemas/ApplicationKey' ApplicationKeyGenerateRequest: title: Application key generation request object required: - grantTypesToBeSupported - keyType type: object properties: keyType: type: string enum: - PRODUCTION - SANDBOX keyManager: type: string description: key Manager to Generate Keys example: Resident Key Manager grantTypesToBeSupported: type: array description: Grant types that should be supported by the application example: - password - client_credentials items: type: string callbackUrl: type: string description: Callback URL example: http://sample.com/callback/url scopes: type: array description: Allowed scopes for the access token example: - am_application_scope - default items: type: string validityTime: type: string example: "3600" clientId: type: string description: Client ID for generating access token. readOnly: true example: sZzoeSCI_vL2cjSXZQmsmV8JEyga clientSecret: type: string description: Client secret for generating access token. This is given together with the client Id. readOnly: true example: nrs3YAP4htxnz_DqpvGhf9Um04oa additionalProperties: type: object properties: {} description: Additional properties needed. example: {} ApplicationKeyMappingRequest: title: Application key provision request object required: - consumerKey - keyType type: object properties: consumerKey: type: string description: Consumer key of the application example: oYhwZu4P2ThDmiDprBk6c0YfjR8a consumerSecret: type: string description: Consumer secret of the application example: ondWGtFTCOVM4sfPyOfZ7fel610a keyManager: type: string description: Key Manager Name example: Resident Key Manager keyType: type: string enum: - PRODUCTION - SANDBOX ApplicationTokenGenerateRequest: title: Application access token generation request object type: object properties: consumerSecret: type: string description: Consumer secret of the application example: cV5pvyisxug5b5QZInq9cGZrMOMa validityPeriod: type: integer description: Token validity period format: int64 example: 3600 scopes: type: array description: Allowed scopes (space seperated) for the access token example: - apim:subscribe items: type: string revokeToken: type: string description: Token to be revoked, if any example: "" additionalProperties: type: object properties: {} description: Additional parameters if Authorization server needs any APIKeyGenerateRequest: title: API Key generation request object type: object properties: validityPeriod: type: integer description: Token validity period format: int32 example: 3600 additionalProperties: type: object properties: {} description: Additional parameters if Authorization server needs any APIKeyRevokeRequest: title: API Key revoke request object type: object properties: apikey: type: string description: API Key to revoke example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= ScopeInfo: title: API Scope info object with scope details type: object properties: key: type: string example: admin_scope name: type: string example: admin scope roles: type: array description: Allowed roles for the scope example: - manager - developer items: type: string description: type: string description: Description of the scope ScopeList: title: Scope list type: object properties: count: type: integer description: | Number of results returned. example: 1 list: type: array items: $ref: '#/components/schemas/ScopeInfo' pagination: $ref: '#/components/schemas/Pagination' ThrottlingPolicyPermissionInfo: title: Throttling Policy Permission info object with throttling policy permission details type: object properties: type: type: string enum: - allow - deny roles: type: array description: roles for this permission example: - manager - developer items: type: string MonetizationInfo: title: Monetization type: object properties: billingType: type: string example: fixedPrice enum: - fixedPrice - dynamicRate billingCycle: type: string example: month fixedPrice: type: string example: "10" pricePerRequest: type: string example: "1" currencyType: type: string example: USD APIMonetizationUsage: title: API monetization usage object type: object properties: properties: type: object additionalProperties: type: string description: Map of custom properties related to monetization usage WorkflowResponse: title: workflow Response required: - workflowStatus type: object properties: workflowStatus: type: string description: | This attribute declares whether this workflow task is approved or rejected. example: APPROVED enum: - CREATED - APPROVED - REJECTED - REGISTERED jsonPayload: type: string description: | Attributes that returned after the workflow execution User: title: User required: - email - firstName - lastName - password - username type: object properties: username: type: string password: type: string firstName: type: string lastName: type: string email: type: string APIOperations: title: Operation type: object properties: id: type: string example: apioperation target: type: string verb: type: string SearchResultList: title: Search Result List type: object properties: count: type: integer description: | Number of results returned. example: 1 list: type: array items: type: object pagination: $ref: '#/components/schemas/Pagination' SearchResult: title: Search Result required: - name type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: TestAPI type: type: string example: API enum: - DOC - API transportType: type: string description: Accepted values are HTTP, WS, SOAPTOREST, GRAPHQL discriminator: propertyName: name APISearchResult: title: API Result allOf: - $ref: '#/components/schemas/SearchResult' - type: object properties: description: type: string description: A brief description about the API example: A calculator API that supports basic operations context: type: string description: A string that represents the context of the user's request example: CalculatorAPI version: type: string description: The version of the API example: 1.0.0 provider: type: string description: | If the provider value is notgiven, the user invoking the API will be used as the provider. example: admin status: type: string description: This describes in which status of the lifecycle the API is example: CREATED thumbnailUri: type: string example: /apis/01234567-0123-0123-0123-012345678901/thumbnail businessInformation: $ref: '#/components/schemas/APIBusinessInformation' avgRating: type: string description: Average rating of the API example: "4.5" DocumentSearchResult: title: Document Result allOf: - $ref: '#/components/schemas/SearchResult' - type: object properties: docType: type: string example: HOWTO enum: - HOWTO - SAMPLES - PUBLIC_FORUM - SUPPORT_FORUM - API_MESSAGE_FORMAT - SWAGGER_DOC - OTHER summary: type: string example: Summary of Calculator Documentation sourceType: type: string example: INLINE enum: - INLINE - URL - FILE - MARKDOWN sourceUrl: type: string example: "" otherTypeName: type: string example: "" visibility: type: string example: API_LEVEL enum: - OWNER_ONLY - PRIVATE - API_LEVEL apiName: type: string description: The name of the associated API example: TestAPI apiVersion: type: string description: The version of the associated API example: 1.0.0 apiProvider: type: string example: admin apiUUID: type: string CommenterInfo: type: object properties: firstName: type: string example: John lastName: type: string example: David fullName: type: string example: John David Pagination: title: Pagination type: object properties: offset: type: integer example: 0 limit: type: integer example: 1 total: type: integer example: 10 next: type: string description: | Link to the next subset of resources qualified. Empty if no more resources are to be returned. example: "" previous: type: string description: | Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. example: "" Settings: title: Settings type: object properties: grantTypes: type: array items: type: string scopes: type: array items: type: string applicationSharingEnabled: type: boolean default: false mapExistingAuthApps: type: boolean default: false apiGatewayEndpoint: type: string monetizationEnabled: type: boolean default: false recommendationEnabled: type: boolean default: false IsUnlimitedTierPaid: type: boolean default: false identityProvider: type: object properties: external: type: boolean default: false IsAnonymousModeEnabled: type: boolean default: true IsPasswordChangeEnabled: type: boolean default: true userStorePasswordPattern: type: string description: The 'PasswordJavaRegEx' cofigured in the UserStoreManager example: "" passwordPolicyPattern: type: string description: The regex configured in the Password Policy property 'passwordPolicy.pattern' example: "" passwordPolicyMinLength: type: integer description: If Password Policy Feature is enabled, the property 'passwordPolicy.min.length' is returned as the 'passwordPolicyMinLength'. If password policy is not enabled, default value -1 will be returned. And it should be noted that the regex pattern(s) returned in 'passwordPolicyPattern' and 'userStorePasswordPattern' properties too will affect the minimum password length allowed and an intersection of all conditions will be considered finally to validate the password. passwordPolicyMaxLength: type: integer description: If Password Policy Feature is enabled, the property 'passwordPolicy.max.length' is returned as the 'passwordPolicyMaxLength'. If password policy is not enabled, default value -1 will be returned. And it should be noted that the regex pattern(s) returned in 'passwordPolicyPattern' and 'userStorePasswordPattern' properties too will affect the maximum password length allowed and an intersection of all conditions will be considered finally to validate the password. ApplicationAttribute: title: Application attributes type: object properties: description: type: string description: description of the application attribute example: Sample description of the attribute type: type: string description: type of the input element to display example: text tooltip: type: string description: tooltop to display for the input element example: Sample tooltip required: type: string description: whether this is a required attribute example: "false" attribute: type: string description: the name of the attribute example: External Reference Id hidden: type: string description: whether this is a hidden attribute example: "false" ApplicationAttributeList: title: Application Attributes List type: object properties: count: type: integer description: | Number of application attributes returned. example: 1 list: type: array items: $ref: '#/components/schemas/ApplicationAttribute' Tenant: title: Tenant type: object properties: domain: type: string description: tenant domain example: wso2.com status: type: string description: current status of the tenant active/inactive example: active TenantList: title: Tenant list type: object properties: count: type: integer description: | Number of tenants returned. example: 1 list: type: array items: $ref: '#/components/schemas/Tenant' pagination: $ref: '#/components/schemas/Pagination' AdvertiseInfo: title: API Advertise info object with advertise details type: object properties: advertised: type: boolean example: true originalDevPortalUrl: type: string example: https://localhost:9443/devportal apiOwner: type: string example: admin vendor: type: string default: WSO2 enum: - WSO2 - AWS APICategory: title: API Category required: - name type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: Finance description: type: string example: Finance related APIs APICategoryList: title: API Category List type: object properties: count: type: integer description: | Number of API categories returned. example: 1 list: type: array items: $ref: '#/components/schemas/APICategory' Recommendations: title: API recommendations type: object properties: count: type: integer description: | Number of APIs returned. example: 1 list: type: array items: $ref: '#/components/schemas/recommendedAPI' recommendedAPI: title: Recommended API type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: CalculatorAPI avgRating: type: string description: Average rating of the API example: "4.5" KeyManagerInfo: title: Key Manager Info required: - name - type type: object properties: id: type: string example: 01234567-0123-0123-0123-012345678901 name: type: string example: Resident Key Manager type: type: string example: default displayName: type: string description: | display name of Keymanager example: Resident Key Manager description: type: string example: This is Resident Key Manager enabled: type: boolean example: true availableGrantTypes: type: array items: type: string example: client_credentials tokenEndpoint: type: string example: https://localhost:9443/oauth2/token revokeEndpoint: type: string example: https://localhost:9443/oauth2/revoke userInfoEndpoint: type: string example: "" enableTokenGeneration: type: boolean example: true enableTokenEncryption: type: boolean example: false default: false enableTokenHashing: type: boolean example: false default: false enableOAuthAppCreation: type: boolean example: true default: true enableMapOAuthConsumerApps: type: boolean example: false default: false applicationConfiguration: type: array items: $ref: '#/components/schemas/KeyManagerApplicationConfiguration' additionalProperties: type: object properties: {} KeyManagerApplicationConfiguration: title: Key Manager application Configuration type: object properties: name: type: string example: consumer_key label: type: string example: Consumer Key type: type: string example: select required: type: boolean example: true mask: type: boolean example: true multiple: type: boolean example: true tooltip: type: string example: Enter username to connect to key manager default: type: object properties: {} example: admin values: type: array items: type: object properties: {} KeyManagerList: title: Key Manager List type: object properties: count: type: integer description: | Number of Key managers returned. example: 1 list: type: array items: $ref: '#/components/schemas/KeyManagerInfo' GraphQLQueryComplexityInfo: title: GraphQL Query Complexity Info type: object properties: list: type: array items: $ref: '#/components/schemas/GraphQLCustomComplexityInfo' GraphQLCustomComplexityInfo: title: GraphQL Custom Complexity Info required: - complexityValue - field - type type: object properties: type: type: string description: | The type found within the schema of the API example: Country field: type: string description: | The field which is found under the type within the schema of the API example: name complexityValue: type: integer description: | The complexity value allocated for the associated field under the specified type example: 1 GraphQLSchemaTypeList: title: List of types and corresponding fields of the GraphQL Schema type: object properties: typeList: type: array items: $ref: '#/components/schemas/GraphQLSchemaType' GraphQLSchemaType: title: Single type and corresponding fields found within the GraphQL Schema type: object properties: type: type: string description: | Type found within the GraphQL Schema example: Country fieldList: type: array description: | Array of fields under current type example: - code - name items: type: string CurrentAndNewPasswords: title: Current and new passowrd of the user type: object properties: currentPassword: type: string example: password123 newPassword: type: string example: newpassword1234 responses: BadRequest: description: Bad Request. Invalid request or validation error. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 400 message: Bad Request description: Invalid request or validation error moreInfo: "" error: [] Conflict: description: Conflict. Specified resource already exists. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 409 message: Conflict description: Specified resource already exists moreInfo: "" error: [] InternalServerError: description: Internal Server Error. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 500 message: Internal Server Error description: The server encountered an internal error. Please contact administrator. moreInfo: "" error: [] NotAcceptable: description: Not Acceptable. The requested media type is not supported. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 406 message: Not Acceptable description: The requested media type is not supported moreInfo: "" error: [] NotFound: description: Not Found. The specified resource does not exist. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 404 message: Not Found description: The specified resource does not exist moreInfo: "" error: [] PreconditionFailed: description: Precondition Failed. The request has not been performed because one of the preconditions is not met. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 412 message: Precondition Failed description: The request has not been performed because one of the preconditions is not met moreInfo: "" error: [] Unauthorized: description: Unauthorized. The user is not authorized. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 401 message: Unauthorized description: The user is not authorized moreInfo: "" error: [] UnsupportedMediaType: description: Unsupported Media Type. The entity of the request was not in a supported format. content: application/json: schema: $ref: '#/components/schemas/Error' example: code: 415 message: Unsupported media type description: The entity of the request was not in a supported format moreInfo: "" error: [] parameters: parentCommentID: name: replyTo in: query description: | ID of the perent comment. schema: type: string requestedTenant: name: X-WSO2-Tenant in: header description: | For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be retrieved from. schema: type: string includeCommenterInfo: name: includeCommenterInfo in: query description: | Whether we need to display commentor details. schema: type: boolean default : false apiId: name: apiId in: path description: | **API ID** consisting of the **UUID** of the API. required: true schema: type: string apiProductId: name: apiProductId in: path description: | **API Product ID** consisting of the **UUID** of the API Product. required: true schema: type: string x-encoded: true x-encoded: true apiId-Q: name: apiId in: query description: | **API ID** consisting of the **UUID** of the API. schema: type: string apiType-Q: name: apiType in: query description: | **API TYPE** Identifies the type API(API or API_PRODUCT). schema: type: string language: name: language in: query description: | Programming language to generate SDK. required: true schema: type: string documentId: name: documentId in: path description: | Document Identifier required: true schema: type: string applicationId: name: applicationId in: path description: | Application Identifier consisting of the UUID of the Application. required: true schema: type: string keyMappingId: name: keyMappingId in: path description: | OAuth Key Identifier consisting of the UUID of the Oauth Key Mapping. required: true schema: type: string filterByUserRoles: name: filterByUserRoles in: query description: | Filter user by roles. schema: type: boolean applicationId-Q: name: applicationId in: query description: | **Application Identifier** consisting of the UUID of the Application. schema: type: string groupId: name: groupId in: query description: | Application Group Id schema: type: string subscriptionId: name: subscriptionId in: path description: | Subscription Id required: true schema: type: string policyId: name: policyId in: path description: | The name of the policy required: true schema: type: string commentId: name: commentId in: path description: | Comment Id required: true schema: type: string ratingId: name: ratingId in: path description: | Rating Id required: true schema: type: string policyLevel: name: policyLevel in: path description: | List Application or Subscription type thro. required: true schema: type: string enum: - application - subscription environmentName: name: environmentName in: query description: | Name of the API gateway environment. schema: type: string limit: name: limit in: query description: | Maximum size of resource array to return. schema: type: integer default: 25 offset: name: offset in: query description: | Starting point within the complete list of items qualified. schema: type: integer default: 0 replyLimit: name: replyLimit in: query description: | Maximum size of replies array to return. schema: type: integer default: 25 replyOffset: name: replyOffset in: query description: | Starting point within the complete list of replies. schema: type: integer default: 0 keyType: name: keyType in: path description: | **Application Key Type** standing for the type of the keys (i.e. Production or Sandbox). required: true schema: type: string enum: - PRODUCTION - SANDBOX If-None-Match: name: If-None-Match in: header description: | Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resourec. schema: type: string If-Match: name: If-Match in: header description: | Validator for conditional requests; based on ETag. schema: type: string alertType: name: alertType in: path description: | The alert type. required: true schema: type: string configurationId: name: configurationId in: path description: | The alert configuration id. Base64 encoded value of 'apiName#apiVersion#applicationName'. required: true schema: type: string securitySchemes: OAuth2Security: type: oauth2 flows: password: tokenUrl: https://localhost:9443/oauth2/token scopes: openid: Authorize access to user details apim:subscribe: Subscribe API apim:api_key: Generate API Keys apim:app_manage: Retrieve, Manage applications apim:sub_manage: Retrieve, Manage subscriptions apim:store_settings: Retrieve Developer Portal settings apim:sub_alert_manage: Retrieve, subscribe and configure Developer Portal alert types apim:app_import_export: Import and export applications related operations apim:admin: Manage all admin operations