From 055e0deb7a6d6d3f40c82d179c26a9f25a2af6f8 Mon Sep 17 00:00:00 2001 From: Chanaka Jayasena Date: Tue, 28 Mar 2023 09:59:19 +0530 Subject: [PATCH] adding yaml files to avoid conflicts with main branch --- en/docs/catalogs/admin-api.yaml | 4848 ++++++++++++++++++++++ en/docs/catalogs/backoffice-api.yaml | 3683 +++++++++++++++++ en/docs/catalogs/devportal-api.yaml | 5744 ++++++++++++++++++++++++++ en/docs/catalogs/runtime-api.yaml | 1988 +++++++++ 4 files changed, 16263 insertions(+) create mode 100644 en/docs/catalogs/admin-api.yaml create mode 100644 en/docs/catalogs/backoffice-api.yaml create mode 100644 en/docs/catalogs/devportal-api.yaml create mode 100644 en/docs/catalogs/runtime-api.yaml diff --git a/en/docs/catalogs/admin-api.yaml b/en/docs/catalogs/admin-api.yaml new file mode 100644 index 000000000..f5ee5471c --- /dev/null +++ b/en/docs/catalogs/admin-api.yaml @@ -0,0 +1,4848 @@ +# Copyright (c) 2022, WSO2 LLC. (http://www.wso2.com). +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################################ +openapi: 3.0.1 +info: + title: WSO2 API Platform for Kubernetes (APK) - Admin + description: | + This document specifies a **RESTful API** for WSO2 **API Platform for Kubernetes (APK)** - **Admin Portal**. + Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. + + # Authentication + The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking + the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps + that you will need to follow to obtain an access token. + First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types + in the payload. A sample payload is shown below. + ``` + { + "callbackUrl":"www.example.com", + "clientName":"rest_api_admin", + "owner":"admin", + "grantType":"client_credentials password refresh_token", + "saasApp":true + } + ``` + Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the + base64 encoded admin username and password. + **Format of the request** + ``` + curl -X POST -H "Authorization: Basic Base64(admin_username:admin_password)" -H "Content-Type: application/json" + \ -d @payload.json https://:/client-registration/v0.17/register + ``` + **Sample request** + ``` + curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" + \ -d @payload.json https://localhost:9443/client-registration/v0.17/register + ``` + Following is a sample response after invoking the above curl. + ``` + { + "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", + "clientName": "rest_api_admin", + "callBackURL": "www.example.com", + "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", + "isSaasApplication": true, + "appOwner": "admin", + "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.example.com\",\"client_name\":\"rest_api_admin\"}", + "jsonAppAttribute": "{}", + "tokenType": null + } + ``` + Next you must use the above client id and secret to obtain the access token. + We will be using the password grant type for this, you can use any grant type you desire. + You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section + of this document and scope for each resource is given in **authorizations** section of resource documentation. + Following is the format of the request if you are using the password grant type. + ``` + curl -k -d "grant_type=password&username=&password=&scope=" + \ -H "Authorization: Basic base64(client_id:client_secret)" + \ https://:/oauth2/token + ``` + **Sample request** + ``` + curl https://localhost:9443/oauth2/token -k \ + -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ + -d "grant_type=password&username=admin&password=admin&scope=apk:admin apk:tier_view" + ``` + Shown below is a sample response to the above request. + ``` + { + "access_token": "e79bda48-3406-3178-acce-f6e4dbdcbb12", + "refresh_token": "a757795d-e69f-38b8-bd85-9aded677a97c", + "scope": "apk:admin apk:tier_view", + "token_type": "Bearer", + "expires_in": 3600 + } + ``` + Now you have a valid access token, which you can use to invoke an API. + Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. + If you use a different authentication mechanism, this process may change. + + # Try out in Postman + If you want to try-out the embedded postman collection with "Run in Postman" option, please follow the guidelines listed below. + * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. + * Make sure you have an API Platform for Kubernetes (APK) instance up and running. + * Update the `basepath` parameter to match the hostname and port of the APK instance. + + [![Run in Postman](https://run.pstmn.io/button.svg)](https://god.gw.postman.com/run-collection/17491134-b263aa69-7494-4fc5-90fa-daa2f63880ae) + contact: + name: WSO2 + url: https://wso2.com/api-manager/ + email: architecture@wso2.com + license: + name: Apache 2.0 + url: http://www.apache.org/licenses/LICENSE-2.0.html + version: v1 +servers: + - url: https://apis.wso2.com/api/am/admin/v1 +paths: + ###################################################### + # The "Content Search Results" Throttling Policies + ###################################################### + /policies/search: + get: + tags: + - Unified Search + summary: | + Retrieve/Search Policies + description: | + This operation provides you a list of available Policies qualifying the given keyword match. + parameters: + - name: query + in: query + description: | + **Search**. + You can search by providing a keyword. Allowed to search by type and name only. + schema: + type: string + responses: + 200: + description: | + OK. + List of qualifying Policies is returned. + headers: + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyDetailsList' + security: + - OAuth2Security: + - apk:admin + - apk:tier_view + - apk:policies_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/search?query=type:sub"' + operationId: policySearch + + ###################################################### + # The "Application Rate Plans Collection" resource API + ###################################################### + /application-rate-plans: + get: + tags: + - Application Rate Plan (Collection) + summary: Get all Application Rate Plans + description: | + Retrieves all existing application rate plans. + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Policies returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRatePlanList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:tier_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/application-rate-plans"' + operationId: getApplicationRatePlans + + post: + tags: + - Application Rate Plan (Collection) + summary: Add an Application Rate Plan + description: | + This operation can be used to add a new application level rate plan. + parameters: + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Application level policy object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRatePlan' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + Location of the newly created Policy object. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRatePlan' + example: + policyId: e0fd4a15-969e-4056-94c8-8a7b56f8103f + policyName: 20PerMin + displayName: 20PerMin + description: Allows 20 request per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 20 + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/application-rate-plans"' + operationId: addApplicationRatePlan + + ###################################################### + # The "Individual Application Rate Plan" resource API + ###################################################### + /application-rate-plans/{planId}: + get: + tags: + - Application Rate Plan (Individual) + summary: Get an Application Rate Plan + description: | + Retrieves an application rate plan. + parameters: + - $ref: '#/components/parameters/planId' + responses: + 200: + description: | + OK. + Plan returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRatePlan' + example: + policyId: e0fd4a15-969e-4056-94c8-8a7b56f8103f + policyName: 20PerMin + displayName: 20PerMin + description: Allows 20 request per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 20 + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:tier_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/application-rate-plans/4e098fff-7f94-459a-981f-d257332f69d0"' + operationId: getApplicationRatePlanById + + put: + tags: + - Application Rate Plan (Individual) + summary: Update an Application Rate Plan + description: | + Updates an existing application level rate plan. Upon a successful update, you will receive the updated application plan as the response. + parameters: + - $ref: '#/components/parameters/planId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Policy object that needs to be modified + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRatePlan' + required: true + responses: + 200: + description: | + OK. + Plan updated. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRatePlan' + example: + policyId: e0fd4a15-969e-4056-94c8-8a7b56f8103f + policyName: 20PerMin + displayName: 20PerMin + description: Allows 20 request per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 20 + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/application-rate-plans/4e098fff-7f94-459a-981f-d257332f69d0"' + operationId: updateApplicationRatePlan + + delete: + tags: + - Application Rate Plan (Individual) + summary: Delete an Application Rate Plan + description: | + Deletes an application level rate plan. + parameters: + - $ref: '#/components/parameters/planId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + - apk:policies_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/application-rate-plans/4e098fff-7f94-459a-981f-d257332f69d0"' + operationId: removeApplicationRatePlan + + + ###################################################### + # The "Business Plans Collection" resource API + ###################################################### + /business-plans: + get: + tags: + - Business Plan (Collection) + summary: Get all Business Plans + description: | + This operation can be used to retrieve all Business Plans. + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Plans returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BusinessPlanList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:tier_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/business-plans"' + operationId: getAllBusinessPlans + + post: + tags: + - Business Plan (Collection) + summary: Add a Business Plan + description: | + This operation can be used to add a Business Plan specifying the details of the plan in the payload. + parameters: + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Business Plan object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/BusinessPlan' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + Location of the newly created Plan object. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BusinessPlan' + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/business-plans"' + operationId: addBusinessPlan + + ###################################################### + # The "Individual Business Plan" resource API + ###################################################### + /business-plans/{planId}: + get: + tags: + - Business Plan (Individual) + summary: Get a Business Plan + description: | + This operation can be used to retrieves Business Plan by specifying the Id of the plan as a path parameter + parameters: + - $ref: '#/components/parameters/planId' + responses: + 200: + description: | + OK. + Plan returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BusinessPlan' + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:tier_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/business-plans/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + operationId: getBusinessPlanById + + put: + tags: + - Business Plan (Individual) + summary: Update a Business Plan + description: | + Updates an existing Business Plan. + parameters: + - $ref: '#/components/parameters/planId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Plan object that needs to be modified + content: + application/json: + schema: + $ref: '#/components/schemas/BusinessPlan' + required: true + responses: + 200: + description: | + OK. + Plan updated. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BusinessPlan' + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/business-plans/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + operationId: updateBusinessPlan + + delete: + tags: + - Business Plan (Individual) + summary: Delete a Business Plan + description: | + This operation can be used to delete a business plan by specifying the Id of the plan as a path parameter. + parameters: + - $ref: '#/components/parameters/planId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + - apk:policies_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/business-plans/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + operationId: removeBusinessPlan + + ###################################################### + # The "Advanced Throttling Policy Collection" resource API + ###################################################### + /throttling/policies/advanced: + get: + tags: + - Advanced Policy (Collection) + summary: Get all Advanced Throttling Policies + description: | + Retrieves all existing advanced throttling policies. + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Policies returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicyList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:tier_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced"' + operationId: getAllAdvancedPolicy + + post: + tags: + - Advanced Policy (Collection) + summary: Add an Advanced Throttling Policy + description: | + Add a new advanced throttling policy. + parameters: + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Advanced level policy object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + Location of the newly created Advanced Throttling Policy. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + example: + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced"' + operationId: addAdvancedPolicy + + ###################################################### + # The "Individual Advanced Throttling Policy" resource API + ###################################################### + /throttling/policies/advanced/{policyId}: + get: + tags: + - Advanced Policy (Individual) + summary: Get an Advanced Throttling Policy + description: | + Retrieves an advanced throttling policy. + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Policy returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + example: + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:tier_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + operationId: getAdvancedPolicyById + + put: + tags: + - Advanced Policy (Individual) + summary: Update an Advanced Throttling Policy + description: | + Updates an existing Advanced throttling policy. + parameters: + - $ref: '#/components/parameters/policyId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Policy object that needs to be modified + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + required: true + responses: + 200: + description: | + OK. + Policy updated. + headers: + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/AdvancedThrottlePolicy' + example: + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute + isDeployed: true + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + operationId: updateAdvancedPolicy + + delete: + tags: + - Advanced Policy (Individual) + summary: Delete an Advanced Throttling Policy + description: | + Deletes an advanced throttling policy. + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + - apk:policies_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + operationId: removeAdvancedPolicy + + ###################################################### + # "Export Throttling Policy" resource API + ###################################################### + /throttling/policies/export: + get: + tags: + - Import Export + summary: Export a Throttling Policy + description: | + This operation can be used to export the details of a particular Throttling Policy. + parameters: + - name: policyId + in: query + description: UUID of the ThrottlingPolicy + schema: + type: string + - name: name + in: query + description: | + Throttling Policy Name + schema: + type: string + - name: type + in: query + description: | + Type of the Throttling Policy + schema: + type: string + enum: + - sub + - app + - api + - global + - name: format + in: query + description: | + Format of output documents. Can be YAML or JSON. + schema: + type: string + enum: + - JSON + - YAML + responses: + 200: + description: | + OK. + Export Successful. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ExportPolicy' + example: + type: rate-limiting policy + subtype: application + version: v4.1.0 + data: + policyId: cd828243-a0db-430c-97e9-9e41fd865d48 + policyName: 50PerMin + displayName: 50PerMin + description: Allows 50 request per minute + isDeployed: true + type: ApplicationThrottlePolicy + defaultLimit: + type: BANDWIDTHLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 50 + bandwidth: + timeUnit: min + unitTime: 5 + dataAmount: 100 + dataUnit: MB + eventCount: + timeUnit: min + unitTime: 5 + eventCount: 16 + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + - apk:policies_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/export?policyId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=Bronze&type=subscription&format=YAML"' + operationId: exportThrottlingPolicy + #################################################################### + # Import Throttling Policy + #################################################################### + /throttling/policies/import: + post: + tags: + - Import Export + summary: Import a Throttling Policy + description: | + This operation can be used to import a Throttling Policy. + parameters: + - name: overwrite + in: query + description: | + Update an existing throttling policy with the same name. + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: Json File + format: binary + required: true + responses: + 200: + description: | + Created. + Throttling Policy Imported Successfully. + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + - apk:tier_manage + - apk:policies_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/policies/import?overwrite=True"' + operationId: importThrottlingPolicy + ###################################################### + # The "Deny Policy Collection" resource API + ###################################################### + /deny-policies: + get: + tags: + - Deny Policies (Collection) + summary: Get all Deny Policies + description: | + Retrieves all existing deny policies. + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Deny Policies returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingConditionList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:bl_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/deny-policies"' + operationId: getAllDenyPolicies + + post: + tags: + - Deny Policies (Collection) + summary: Add a deny policy + description: | + Adds a new deny policy + parameters: + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Blocking condition object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + Location of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apk:admin + - apk:bl_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/deny-policies"' + operationId: addDenyPolicy + + ###################################################### + # The "Individual Deny Policy" resource API + ###################################################### + /deny-policies/{policyId}: + get: + tags: + - Deny Policy (Individual) + summary: Get a Deny Policy + description: | + Retrieves a Deny policy providing the policy Id + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Condition returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:bl_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + operationId: getDenyPolicyById + + delete: + tags: + - Deny Policy (Individual) + summary: Delete a Deny Policy + description: | + Deletes an existing deny policy + parameters: + - $ref: '#/components/parameters/policyId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:bl_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + operationId: removeDenyPolicy + + patch: + tags: + - Deny Policy (Individual) + summary: Update a Deny Policy + description: | + Update a deny policy by Id + parameters: + - $ref: '#/components/parameters/policyId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Blocking condition with updated status + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingConditionStatus' + required: true + responses: + 200: + description: | + OK. + Resource successfully updated. + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:bl_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PATCH -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + operationId: updateDenyPolicy + + ###################################################### + # The "Application Collection" resource APIs + ###################################################### + /applications: + get: + tags: + - Application (Collection) + summary: | + Retrieve/Search Applications + description: | + This operation can be used to retrieve list of applications owned by the given user, If no user + is provided, the applications owned by the user associated with the provided access token will be returned. + parameters: + - $ref: '#/components/parameters/user' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/Accept' + - name: name + in: query + description: | + Application Name + schema: + type: string + - name: tenantDomain + in: query + description: | + Tenant domain of the applications to get. This has to be specified only if it is required to get applications of + a tenant other than the requester's tenant. So, if not specified, the default will be set as the + requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin + users **only at a migration process**. + schema: + type: string + - name: sortBy + in: query + schema: + type: string + enum: + - name + - owner + default: name + - name: sortOrder + in: query + schema: + type: string + enum: + - asc + - desc + default: asc + responses: + 200: + description: | + OK. + Application list returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationList' + 400: + $ref: '#/components/responses/BadRequest' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:app_owner_change + - apk:app_import_export + - apk:admin_application_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/applications"' + operationId: getApplicationsByUser + + ###################################################### + # The "Individual Application" resource APIs + ###################################################### + /applications/{applicationId}: + get: + tags: + - Applications + summary: | + Get the details of an Application + description: | + This operation can be used to get the details of an application by specifying its id. + parameters: + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Application details returned. + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:app_import_export + - apk:admin_application_view + x-code-samples: + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + operationId: getApplicationById + + delete: + tags: + - Applications + summary: | + Delete an Application + description: | + This operation can be used to delete an application by specifying its id. + parameters: + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the existing Application. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:app_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + operationId: removeApplication + + /applications/{applicationId}/change-owner: + post: + tags: + - Application + summary: Change Application Owner + description: | + This operation is used to change the owner of an Application. + In order to change the owner of an application, we need to pass the new application owner as a query parameter + parameters: + - name: owner + in: query + required: true + schema: + type: string + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Application owner changed successfully. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:app_owner_change + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b/change-owner?owner=admin"' + operationId: changeApplicationOwner + + ###################################################### + # The "Environment" resource API + ###################################################### + /environments: + get: + tags: + - Environments + summary: Get all registered Environments + description: | + Get all Registered Environments + responses: + 200: + description: | + OK. + Environments returned + content: + application/json: + schema: + $ref: '#/components/schemas/EnvironmentList' + security: + - OAuth2Security: + - apk:admin + - apk:environment_read + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/environments"' + operationId: getEnvironments + + post: + tags: + - Environments + summary: Add an Environment + description: | + Add a new gateway environment + requestBody: + description: | + Environment object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created environment as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apk:admin + - apk:environment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/environments"' + operationId: addEnvironment + + ###################################################### + # The "Individual Environment" resource APIs + ###################################################### + /environments/{environmentId}: + put: + tags: + - Environments + summary: Update an Environment + description: | + Update a gateway Environment by environment Id + parameters: + - $ref: '#/components/parameters/environmentId' + requestBody: + description: | + Environment object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + required: true + responses: + 200: + description: | + OK. + Environment updated. + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:environment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' + operationId: updateEnvironment + + delete: + tags: + - Environments + summary: Delete an Environment + description: | + Delete a Environment by Environment Id + parameters: + - $ref: '#/components/parameters/environmentId' + responses: + 200: + description: | + OK. + Environment successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:environment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' + operationId: removeEnvironment + + ###################################################### + # The Bot Detection Data API resources + ###################################################### + /bot-detection-data: + get: + tags: + - Bot Detection Data + summary: | + Get all Bot Detected Data + description: | + Get all bot detected data + operationId: getBotDetectionData + responses: + 200: + description: | + OK. + Bot detected data returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BotDetectionDataList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:bot_data + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/bot-detection-data"' + + ###################################################### + # The "Monetization" resource APIs + ###################################################### + /monetization/publish-usage: + post: + tags: + - Monetization (Collection) + summary: Publish Usage Records + description: | + Publish usage records of monetized APIs + responses: + 200: + description: Usage records successfully published. + content: + application/json: + schema: + $ref: '#/components/schemas/PublishStatus' + 202: + description: Request is sucessfully accepted for processing. + content: + application/json: + schema: + $ref: '#/components/schemas/PublishStatus' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + - apk:monetization_usage_publish + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/monetization/publish-usage"' + operationId: publishMonetizationRecords + + /monetization/publish-usage/status: + get: + tags: + - Monetization (Collection) + summary: Get the Status of Monetization Usage Publisher + description: | + Get the status of monetization usage publisher + responses: + 200: + description: | + OK. + Status returned + content: + application/json: + schema: + $ref: '#/components/schemas/MonetizationUsagePublishInfo' + security: + - OAuth2Security: + - apk:admin + - apk:monetization_usage_publish + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/monetization/publish-usage/status"' + operationId: getMonetizationUsagePublisherStatus + + ###################################################### + # The "Workflow Collection" resource APIs + ###################################################### + /workflows: + get: + tags: + - Workflow (Collection) + summary: | + Retrieve All Pending Workflow Processes + description: | + This operation can be used to retrieve list of workflow pending processes. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/Accept' + - name: workflowType + in: query + description: | + We need to show the values of each workflow process separately .for that we use workflow type. + Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX. + schema: + type: string + enum: + - AM_APPLICATION_CREATION + - AM_SUBSCRIPTION_CREATION + - AM_USER_SIGNUP + - AM_APPLICATION_REGISTRATION_PRODUCTION + - AM_APPLICATION_REGISTRATION_SANDBOX + - AM_SUBSCRIPTION_DELETION + - AM_APPLICATION_DELETION + - AM_API_STATE + - AM_API_PRODUCT_STATE + responses: + 200: + description: | + OK. + Workflow pending process list returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowList' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:api_workflow_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/workflows"' + operationId: getAllPendingWorkflows + + /workflows/{externalWorkflowRef}: + get: + tags: + - Workflows (Individual) + summary: | + Get Pending Workflow Details by External Workflow Reference + description: | + Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrieve it. + parameters: + - name: externalWorkflowRef + in: path + description: | + from the external workflow reference we decide what is the the pending request that the are requesting. + required: true + schema: + type: string + responses: + 200: + description: | + OK. + Requested Workflow Pending is returned + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowInfo' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:api_workflow_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/workflows/c43a325c-260b-4302-81cb-768eafaa3aed"' + operationId: getWorkflowByExternalRef + + /workflows/update-workflow-status: + post: + tags: + - Workflows (Individual) + summary: Update Workflow Status + description: | + This operation can be used to approve or reject a workflow task. + parameters: + - $ref: '#/components/parameters/workflowReferenceId-Q' + requestBody: + description: | + Workflow event that need to be updated + content: + application/json: + schema: + $ref: '#/components/schemas/Workflow' + required: true + responses: + 200: + description: | + OK. + Workflow request information is returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Workflow' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:api_workflow_approve + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/workflows/update-workflow-status?workflowReferenceId=56e3a170-a7a7-45f8-b051-7e43a58a67e1"' + operationId: updateWorkflowStatus + + ###################################################### + # The Tenant Info resource API + ###################################################### + /tenant-info/{username}: + get: + tags: + - Tenants + summary: | + Get Tenant Id of User + description: | + This operation is to get tenant id of the provided user + operationId: getTenantInfoByUsername + parameters: + - name: username + in: path + description: | + The state represents the current state of the tenant. Supported states are [ active, inactive] + required: true + schema: + type: string + default: john + responses: + 200: + description: | + OK. + Tenant id of the user retrieved. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TenantInfo' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:tenantInfo + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-info/john"' + + ###################################################### + # The Custom URL Info resource API + ###################################################### + /custom-urls/{tenantDomain}: + get: + tags: + - Tenants + summary: | + Get Custom URL Info of a Tenant Domain + description: | + This operation is to get custom-url information of the provided tenant-domain + operationId: getCustomUrlInfoByTenantDomain + parameters: + - name: tenantDomain + in: path + description: | + The tenant domain name. + required: true + schema: + type: string + responses: + 200: + description: | + OK. + Custom url info of the tenant is retrieved. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CustomUrlInfo' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:tenantInfo + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/custom-urls/wso2.com"' + + ###################################################### + # The "Category Collection" resource API + ###################################################### + /api-categories: + get: + tags: + - API Category (Collection) + summary: Get all API Categories + description: | + Get all API categories + responses: + 200: + description: | + OK. + Categories returned + content: + application/json: + schema: + $ref: '#/components/schemas/APICategoryList' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/api-categories"' + operationId: getAllCategories + + post: + tags: + - API Category (Individual) + summary: Add API Category + description: | + Add a new API category + requestBody: + description: | + API Category object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/APICategory' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/APICategory' + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/api-categories"' + operationId: addCategory + + ###################################################### + # The "Individual Category" resource APIs + ###################################################### + /api-categories/{apiCategoryId}: + put: + tags: + - API Category (Individual) + summary: Update an API Category + description: | + Update an API Category by category Id + parameters: + - $ref: '#/components/parameters/apiCategoryId' + requestBody: + description: | + API Category object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/APICategory' + required: true + responses: + 200: + description: | + OK. + Label updated. + content: + application/json: + schema: + $ref: '#/components/schemas/APICategory' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' + operationId: updateCategory + + delete: + tags: + - API Category (Individual) + summary: Delete an API Category + description: | + Delete an API Category by API Category Id + parameters: + - $ref: '#/components/parameters/apiCategoryId' + responses: + 200: + description: | + OK. + API Category successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' + operationId: removeCategory + + ###################################################### + # The Admin settings List + ###################################################### + /settings: + get: + tags: + - Settings + summary: Retrieve Admin Settings + description: | + Retrieve admin settings + responses: + 200: + description: | + OK. + Settings returned + content: + application/json: + schema: + $ref: '#/components/schemas/Settings' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:admin_settings + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/settings"' + operationId: getAdminSettings + + ###################################################### + # System scopes resource API + ###################################################### + /system-scopes/{scopeName}: + get: + tags: + - System Scopes + summary: Retrieve Scopes for a Particular User + description: | + This operation will return the scope list of particular user + In order to get it, we need to pass the userId as a query parameter + operationId: systemScopesScopeNameGet + parameters: + - name: username + in: query + schema: + type: string + - $ref: '#/components/parameters/scopeName' + responses: + 200: + description: | + OK. + Particular scope exists for the given user. + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeSettings' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/system-scopes/YXBpbTpzdWJzY3JpYmU?username=john"' + + /system-scopes: + get: + tags: + - System Scopes + summary: | + Get Role Scope Mappings + description: | + This operation is used to get the list of role scope mapping from tenant-conf for the APK admin dashboard + operationId: systemScopesGet + responses: + 200: + description: | + OK. + The list of role scope mappings are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeList' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:scope_manage + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/system-scopes"' + + put: + tags: + - System Scopes + summary: | + Update Roles For Scope + description: | + This operation is used to update the roles for all scopes + operationId: updateRolesForScope + requestBody: + description: | + Scope list object with updated scope to role mappings + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeList' + required: true + responses: + 200: + description: | + OK. + Successful response with the newly added roles. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeList' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + - apk:scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/system-scopes"' + + /system-scopes/role-aliases: + get: + tags: + - System Scopes + summary: Retrieve Role Alias Mappings + description: | + This operation can be used to retrieve role alias mapping + responses: + 200: + description: | + OK. + The list of role mappings are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/RoleAliasList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:scope_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/system-scopes/role-aliases"' + operationId: getRoleAliasMappings + + put: + tags: + - System Scopes + summary: Add a New Role Alias + description: | + This operation can be used to add a new role alias mapping for system scope roles + requestBody: + description: role-alias mapping + content: + application/json: + schema: + $ref: '#/components/schemas/RoleAliasList' + required: true + responses: + 200: + description: | + OK. + Role mapping alias returned + content: + application/json: + schema: + $ref: '#/components/schemas/RoleAliasList' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:scope_manage + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/system-scopes/role-aliases"' + operationId: addRoleAliasMapping + + ###################################################### + # Roles resource APIs + ###################################################### + /roles/{roleId}: + head: + tags: + - Roles + summary: Check Whether Given Role Name already Exist + description: | + Using this operation, user can check a given role name exists or not. + operationId: validateSystemRole + parameters: + - $ref: '#/components/parameters/roleId' + responses: + 200: + description: OK. Requested role name exists. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + - apk:role_manage + x-code-samples: + - lang: Curl + source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/roles/SW50ZXJuYWwvcHVibGlzaGVyCQ"' + + ###################################################### + # The Tenant Theme resource APIs + ###################################################### + /tenant-theme: + get: + tags: + - Tenant Theme + summary: Export a DevPortal Tenant Theme + description: | + This operation can be used to export a DevPortal tenant theme as a zip file. + operationId: exportTenantTheme + responses: + 200: + description: | + OK. + Tenant Theme Exported Successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/zip: + schema: + type: string + format: binary + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + - apk:tenant_theme_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-theme" > theme.zip' + + put: + tags: + - Tenant Theme + summary: Import a DevPortal Tenant Theme + description: | + This operation can be used to import a DevPortal tenant theme. + operationId: importTenantTheme + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: | + Zip archive consisting of tenant theme configuration + format: binary + required: true + responses: + 200: + description: | + Ok. + Tenant Theme Imported Successfully. + content: {} + 403: + $ref: '#/components/responses/Forbidden' + 413: + $ref: '#/components/responses/PayloadTooLarge' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + - apk:tenant_theme_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@theme.zip "https://127.0.0.1:9443/api/am/admin/v3/tenant-theme"' + + ###################################################### + # The Tenant config resource APIs + ###################################################### + /tenant-config: + get: + tags: + - Tenant Config + summary: Export a tenant-Config. + description: | + This operation can be used to export a tenant-config.json used in deployment. + operationId: exportTenantConfig + responses: + 200: + description: | + OK. + Tenant config Exported Successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-config" > tenant-config.json' + put: + tags: + - Tenant Config + summary: Update a tenant-config. + description: | + This operation can be used to update tenant-config. + operationId: updateTenantConfig + requestBody: + description: tenant-config + content: + application/json: + schema: + type: string + required: true + responses: + 200: + description: | + OK. + Role mapping alias returned + content: + application/json: + schema: + type: string + 403: + $ref: '#/components/responses/Forbidden' + 413: + $ref: '#/components/responses/PayloadTooLarge' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-config"' + + ###################################################### + # The Tenant config schema resource APIs + ###################################################### + /tenant-config-schema: + get: + tags: + - Tenant Config Schema + summary: Export a tenant-Config-Schema. + description: | + This operation can be used to export a tenant-config-schema.json used in deployment. + operationId: exportTenantConfigSchema + responses: + 200: + description: | + OK. + Tenant config schema exported successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: string + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/tenant-config-schema" > tenant-config-schema.json' + + ###################################################### + # The "Key Manager Collection" resource API + ###################################################### + /key-managers: + get: + tags: + - Key Manager (Collection) + summary: Get all Key managers + description: | + Get all Key managers + responses: + 200: + description: | + OK. + KeyManagers returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerList' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/key-managers"' + operationId: getAllKeyManagers + + post: + tags: + - Key Manager (Collection) + summary: Add a new API Key Manager + description: | + Add a new API Key Manager + requestBody: + description: | + Key Manager object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/key-managers"' + operationId: addNewKeyManager + + ###################################################### + # The "Individual KeyManager" resource APIs + ###################################################### + /key-managers/{keyManagerId}: + get: + tags: + - Key Manager (Individual) + summary: Get a Key Manager Configuration + description: | + Retrieve a single Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. + parameters: + - $ref: '#/components/parameters/keyManagerId' + responses: + 200: + description: | + OK. + KeyManager Configuration returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + operationId: getKeyManagerConfiguration + + put: + tags: + - Key Manager (Individual) + summary: Update a Key Manager + description: | + Update a Key Manager by keyManager ID + parameters: + - $ref: '#/components/parameters/keyManagerId' + requestBody: + description: | + Key Manager object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + required: true + responses: + 200: + description: | + OK. + Label updated. + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + operationId: updateKeyManager + + delete: + tags: + - Key Manager (Individual) + summary: Delete a Key Manager + description: | + Delete a Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' + responses: + 200: + description: | + OK. + Key Manager successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + operationId: removeKeyManager + + /key-managers/discover: + post: + tags: + - Key Manager (Collection) + summary: Retrieve Well-known information from Key Manager Well-known Endpoint + description: | + Retrieve well-known information from key manager's well-known endpoint + requestBody: + content: + multipart/form-data: + schema: + properties: + url: + type: string + description: Well-Known Endpoint + type: + type: string + description: | + Key Manager Type + default: "false" + responses: + 200: + description: | + OK. + KeyManagers returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerWellKnownResponse' + security: + - OAuth2Security: + - apk:admin + - apk:admin_operations + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F "type=WSO2-IS" "https://127.0.0.1:9443/api/am/admin/v3/key-managers/discover"' + operationId: getWellKnownInfoKeyManager + +###################################################### + # The "Organization" resource API +###################################################### + /organizations: + get: + tags: + - Organization (Collection) + summary: Get all Organization + description: | + Get all Organization + responses: + 200: + description: | + OK. + Organization returned + content: + application/json: + schema: + $ref: '#/components/schemas/OrganizationList' + security: + - OAuth2Security: + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/organizations"' + operationId: getAllOrganization + + post: + tags: + - Organization (Individual) + summary: Add Organization + description: | + Add a new Organization + requestBody: + description: | + Organization object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/organizations"' + operationId: addOrganization + /organizations/{organizationId}: + get: + tags: + - Organization (Individual) + summary: | + Get the details of an Organization + description: | + This operation can be used to get the details of an Organization by specifying its id. + parameters: + - $ref: '#/components/parameters/organizationId' + responses: + 200: + description: | + OK. + Application details returned. + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/organizations/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + operationId: getOrganizationById + put: + tags: + - Organization (Individual) + summary: Update an Organization + description: | + Update an Organization by organization Id + parameters: + - $ref: '#/components/parameters/organizationId' + requestBody: + description: | + Organization object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + required: true + responses: + 200: + description: | + OK. + Label updated. + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' + operationId: updateOrganization + delete: + tags: + - Organization (Individual) + summary: Delete an Organization + description: | + Delete an Organization by API Organization Id + parameters: + - $ref: '#/components/parameters/organizationId' + responses: + 200: + description: | + OK. + Organization successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' + operationId: removeOrganization + /organization-info: + get: + tags: + - Organization (Individual) + summary: | + Authenticate Organization info + description: | + This operation can be used to authenticate Organization by specifying its claimValue. + responses: + 200: + description: | + OK. + Application details returned. + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/organization-info/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + operationId: getOrganizationByClaimValue + +components: + schemas: + Error: + title: Error object returned with 4XX HTTP status + required: + - code + - message + type: object + properties: + code: + type: integer + description: Error code + format: int64 + message: + type: string + description: Error message. + description: + type: string + description: | + A detail description about the error message. + moreInfo: + type: string + description: | + Preferably an url with more details about the error. + error: + type: array + description: | + If there are more than one error list them out. + For example, list out validation errors by each field. + items: + $ref: '#/components/schemas/ErrorListItem' + ErrorListItem: + title: Description of individual errors that may have occurred during a request. + required: + - code + - message + type: object + properties: + code: + type: string + description: Error code + message: + type: string + description: | + Description about individual errors occurred + PolicyList: + title: Policy List + type: object + properties: + count: + type: integer + description: | + Number of Policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Policy' + pagination: + $ref: '#/components/schemas/Pagination' + PolicyDetailsList: + title: Policy List + type: object + properties: + count: + type: integer + description: | + Number of Throttling Policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/PolicyDetails' + PolicyDetails: + title: Generic Policy + required: + - policyName + type: object + properties: + policyId: + type: integer + description: Id of policy + readOnly: true + example: 3 + uuid: + type: string + description: UUId of policy + readOnly: true + example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 + policyName: + maxLength: 60 + minLength: 1 + type: string + description: Name of policy + example: 30PerMin + displayName: + type: string + description: Display name of the policy + example: 30PerMin + maxLength: 512 + description: + maxLength: 1024 + type: string + description: Description of the policy + example: Allows 30 request per minute + isDeployed: + type: boolean + description: Indicates whether the policy is deployed successfully or not. + default: false + type: + type: string + description: Indicates the type of throttle policy + Policy: + title: Generic Throttling Policy + required: + - planName + type: object + properties: + planId: + type: string + description: Id of plan + readOnly: true + example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 + planName: + maxLength: 60 + minLength: 1 + type: string + description: Name of plan + example: 30PerMin + displayName: + type: string + description: Display name of the policy + example: 30PerMin + maxLength: 512 + description: + maxLength: 1024 + type: string + description: Description of the policy + example: Allows 30 request per minute + isDeployed: + type: boolean + description: Indicates whether the policy is deployed successfully or not. + default: false + type: + type: string + description: Indicates the type of throttle policy + discriminator: + propertyName: type + ExportPolicy: + title: Export Policy + type : object + properties: + type: + type: string + subtype: + type: string + version: + type: string + data: + type: object + AdvancedThrottlePolicyInfo: + title: Advanced Throttling Policy + allOf: + - $ref: '#/components/schemas/Policy' + - type: object + properties: + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + AdvancedThrottlePolicy: + title: Advanced Throttling Policy + allOf: + - $ref: '#/components/schemas/Policy' + - required: + - defaultLimit + type: object + properties: + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + conditionalGroups: + type: array + description: | + Group of conditions which allow adding different parameter conditions to the throttling limit. + items: + $ref: '#/components/schemas/ConditionalGroup' + AdvancedThrottlePolicyList: + title: Advanced Throttling Policy List + type: object + properties: + count: + type: integer + description: | + Number of Advanced Throttling Policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/AdvancedThrottlePolicyInfo' + ApplicationRatePlan: + title: Application Throttling Policy + allOf: + - $ref: '#/components/schemas/Policy' + - required: + - defaultLimit + type: object + properties: + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + ApplicationRatePlanList: + title: Application level Rate Plan List + type: object + properties: + count: + type: integer + description: | + Number of Application Rate Plans returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationRatePlan' + BusinessPlan: + title: Business Plan + allOf: + - $ref: '#/components/schemas/Policy' + - $ref: '#/components/schemas/GraphQLQuery' + - required: + - defaultLimit + type: object + properties: + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + rateLimitCount: + type: integer + description: Burst control request count + example: 10 + rateLimitTimeUnit: + type: string + description: Burst control time unit + example: min + subscriberCount: + type: integer + description: Number of subscriptions allowed + example: 10 + customAttributes: + type: array + description: | + Custom attributes added to the Subscription Throttling Policy + example: [] + items: + $ref: '#/components/schemas/CustomAttribute' + permissions: + $ref: '#/components/schemas/BusinessPlanPermission' + BusinessPlanPermission: + title: Business Plan Permission + required: + - permissionType + - roles + type: object + properties: + permissionType: + type: string + example: deny + enum: + - ALLOW + - DENY + roles: + type: array + example: + - Internal/everyone + items: + type: string + GraphQLQuery: + title: GraphQL Query + type: object + properties: + graphQLMaxComplexity: + type: integer + description: Maximum Complexity of the GraphQL query + example: 400 + graphQLMaxDepth: + type: integer + description: Maximum Depth of the GraphQL query + example: 10 + BusinessPlanList: + title: Business Plan List + type: object + properties: + count: + type: integer + description: | + Number of Business Plans returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/BusinessPlan' + ConditionalGroup: + title: Conditional Groups for Throttling + required: + - conditions + - limit + type: object + properties: + description: + type: string + description: Description of the Conditional Group + conditions: + type: array + description: | + Individual throttling conditions. They can be defined as either HeaderCondition, IPCondition, JWTClaimsCondition, QueryParameterCondition + Please see schemas of each of those throttling condition in Definitions section. + example: | + [ + { + "type": "HEADERCONDITION", + "invertCondition": false, + "headerCondition": + { + "headerName": "Host", + "headerValue": "10.100.7.77" + } + }, + { + "type": "IPCONDITION", + "invertCondition": false, + "ipCondition": + { + "ipConditionType": "IPSPECIFIC", + "specificIP": "10.100.1.22", + "startingIP": null, + "endingIP": null + } + }, + { + "type": "QUERYPARAMETERCONDITION", + "invertCondition": false, + "queryParameterCondition": + { + "parameterName": "name", + "parameterValue": "admin" + } + }, + { + "type": "JWTCLAIMSCONDITION", + "invertCondition": true, + "jwtClaimsCondition": + { + "claimUrl": "claimUrl0", + "attribute": "claimAttr0" + } + } + ] + items: + $ref: '#/components/schemas/ThrottleCondition' + limit: + $ref: '#/components/schemas/ThrottleLimit' + ThrottleCondition: + title: Throttling Conditions + required: + - type + type: object + properties: + type: + type: string + description: | + Type of the throttling condition. Allowed values are "HEADERCONDITION", "IPCONDITION", "JWTCLAIMSCONDITION" + and "QUERYPARAMETERCONDITION". + enum: + - HEADERCONDITION + - IPCONDITION + - JWTCLAIMSCONDITION + - QUERYPARAMETERCONDITION + invertCondition: + type: boolean + description: | + Specifies whether inversion of the condition to be matched against the request. + + **Note:** When you add conditional groups for advanced throttling policies, this parameter should have the + same value ('true' or 'false') for the same type of conditional group. + default: false + headerCondition: + $ref: '#/components/schemas/HeaderCondition' + ipCondition: + $ref: '#/components/schemas/IPCondition' + jwtClaimsCondition: + $ref: '#/components/schemas/JWTClaimsCondition' + queryParameterCondition: + $ref: '#/components/schemas/QueryParameterCondition' + description: Conditions used for Throttling + HeaderCondition: + title: HTTP Header based throttling condition + required: + - headerName + - headerValue + type: object + properties: + headerName: + type: string + description: Name of the header + headerValue: + type: string + description: Value of the header + IPCondition: + title: IP based throttling condition + type: object + properties: + ipConditionType: + type: string + description: Type of the IP condition. Allowed values are "IPRANGE" and + "IPSPECIFIC" + enum: + - IPRANGE + - IPSPECIFIC + specificIP: + type: string + description: Specific IP when "IPSPECIFIC" is used as the ipConditionType + startingIP: + type: string + description: Staring IP when "IPRANGE" is used as the ipConditionType + endingIP: + type: string + description: Ending IP when "IPRANGE" is used as the ipConditionType + JWTClaimsCondition: + title: JWT claim attribute based throttling condition + required: + - attribute + - claimUrl + type: object + properties: + claimUrl: + type: string + description: JWT claim URL + attribute: + type: string + description: Attribute to be matched + QueryParameterCondition: + title: Query parameter based throttling condition + required: + - parameterName + - parameterValue + type: object + properties: + parameterName: + type: string + description: Name of the query parameter + parameterValue: + type: string + description: Value of the query parameter to be matched + ThrottleLimitBase: + title: Throttle Limit Base + required: + - timeUnit + - unitTime + type: object + properties: + timeUnit: + type: string + description: Unit of the time. Allowed values are "sec", "min", "hour", + "day" + example: min + unitTime: + type: integer + description: Time limit that the throttling limit applies. + example: 10 + ThrottleLimit: + title: Throttle Limit + required: + - type + type: object + properties: + type: + type: string + description: | + Type of the throttling limit. Allowed values are "REQUESTCOUNTLIMIT" and "BANDWIDTHLIMIT". + Please see schemas of "RequestCountLimit" and "BandwidthLimit" throttling limit types in + Definitions section. + example: REQUESTCOUNTLIMIT + enum: + - REQUESTCOUNTLIMIT + - BANDWIDTHLIMIT + - EVENTCOUNTLIMIT + requestCount: + $ref: '#/components/schemas/RequestCountLimit' + bandwidth: + $ref: '#/components/schemas/BandwidthLimit' + eventCount: + $ref: '#/components/schemas/EventCountLimit' + MonetizationInfo: + title: API monetization details object + required: + - properties + type: object + properties: + monetizationPlan: + type: string + description: Flag to indicate the monetization plan + example: FixedRate + enum: + - FIXEDRATE + - DYNAMICRATE + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to each monetization plan + BandwidthLimit: + title: Bandwidth Limit object + allOf: + - $ref: '#/components/schemas/ThrottleLimitBase' + - required: + - dataAmount + - dataUnit + type: object + properties: + dataAmount: + type: integer + description: Amount of data allowed to be transferred + format: int64 + example: 1000 + dataUnit: + type: string + description: Unit of data allowed to be transferred. Allowed values are + "KB", "MB" and "GB" + example: KB + RequestCountLimit: + title: Request Count Limit object + allOf: + - $ref: '#/components/schemas/ThrottleLimitBase' + - required: + - requestCount + type: object + properties: + requestCount: + type: integer + description: Maximum number of requests allowed + format: int64 + example: 30 + EventCountLimit: + title: Event Count Limit object + allOf: + - $ref: '#/components/schemas/ThrottleLimitBase' + - required: + - eventCount + type: object + properties: + eventCount: + type: integer + description: Maximum number of events allowed + format: int64 + example: 3000 + BlockingCondition: + title: Blocking Conditions + required: + - conditionType + - conditionValue + type: object + properties: + policyId: + type: string + description: Id of the blocking condition + example: b513eb68-69e8-4c32-92cf-852c101363cf + conditionType: + type: string + description: Type of the blocking condition + example: IP + enum: + - API + - APPLICATION + - IP + - IPRANGE + - USER + conditionValue: + type: object + properties: {} + description: Value of the blocking condition + example: + fixedIp: 192.168.1.1 + invert: false + conditionStatus: + type: boolean + description: Status of the blocking condition + example: true + description: Blocking Conditions + BlockingConditionList: + title: Blocking Conditions List + type: object + properties: + count: + type: integer + description: | + Number of Blocking Conditions returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/BlockingCondition' + BlockingConditionStatus: + title: Blocking Conditions Status + required: + - conditionStatus + type: object + properties: + policyId: + type: string + description: Id of the blocking condition + example: b513eb68-69e8-4c32-92cf-852c101363cf + conditionStatus: + type: boolean + description: Status of the blocking condition + example: true + description: Blocking Conditions Status + CustomAttribute: + title: Name-Value pair + required: + - name + - value + type: object + properties: + name: + type: string + description: Name of the custom attribute + example: customAttr1 + value: + type: string + description: Value of the custom attribute + example: value1 + ApplicationList: + title: Application List + type: object + properties: + count: + type: integer + description: | + Number of applications returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationInfo' + pagination: + $ref: '#/components/schemas/Pagination' + ApplicationInfo: + title: Application info object with basic application details + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + owner: + type: string + example: admin + status: + type: string + example: APPROVED + groupId: + type: string + example: "" + Application: + title: Application object with all the application details + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + throttlingPolicy: + type: string + example: Unlimited + description: + type: string + example: Sample calculator application + tokenType: + type: string + enum: + - OAUTH + - JWT + description: | + Type of the access token generated for this application. + **OAUTH:** A UUID based access token which is issued by default. + **JWT:** A self-contained, signed JWT based access token. **Note:** This can be only used in Microgateway environments. + default: JWT + example: JWT + status: + type: string + example: APPROVED + default: "" + groups: + type: array + items: + type: string + example: "" + subscriptionCount: + type: integer + attributes: + type: object + additionalProperties: + type: string + example: External Reference ID, Billing Tier + subscriptionScopes: + type: array + items: + $ref: '#/components/schemas/ScopeInfo' + owner: + description: | + Application created user + type: string + example: admin + ScopeInfo: + title: API Scope info object with scope details + type: object + properties: + key: + type: string + example: admin_scope + name: + type: string + example: admin scope + roles: + type: array + items: + type: string + description: Allowed roles for the scope + example: ["manager","developer"] + description: + type: string + description: Description of the scope + Environment: + title: Environment + required: + - name + - vhosts + type: object + properties: + id: + type: string + readOnly: true + example: ece92bdc-e1e6-325c-b6f4-656208a041e9 + name: + maxLength: 255 + minLength: 1 + pattern: '^[a-zA-Z0-9_-]+$' + type: string + example: us-region + displayName: + maxLength: 255 + minLength: 1 + type: string + example: US Region + provider: + type: string + example: wso2 + description: + maxLength: 1023 + type: string + example: Gateway environment in US Region + isReadOnly: + type: boolean + readOnly: true + example: false + vhosts: + type: array + minItems: 1 + items: + $ref: '#/components/schemas/VHost' + endpointURIs: + type: array + items: + $ref: '#/components/schemas/GatewayEnvironmentProtocolURI' + additionalProperties: + type: array + items: + $ref: '#/components/schemas/AdditionalProperty' + EnvironmentList: + title: Environment List + type: object + properties: + count: + type: integer + description: | + Number of Environments returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Environment' + VHost: + title: Virtual Host + required: + - host + type: object + properties: + host: + maxLength: 255 + minLength: 1 + # hostname regex as per RFC 1123 (http://tools.ietf.org/html/rfc1123) and appended * + pattern: '^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$' + type: string + example: mg.wso2.com + httpContext: + maxLength: 255 + minLength: 0 + # TODO (renuka) check this regex: not allowed: (_ .) and allowed: (- /) + pattern: '^\/?([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])*$' + type: string + example: pets + httpPort: + type: integer + example: 80 + httpsPort: + type: integer + example: 443 + wsPort: + type: integer + example: 9099 + wssPort: + type: integer + example: 8099 + AdditionalProperty: + title: Additional Gateway Properties + type: object + properties: + key: + type: string + example: Organization + value: + type: string + example: wso2 + GatewayEnvironmentProtocolURI: + title: Gateway Environment protocols and URIs + required: + - protocol + - endpointURI + type: object + properties: + protocol: + type: string + example: default + endpointURI: + type: string + example: default + PublishStatus: + title: Usage publish status + type: object + properties: + status: + type: string + description: Status of the usage publish request + example: successful + message: + type: string + description: detailed message of the status + example: Records published successfully + MonetizationUsagePublishInfo: + title: Usage publish status + type: object + properties: + state: + type: string + description: State of usage publish job + example: RUNNING + status: + type: string + description: Status of usage publish job + example: SUCCESSFULL + startedTime: + type: string + description: Timestamp of the started time of the Job + example: "1599196134000" + lastPublsihedTime: + type: string + description: Timestamp of the last published time + example: "1599196134000" + Workflow: + title: workflow + required: + - status + type: object + properties: + status: + type: string + description: | + This attribute declares whether this workflow task is approved or rejected. + example: APPROVED + enum: + - APPROVED + - REJECTED + attributes: + type: object + additionalProperties: + type: string + description: | + Custom attributes to complete the workflow task + example: {} + description: + type: string + example: Approve workflow request. + TenantInfo: + title: Tenant information + type: object + properties: + username: + type: string + example: john + tenantDomain: + type: string + example: carbon.super + tenantId: + type: integer + example: -1234 + description: The tenant information of the user + CustomUrlInfo: + title: Custom url information + type: object + properties: + tenantDomain: + type: string + example: carbon.super + tenantAdminUsername: + type: string + example: john@foo.com + enabled: + type: boolean + example: true + devPortal: + type: object + properties: + url: + type: string + example: http://example.com + description: The custom url information of the tenant domain + Organization: + title: Organization + required: + - name + - displayName + - claimList + type: object + properties: + id: + type: string + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 255 + minLength: 1 + type: string + example: Finance + displayName: + maxLength: 255 + minLength: 1 + type: string + example: Finance + organizationClaimValue: + maxLength: 255 + minLength: 1 + type: string + example: 01234567-0123-0123-0123 + enabled: + type: boolean + default: true + serviceNamespaces: + type: array + items: + type: string + OrganizationList: + title: Organization List + type: object + properties: + count: + type: integer + description: | + Number of Organization returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Organization' + APICategory: + title: API Category + required: + - name + type: object + properties: + id: + type: string + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 255 + minLength: 1 + type: string + example: Finance + description: + maxLength: 1024 + type: string + example: Finance related APIs + numberOfAPIs: + type: integer + readOnly: true + example: 1 + APICategoryList: + title: API Category List + type: object + properties: + count: + type: integer + description: | + Number of API categories returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APICategory' + FileInfo: + title: File Information including meta data + type: object + properties: + relativePath: + type: string + description: relative location of the file (excluding the base context and + host of the Admin API) + example: api-categories/01234567-0123-0123-0123-012345678901/thumbnail + mediaType: + type: string + description: media-type of the file + example: image/jpeg + Settings: + title: Settings + type: object + properties: + scopes: + type: array + items: + type: string + keyManagerConfiguration: + type: array + items: + type: object + properties: + type: + type: string + example: default + displayName: + type: string + example: default + defaultConsumerKeyClaim: + type: string + example: azp + defaultScopesClaim: + type: string + example: scope + configurations: + type: array + items: + $ref: '#/components/schemas/KeyManagerConfiguration' + endpointConfigurations: + type: array + items: + $ref: '#/components/schemas/KeyManagerConfiguration' + analyticsEnabled: + type: boolean + description: To determine whether analytics is enabled or not + example: false + ScopeList: + title: Scope Role Mapping List + type: object + properties: + count: + type: integer + description: | + Number of scopes available for tenant. + readOnly: true + example: 60 + list: + type: array + items: + $ref: '#/components/schemas/Scope' + Scope: + title: Scope Role + type: object + properties: + tag: + type: string + description: | + Portal name. + example: publisher + name: + type: string + description: | + Scope name. + example: apk:api_publish + description: + type: string + description: | + About scope. + example: Publish API + roles: + type: array + description: | + Roles for the particular scope. + example: + - admin + - Internal/publisher + items: + type: string + KeyManagerWellKnownResponse: + title: Key Manager Well-Known Response. + type: object + properties: + valid: + type: boolean + example: true + default: false + value: + $ref: '#/components/schemas/KeyManager' + KeyManager: + title: Key Manager + required: + - name + - type + type: object + properties: + id: + type: string + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 100 + minLength: 1 + type: string + example: WSO2 Identity Server + displayName: + maxLength: 100 + type: string + description: | + display name of Key Manager to show in UI + example: WSO2 Identity Server + type: + maxLength: 45 + minLength: 1 + type: string + example: WSO2-IS + description: + maxLength: 256 + type: string + example: This is a key manager for Developers + wellKnownEndpoint: + type: string + description: | + Well-Known Endpoint of Identity Provider. + example: "" + introspectionEndpoint: + type: string + example: https://localhost:9444/oauth2/introspect + deprecated: true + clientRegistrationEndpoint: + type: string + example: https://localhost:9444/keymanager-operations/dcr/register + deprecated: true + tokenEndpoint: + type: string + example: https://localhost:9444/oauth2/token + deprecated: true + displayTokenEndpoint: + type: string + example: https://localhost:9444/oauth2/token + deprecated: true + revokeEndpoint: + type: string + example: https://localhost:9444/oauth2/revoke + deprecated: true + displayRevokeEndpoint: + type: string + example: https://localhost:9444/oauth2/revoke + deprecated: true + userInfoEndpoint: + type: string + example: https://localhost:9444/oauth2/userinfo?schema=openid + deprecated: true + authorizeEndpoint: + type: string + example: https://localhost:9444/oauth2/authorize + deprecated: true + endpoints: + type: array + items: + $ref: '#/components/schemas/KeyManagerEndpoint' + certificates: + type: object + properties: + type: + type: string + enum: + - JWKS + - PEM + value: + type: string + issuer: + type: string + example: https://localhost:9444/services + alias: + type: string + description: | + The alias of Identity Provider. + If the tokenType is EXCHANGED, the alias value should be inclusive in the audience values of the JWT token + example: https://localhost:9443/oauth2/token + scopeManagementEndpoint: + type: string + example: https://wso2is.com:9444/api/identity/oauth2/v1.0/scopes + deprecated: true + availableGrantTypes: + type: array + items: + type: string + example: client_credentials + enableTokenGeneration: + type: boolean + example: true + enableTokenEncryption: + type: boolean + example: false + default: false + enableTokenHashing: + type: boolean + example: false + default: false + enableMapOAuthConsumerApps: + type: boolean + example: false + default: false + enableOAuthAppCreation: + type: boolean + example: false + default: false + enableSelfValidationJWT: + type: boolean + example: true + default: true + claimMapping: + type: array + items: + $ref: '#/components/schemas/ClaimMappingEntry' + consumerKeyClaim: + type: string + example: azp + scopesClaim: + type: string + example: scp + tokenValidation: + type: array + items: + $ref: '#/components/schemas/TokenValidation' + enabled: + type: boolean + example: true + additionalProperties: + type: object + properties: {} + example: + self_validate_jwt: true + Username: admin + Password: admin + tokenType: + type: string + description: The type of the tokens to be used (exchanged or without exchanged). + Accepted values are EXCHANGED, DIRECT and BOTH. + example: EXCHANGED + default: DIRECT + enum: + - EXCHANGED + - DIRECT + - BOTH + + KeyManagerEndpoint: + title: Key Manager Endpoint. + required: + - name + - value + type: object + properties: + name: + type: string + example: 'token_endpoint' + value: + type: string + example: 'https://localhost:9443/oauth2/token' + KeyManagerInfo: + title: Key Manager Info + required: + - name + - type + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: WSO2 IS + type: + type: string + example: IS + description: + type: string + example: This is a key manager for Developers + enabled: + type: boolean + example: true + tokenType: + type: string + description: The type of the tokens to be used (exchanged or without exchanged). + Accepted values are EXCHANGED, DIRECT and BOTH. + example: EXCHANGED + default: DIRECT + enum: + - EXCHANGED + - DIRECT + - BOTH + KeyManagerConfiguration: + title: Key Manager Configuration + type: object + properties: + name: + type: string + example: consumer_key + label: + type: string + example: Consumer Key + type: + type: string + example: select + required: + type: boolean + example: true + mask: + type: boolean + example: true + multiple: + type: boolean + example: true + tooltip: + type: string + example: Enter username to connect to key manager + default: + type: object + properties: {} + example: admin + values: + type: array + items: + type: object + properties: {} + KeyManagerList: + title: Key Manager List + type: object + properties: + count: + type: integer + description: | + Number of Key managers returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/KeyManagerInfo' + ClaimMappingEntry: + title: Claim Mapping Configuration + type: object + properties: + remoteClaim: + type: string + example: http://idp.org/username + localClaim: + type: string + example: http://wso2.org/username + TokenValidation: + title: Token handling Configuration + type: object + properties: + id: + type: integer + enable: + type: boolean + example: false + default: true + type: + type: string + enum: + - REFERENCE + - JWT + - CUSTOM + value: + type: object + properties: {} + ScopeSettings: + title: Settings + type: object + properties: + name: + type: string + example: apk:subscribe + WorkflowList: + title: WorkflowList + type: object + properties: + count: + type: integer + description: | + Number of workflow processes returned. + example: 1 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + example: /workflows?limit=1&offset=2&user= + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + example: /workflows?limit=1&offset=0&user= + list: + type: array + items: + $ref: '#/components/schemas/WorkflowInfo' + WorkflowInfo: + title: Workflow info object with basic workflow details + type: object + properties: + workflowType: + type: string + description: | + Type of the Workflow Request. It shows which type of request is it. + example: APPLICATION_CREATION + enum: + - APPLICATION_CREATION + - SUBSCRIPTION_CREATION + - USER_SIGNUP + - APPLICATION_REGISTRATION_PRODUCTION + - APPLICATION_REGISTRATION_SANDBOX + - APPLICATION_DELETION + - API_STATE + - API_PRODUCT_STATE + - SUBSCRIPTION_DELETION + - SUBSCRIPTION_UPDATE + workflowStatus: + type: string + description: | + Show the Status of the the workflow request whether it is approved or created. + example: APPROVED + enum: + - APPROVED + - CREATED + createdTime: + type: string + description: | + Time of the the workflow request created. + example: 2020-02-10 10:10:19.704 + updatedTime: + type: string + description: | + Time of the the workflow request updated. + example: 2020-02-10 10:10:19.704 + referenceId: + type: string + description: | + Workflow external reference is used to identify the workflow requests uniquely. + example: 5871244b-d6f3-466e-8995-8accd1e64303 + properties: + type: object + properties: {} + description: + type: string + description: | + description is a message with basic details about the workflow request. + example: Approve application [APP1] creation request from application creator + - admin with throttling tier - 10MinPer + WorkflowResponse: + title: workflow Response + required: + - workflowStatus + type: object + properties: + workflowStatus: + type: string + description: | + This attribute declares whether this workflow task is approved or rejected. + example: APPROVED + enum: + - CREATED + - APPROVED + - REJECTED + - REGISTERED + jsonPayload: + type: string + description: | + Attributes that returned after the workflow execution + BotDetectionDataList: + title: Bot Detection Data List + type: object + properties: + count: + type: integer + description: | + Number of Bot Detection Data returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/BotDetectionData' + BotDetectionData: + title: Bot Detection Data + type: object + properties: + recordedTime: + type: integer + description: The time of detection + format: int64 + example: 1591734138413 + messageID: + type: string + description: The message ID + example: urn:uuid:1ed6d2de-29df-4fed-a96a-46d2329dce65 + apiMethod: + type: string + description: The api method + example: GET + headerSet: + type: string + description: The header set + example: '[Accept=*/*, Host=localhost:8243, User-Agent=curl/7.58.0]' + messageBody: + type: string + description: The content of the message body + example: + clientIp: + type: string + description: The IP of the client + example: 127.0.0.1 + RoleAliasList: + title: Role alias list + type: object + properties: + count: + type: integer + description: The number of role aliases + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/RoleAlias' + RoleAlias: + title: Role alias + type: object + properties: + role: + type: string + description: The original role + example: Internal/subscriber + aliases: + type: array + description: The role mapping for role alias + example: + - Subscriber + - Internal/subscriber + items: + type: string + Pagination: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 1 + total: + type: integer + example: 10 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + example: "" + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + example: "" + responses: + BadRequest: + description: Bad Request. Invalid request or validation error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + Conflict: + description: Conflict. Specified resource already exists. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 409 + message: Conflict + description: Specified resource already exists + moreInfo: "" + error: [] + Forbidden: + description: Forbidden. The request must be conditional but no condition has + been specified. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has been + specified + moreInfo: "" + error: [] + InternalServerError: + description: Internal Server Error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + NotAcceptable: + description: Not Acceptable. The requested media type is not supported. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + NotFound: + description: Not Found. The specified resource does not exist. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + PayloadTooLarge: + description: Payload Too Large. Request entity is larger than limits defined + by server. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 413 + message: Payload Too Large + description: Request entity is larger than limits defined by server + moreInfo: "" + error: [] + PreconditionFailed: + description: Precondition Failed. The request has not been performed because + one of the preconditions is not met. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 412 + message: Precondition Failed + description: The request has not been performed because one of the preconditions + is not met + moreInfo: "" + error: [] + Unauthorized: + description: Unauthorized. The user is not authorized. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 401 + message: Unauthorized + description: The user is not authorized + moreInfo: "" + error: [] + UnsupportedMediaType: + description: Unsupported Media Type. The entity of the request was not in a + supported format. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 415 + message: Unsupported media type + description: The entity of the request was not in a supported format + moreInfo: "" + error: [] + parameters: + If-None-Match: + name: If-None-Match + in: header + description: | + Validator for conditional requests; based on the ETag of the formerly retrieved + variant of the resource. + schema: + type: string + requestedTenant: + name: X-WSO2-Tenant + in: header + description: | + For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be + retirieved from. + schema: + type: string + sortBy: + name: sortBy + in: query + description: | + Criteria for sorting. + schema: + type: string + default: createdTime + enum: + - apiName + - version + - createdTime + - status + sortOrder: + name: sortOrder + in: query + description: | + Order of sorting(ascending/descending). + schema: + type: string + default: desc + enum: + - asc + - desc + username: + name: username + in: query + description: | + username of the new application owner + required: true + schema: + type: string + scopeName: + name: scopeName + in: path + description: | + Base64 URL encoded value of the scope name to be validated + required: true + schema: + type: string + environmentId: + name: environmentId + in: path + description: | + Environment UUID (or Environment name defined in config) + required: true + schema: + type: string + policyId: + name: policyId + in: path + description: | + Policy UUID + required: true + schema: + type: string + planId: + name: planId + in: path + description: | + Policy UUID + required: true + schema: + type: string + ruleId: + name: ruleId + in: path + description: | + Custom rule UUID + required: true + schema: + type: string + applicationId: + name: applicationId + in: path + description: | + Application UUID + required: true + schema: + type: string + Accept: + name: Accept + in: header + description: | + Media types acceptable for the response. Default is application/json. + schema: + type: string + default: application/json + Content-Type: + name: Content-Type + in: header + description: | + Media type of the entity in the body. Default is application/json. + required: true + schema: + type: string + default: application/json + limit: + name: limit + in: query + description: | + Maximum size of resource array to return. + schema: + type: integer + default: 25 + offset: + name: offset + in: query + description: | + Starting point within the complete list of items qualified. + schema: + type: integer + default: 0 + user: + name: user + in: query + description: | + username of the application creator + schema: + type: string + workflowReferenceId-Q: + name: workflowReferenceId + in: query + description: | + Workflow reference id + required: true + schema: + type: string + apiCategoryId: + name: apiCategoryId + in: path + description: | + API Category UUID + required: true + schema: + type: string + organizationId: + name: organizationId + in: path + description: | + Organization UUID + required: true + schema: + type: string + keyManagerId: + name: keyManagerId + in: path + description: | + Key Manager UUID + required: true + schema: + type: string + roleId: + name: roleId + in: path + description: | + The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be + derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be + derived as Base64URLEncode({user-store-name}/{role-name}). + required: true + schema: + type: string + securitySchemes: + OAuth2Security: + type: oauth2 + flows: + password: + tokenUrl: https://localhost:9443/oauth2/token + scopes: + openid: Authorize access to user details + apk:policies_import_export: Export and import policies related operations + apk:admin: Manage all admin operations + apk:tier_view: View throttling policies + apk:tier_manage: Update and delete throttling policies + apk:bl_view: View deny policies + apk:bl_manage: Update and delete deny policies + apk:mediation_policy_view: View mediation policies + apk:mediation_policy_create: Create and update mediation policies + apk:app_owner_change: Retrieve and manage applications + apk:app_import_export: Import and export applications related operations + apk:api_import_export: Import and export APIs related operations + apk:api_product_import_export: Import and export API Products related + operations + apk:environment_manage: Manage gateway environments + apk:environment_read: Retrieve gateway environments + apk:monetization_usage_publish: Retrieve and publish Monetization related + usage records + apk:api_workflow_approve: Manage workflows + apk:bot_data: Retrieve bot detection data + apk:tenantInfo: Retrieve tenant related information + apk:tenant_theme_manage: Manage tenant themes + apk:admin_operations: Manage API categories and Key Managers related + operations + apk:admin_settings: Retrieve admin settings + apk:admin_alert_manage: Manage admin alerts + apk:api_workflow_view: Retrieve workflow requests + apk:scope_manage: Manage system scopes + apk:role_manage: Manage system roles + apk:admin_application_view: View Applications diff --git a/en/docs/catalogs/backoffice-api.yaml b/en/docs/catalogs/backoffice-api.yaml new file mode 100644 index 000000000..33a188810 --- /dev/null +++ b/en/docs/catalogs/backoffice-api.yaml @@ -0,0 +1,3683 @@ +# Copyright (c) 2022, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################################ +openapi: 3.0.1 +info: + title: WSO2 API Platform for Kubernetes(APK) - BackOffice REST API + description: This document specifies a **RESTful API** for WSO2 **APK** - **BackOffice**. + contact: + name: WSO2 + url: https://wso2.com/api-manager/ + email: architecture@wso2.com + license: + name: Apache 2.0 + url: http://www.apache.org/licenses/LICENSE-2.0.html + version: v1 +servers: + - url: https://apis.wso2.com/api/am/backoffice/ + +paths: + ###################################################### + # The "API Collection" resource APIs + ###################################################### + /apis: + get: + tags: + - APIs + summary: | + Retrieve/Search APIs + description: | + This operation provides you a list of available APIs qualifying under a given search condition. + + Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/sortBy' + - $ref: '#/components/parameters/sortOrder' + - name: query + in: query + description: | + **Search condition**. + + You can search in attributes by using an **":"** modifier. + + Eg. + "provider:wso2" will match an API if the provider of the API contains "wso2". + "provider:"wso2"" will match an API if the provider of the API is exactly "wso2". + "status:PUBLISHED" will match an API if the API is in PUBLISHED state. + + Also you can use combined modifiers + Eg. + name:pizzashack version:v1 will match an API if the name of the API is pizzashack and version is v1. + + Supported attribute modifiers are [**version, context, name, status, + description, provider, api-category, tags, doc, contexttemplate, + lcstate, content, type, label, enablestore, thirdparty**] + + If no advanced attribute modifier has been specified, the API names containing + the search term will be returned as a result. + + Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + List of qualifying APIs is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis"' + operationId: getAllAPIs + + ###################################################### + # The "Individual API" resource APIs + ###################################################### + /apis/{apiId}: + get: + tags: + - APIs + summary: Get Details of an API + description: | + Using this operation, you can retrieve complete details of a single API. You need to provide the Id of the API to retrieve it. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901"' + operationId: getAPI + put: + tags: + - APIs + summary: Update an API + description: | + This operation can be used to update an existing API. + But the properties `name`, `provider` and `version` cannot be changed. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + requestBody: + description: API object that needs to be updated + content: + application/json: + schema: + $ref: '#/components/schemas/ModifiableAPI' + required: true + responses: + 200: + description: | + OK. + Successful response with updated API object + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:api_publish + - apk:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901"' + operationId: updateAPI + + /apis/{apiId}/definition: + get: + tags: + - APIs + summary: Get the API Definition + description: | + This operation can be used to retrieve the definition of an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested definition document of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIDefinition' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + - apk:api_definition_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/definition"' + operationId: getAPIDefinition + + /apis/{apiId}/resource-paths: + get: + tags: + - APIs + summary: Get Resource Paths of an API + description: | + This operation can be used to retrieve resource paths defined for a specific API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + ResourcePaths returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ResourcePathList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + - apk:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/resource-paths"' + operationId: getAPIResourcePaths + + /apis/{apiId}/thumbnail: + get: + tags: + - APIs + summary: Get Thumbnail Image + description: | + This operation can be used to download a thumbnail image of an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Thumbnail image returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + - apk:api_publish + - apk:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/thumbnail" + > image.jpeg' + operationId: getAPIThumbnail + + put: + tags: + - APIs + summary: Upload a Thumbnail Image + description: | + This operation can be used to upload a thumbnail image of an API. The thumbnail to be uploaded should be given as a form data parameter `file`. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: Image to upload + format: binary + required: true + responses: + 200: + description: | + OK. + Image updated + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Location: + description: | + The URL of the uploaded thumbnail image of the API. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/FileInfo' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:api_publish + - apk:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F file=@image.jpeg "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/thumbnail"' + operationId: updateAPIThumbnail + + /apis/{apiId}/documents: + get: + tags: + - API Documents + summary: Get a List of Documents of an API + description: | + This operation can be used to retrieve a list of documents belonging to an API by providing the ID of the API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document list is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/DocumentList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + - apk:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/documents"' + operationId: getAPIDocuments + + post: + tags: + - API Documents + summary: Add a New Document to an API + description: | + This operation can be used to add a new documentation to an API. This operation only adds the metadata of a document. To add the actual content we need to use **Upload the content of an API document ** API once we obtain a document Id by this operation. + parameters: + - $ref: '#/components/parameters/apiId' + requestBody: + description: Document object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created Document object as entity in the body. + Location header contains URL of newly added document. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Location: + description: | + Location to the newly created Document. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apk:api_view + - apk:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/documents"' + operationId: addAPIDocument + + /apis/{apiId}/documents/{documentId}: + get: + tags: + - API Documents + summary: Get a Document of an API + description: | + This operation can be used to retrieve a particular document's metadata associated with an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + - apk:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' + operationId: getAPIDocument + + put: + tags: + - API Documents + summary: Update a Document of an API + description: | + This operation can be used to update metadata of an API's document. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: Document object that needs to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + required: true + responses: + 200: + description: | + OK. + Document updated + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Location: + description: | + The URL of the updated document. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:api_view + - apk:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' + operationId: updateAPIDocument + + delete: + tags: + - API Documents + summary: Delete a Document of an API + description: | + This operation can be used to delete a document associated with an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:api_view + - apk:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/documents/83312daf-0d8a-427b-8f72-12755b7901d3"' + operationId: deleteAPIDocument + + /apis/{apiId}/documents/{documentId}/content: + get: + tags: + - API Documents + summary: Get the Content of an API Document + description: | + This operation can be used to retrieve the content of an API's document. + + The document can be of 3 types. In each cases responses are different. + + 1. **Inline type**: + The content of the document will be retrieved in `text/plain` content type + + _Sample cURL_ : `curl -k -H "Authorization:Bearer 579f0af4-37be-35c7-81a4-f1f1e9ee7c51" -F inlineContent=@"docs.txt" -X POST "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/documents/43c2bcce-60e7-405f-bc36-e39c0c5e189e/content` + 2. **FILE type**: + The file will be downloaded with the related content type (eg. `application/pdf`) + 3. **URL type**: + The client will receive the URL of the document as the Location header with the response with - `303 See Other` + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/Accept' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + File or inline content returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 303: + description: | + See Other. + Source can be retrieved from the URL specified at the Location header. + headers: + Location: + description: | + The Source URL of the document. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + - apk:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/documents/83312daf-0d8a-427b-8f72-12755b7901d3/content"' + operationId: getAPIDocumentContent + + post: + tags: + - API Documents + summary: Upload the Content of an API Document + description: | + This operation can be used to upload a file or add inline content to an API document. + + **IMPORTANT:** + * Either **file** or **inlineContent** form data parameters should be specified at one time. + * Document's source type should be **FILE** in order to upload a file to the document using **file** parameter. + * Document's source type should be **INLINE** in order to add inline content to the document using **inlineContent** parameter. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/If-Match' + requestBody: + content: + multipart/form-data: + schema: + properties: + file: + type: string + description: Document to upload + format: binary + inlineContent: + type: string + description: Inline content of the document + responses: + 200: + description: | + OK. + Document updated + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Location: + description: | + The URL of the updated content of the document. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:api_view + - apk:document_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" -F file=@sample.pdf "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/documents/83312daf-0d8a-427b-8f72-12755b7901d3/content"' + operationId: addAPIDocumentContent + + /apis/{apiId}/comments: + get: + tags: + - Comments + summary: Retrieve API Comments + description: | + Get a list of Comments that are already added to APIs + operationId: getAllCommentsOfAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/includeCommenterInfo' + responses: + 200: + description: | + OK. + Comments list is returned. + content: + application/json: + schema: + $ref: '#/components/schemas/CommentList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:api_view + - apk:comment_view + - apk:comment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/apk/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/comments"' + + post: + tags: + - Comments + summary: Add an API Comment + operationId: addCommentToAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/parentCommentID' + requestBody: + description: | + Comment object that should to be added + content: + application/json: + schema: + title: Post request body + type: object + properties: + content: + type: string + maxLength: 512 + description: | + Content of the comment + example: This is a comment + category: + type: string + description: | + Category of the comment + example: general + required: + - content + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created Comment. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:comment_write + - apk:comment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/apk/backoffice/v1/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments"' + + /apis/{apiId}/comments/{commentId}: + get: + tags: + - Comments + summary: Get Details of an API Comment + description: | + Get the individual comment given by a username for a certain API. + operationId: getCommentOfAPI + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/includeCommenterInfo' + - $ref: '#/components/parameters/replyLimit' + - $ref: '#/components/parameters/replyOffset' + responses: + 200: + description: | + OK. + Comment returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:api_view + - apk:comment_view + - apk:comment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/apk/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' + + patch: + tags: + - Comments + summary: Edit a comment + description: | + Edit the individual comment + operationId: editCommentOfAPI + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + requestBody: + description: | + Comment object that should to be updated + content: + application/json: + schema: + title: Patch request body + type: object + properties: + content: + type: string + maxLength: 512 + description: | + Content of the comment + example: This is a comment + category: + type: string + description: | + Category of the comment + example: general + required: true + responses: + 200: + description: | + OK. + Comment updated. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created Comment. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:comment_write + - apk:comment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PATCH -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/apk/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' + + delete: + tags: + - Comments + summary: Delete an API Comment + description: | + Remove a Comment + operationId: deleteComment + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 401: + $ref: '#/components/responses/Unauthorized' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 405: + description: | + MethodNotAllowed. + Request method is known by the server but is not supported by the target resource. + content: {} + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:comment_write + - apk:comment_manage + - apk:admin # special scope added to moderate other comments as well + x-code-samples: + - lang: Curl + source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/apk/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" + + /apis/{apiId}/comments/{commentId}/replies: + get: + tags: + - Comments + summary: Get replies of a comment + description: | + Get replies of a comment + operationId: getRepliesOfComment + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/includeCommenterInfo' + responses: + 200: + description: | + OK. + Comment returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CommentList' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:api_view + - apk:comment_view + - apk:comment_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/apk/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4/replies"' + + + ###################################################### + # The "Subscription Collection" resource APIs + ###################################################### + /subscriptions: + get: + tags: + - Subscriptions + summary: Get all Subscriptions + description: | + This operation can be used to retrieve a list of subscriptions of the user associated with the provided access token. This operation is capable of + + 1. Retrieving all subscriptions for the user's APIs. + `GET https://api.am.wso2.com:9095/api/am/backoffice/v1/subscriptions` + + 2. Retrieving subscriptions for a specific API. + `GET https://api.am.wso2.com:9095/api/am/backoffice/v1/subscriptions?apiId=01234567-0123-0123-0123-012345678901` + parameters: + - $ref: '#/components/parameters/apiId-Q-Opt' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + - name: query + in: query + description: | + Keywords to filter subscriptions + schema: + type: string + responses: + 200: + description: | + OK. + Subscription list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + - apk:subscription_view + - apk:subscription_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/subscriptions?apiId=01234567-0123-0123-0123-012345678901"' + operationId: getSubscriptions + + /subscriptions/{subscriptionId}/subscriber-info: + get: + tags: + - Subscriber + summary: Get Details of a Subscriber + description: | + This operation can be used to get details of a user who subscribed to the API. + parameters: + - $ref: '#/components/parameters/subscriptionId' + responses: + 200: + description: | + OK. + Details of the subscriber are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriberInfo' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:api_view + - apk:subscription_view + - apk:subscription_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/subscriptions/64eca60b-2e55-4c38-8603-e9e6bad7d809/subscriber-info"' + operationId: getSubscriberInfoBySubscriptionId + + /subscriptions/block-subscription: + post: + tags: + - Subscriptions + summary: Block a Subscription + description: | + This operation can be used to block a subscription. Along with the request, `blockState` must be specified as a query parameter. + + 1. `BLOCKED` : Subscription is completely blocked for both Production and Sandbox environments. + 2. `PROD_ONLY_BLOCKED` : Subscription is blocked for Production environment only. + parameters: + - $ref: '#/components/parameters/subscriptionId-Q' + - name: blockState + in: query + description: | + Subscription block state. + required: true + schema: + type: string + enum: + - BLOCKED + - PROD_ONLY_BLOCKED + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Subscription was blocked successfully. + headers: + ETag: + description: | + Entity Tag of the blocked subscription. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the subscription has been blocked. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscription_block + - apk:subscription_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/subscriptions/block-subscription?subscriptionId=64eca60b-2e55-4c38-8603-e9e6bad7d809&blockState=PROD_ONLY_BLOCKED"' + operationId: blockSubscription + + /subscriptions/unblock-subscription: + post: + tags: + - Subscriptions + summary: Unblock a Subscription + description: | + This operation can be used to unblock a subscription specifying the subscription Id. The subscription will be fully unblocked after performing this operation. + parameters: + - $ref: '#/components/parameters/subscriptionId-Q' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Subscription was unblocked successfully. + headers: + ETag: + description: | + Entity Tag of the unblocked subscription. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Last-Modified: + description: | + Date and time the subscription has been unblocked. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscription_block + - apk:subscription_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/subscriptions/unblock-subscription?subscriptionId=64eca60b-2e55-4c38-8603-e9e6bad7d809"' + operationId: unBlockSubscription + + + ###################################################### + # The "Thorttling Tier Collection" resource APIs + ###################################################### + /usage-plans: + get: + tags: + - Usage Plan + summary: Get All Usage Plans + description: | + This operation can be used to list the available usage plans. + operationId: getAllUsagePlans + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of policies returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/UsagePlanList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + - apk:tier_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/usage-plans"' + + ###################################################### + # The "Content Search Results" resource APIs + ###################################################### + /search: + get: + tags: + - Unified Search + summary: | + Retrieve/Search APIs and API Documents by Content + description: | + This operation provides you a list of available APIs and API Documents qualifying the given keyword match. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - name: query + in: query + description: | + **Search**. + + You can search by proving a keyword. + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of qualifying APIs and API documents is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in the future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SearchResultList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in the future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:api_view + - apk:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/search?query=pizza"' + operationId: search + + ###################################################### + # The BackOffice settings resource APIs + ###################################################### + /settings: + get: + tags: + - Settings + summary: Retrieve BackOffice Settings + description: | + Retrieve BackOffice settings + responses: + 200: + description: | + OK. + Settings returned + content: + application/json: + schema: + $ref: '#/components/schemas/Settings' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:api_view + - apk:backoffice_settings + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/settings"' + operationId: getSettings + + ###################################################### + # The "API Category Collection" resource API + ###################################################### + /api-categories: + get: + tags: + - API Category (Collection) + summary: Get all API categories + description: | + Get all API categories + responses: + 200: + description: | + OK. + Categories returned + content: + application/json: + schema: + $ref: '#/components/schemas/APICategoryList' + security: + - OAuth2Security: + - apk:api_view + - apk:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/api-categories"' + operationId: getAllAPICategories + + /apis/change-lifecycle: + post: + tags: + - API Lifecycle + summary: Change API LC Status + description: | + This operation is used to change the lifecycle of an API. + Eg: Publish an API which is in `CREATED` state. In order to change the lifecycle, we need to provide the + lifecycle `action` as a query parameter. + + For example, to Publish an API, `action` should be `Publish`. + + parameters: + - name: targetState + in: query + description: | + The action to demote or promote the state of the API. + + Supported actions are [ **Publish**, **Demote to Created**] + required: true + schema: + type: string + enum: + - Publish + - Demote to Created + - $ref: '#/components/parameters/apiId-Q' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Lifecycle changed successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/LifecycleState' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:api_publish + - apk:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/change-lifecycle?apiId=01234567-0123-0123-0123-012345678901&action=Publish"' + operationId: changeAPILifecycle + + /apis/{apiId}/lifecycle-history: + get: + tags: + - API Lifecycle + summary: Get Lifecycle State Change History of the APIs. + description: | + This operation can be used to retrieve Lifecycle state change history of the APIs. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Lifecycle state change history returned successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/LifecycleHistory' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:api_publish + - apk:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/lifecycle-history"' + operationId: getAPILifecycleHistory + + /apis/{apiId}/lifecycle-state: + get: + tags: + - API Lifecycle + summary: Get Lifecycle State Data of the API + description: | + This operation can be used to retrieve Lifecycle state data of the API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Lifecycle state data returned successfully. + content: + application/json: + schema: + $ref: '#/components/schemas/LifecycleState' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:api_publish + - apk:api_create + - apk:api_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/apis/01234567-0123-0123-0123-012345678901/lifecycle-state"' + operationId: getAPILifecycleState +###################################################### +# The "Business Plans Collection" resource API +###################################################### + /business-plans: + get: + tags: + - Business Plan (Collection) + summary: Get all Business Plans + description: | + This operation can be used to retrieve all Business Plans + parameters: + - $ref: '#/components/parameters/Accept' + responses: + 200: + description: | + OK. + Plans returned + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/BusinessPlanList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:admin + - apk:tier_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/backoffice/v1/business-plans"' + operationId: getAllBusinessPlans +components: + schemas: + APIDefinition: + title: API Schema + required: + - type + type: object + properties: + type: + type: string + enum: + - swagger + - graphql + - wsdl + - async + schemaDefinition: + type: string + Comment: + title: Comment + required: + - content + type: object + properties: + id: + type: string + readOnly: true + example: 943d3002-000c-42d3-a1b9-d6559f8a4d49 + content: + maxLength: 512 + type: string + example: This is a comment + createdTime: + type: string + readOnly: true + example : 2021-02-11-09:57:25 + createdBy: + type: string + readOnly: true + example: admin + updatedTime: + type: string + readOnly: true + example : 2021-02-12-19:57:25 + category: + type: string + readOnly: true + default: general + example : general + parentCommentId: + type: string + readOnly: true + example: 6f38aea2-f41e-4ac9-b3f2-a9493d00ba97 + entryPoint: + type: string + readOnly: true + enum: [devPortal, publisher] + commenterInfo: + $ref: '#/components/schemas/CommenterInfo' + replies: + $ref: '#/components/schemas/CommentList' + CommentList: + title: Comments List + type: object + properties: + count: + type: integer + readOnly: true + description: | + Number of Comments returned. + example: 1 + list: + type: array + readOnly: true + items: + $ref: '#/components/schemas/Comment' + pagination: + $ref: '#/components/schemas/Pagination' + CommenterInfo: + type: object + properties: + firstName: + type: string + example: John + lastName: + type: string + example: David + fullName: + type: string + example: John David + APIList: + title: API List + type: object + properties: + count: + type: integer + description: | + Number of APIs returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIInfo' + pagination: + $ref: '#/components/schemas/Pagination' + + APIInfo: + title: API Info object with basic API details. + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorAPI + description: + type: string + example: A calculator API that supports basic operations + context: + type: string + example: CalculatorAPI + version: + type: string + example: 1.0.0 + type: + type: string + example: HTTP + createdTime: + type: string + example : 2021-02-11 09:57:25 + updatedTime: + type: string + example : 2021-02-11 09:57:25 + hasThumbnail: + type: boolean + example: true + state: + type: string + description: | + State of the API. Only published APIs are visible on the Developer Portal + enum: + - CREATED + - PUBLISHED + + API: + title: API object + required: + - context + - name + - version + type: object + properties: + id: + type: string + description: | + UUID of the API + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 60 + minLength: 1 + pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\[\]\/]*$)' + type: string + example: PizzaShackAPI + description: + maxLength: 32766 + type: string + example: This is a simple API for Pizza Shack online pizza delivery store. + context: + maxLength: 232 + minLength: 1 + type: string + example: pizza + version: + maxLength: 30 + minLength: 1 + type: string + pattern: '^[^~!@#;:%^*()+={}|\\<>"'',&/$\[\]\s+\/]+$' + example: 1.0.0 + type: + type: string + description: The api creation type to be used. Accepted values are HTTP, + WS, SOAPTOREST, GRAPHQL, WEBSUB, SSE, WEBHOOK, ASYNC + example: HTTP + default: HTTP + enum: + - HTTP + - WS + - SOAPTOREST + - SOAP + - GRAPHQL + - WEBSUB + - SSE + - WEBHOOK + - ASYNC + transport: + type: array + description: | + Supported transports for the API (http and/or https). + example: + - http + - https + items: + type: string + hasThumbnail: + type: boolean + example: false + state: + type: string + description: | + State of the API. Only published APIs are visible on the Developer Portal + default: CREATED + enum: + - CREATED + - PUBLISHED + tags: + type: array + example: + - pizza + - food + items: + type: string + categories: + type: array + description: | + API categories + example: [] + items: + type: string + sdk: + type: array + description: | + Supported SDK + example: [] + items: + type: string + policies: + type: array + example: + - Unlimited + items: + type: string + additionalProperties: + type: object + additionalProperties: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + default: false + createdTime: + type: string + lastUpdatedTime: + type: string + operations: + type: array + example: + - target: /order/{orderId} + verb: POST + usagePlan: Unlimited + - target: /menu + verb: GET + usagePlan: Unlimited + items: + $ref: '#/components/schemas/APIOperations' + apiUsagePolicy: + type: string + description: The API level usage policy selected for the particular Runtime + API + example: Unlimited + monetization: + $ref: '#/components/schemas/APIMonetizationInfo' + businessInformation: + $ref: '#/components/schemas/APIBusinessInformation' + revision: + $ref: '#/components/schemas/APIRevision' + deployments: + type: array + readOnly: true + example: + - name: US + deployedTime: 2022-10-28T06:13:35.024Z + - name: Europe + deployedTime: 2022-10-28T06:13:35.024Z + items: + $ref: '#/components/schemas/APIDeployment' + + BusinessPlanList: + title: Business Plan List + type: object + properties: + count: + type: integer + description: | + Number of Business Plans returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/BusinessPlan' + BusinessPlan: + title: Business Plan + allOf: + - required: + - defaultLimit + type: object + properties: + defaultLimit: + $ref: '#/components/schemas/ThrottleLimit' + rateLimitCount: + type: integer + description: Burst control request count + example: 10 + rateLimitTimeUnit: + type: string + description: Burst control time unit + example: min + subscriberCount: + type: integer + description: Number of subscriptions allowed + example: 10 + customAttributes: + type: array + description: | + Custom attributes added to the Subscription Throttling Policy + example: [] + items: + $ref: '#/components/schemas/CustomAttribute' + permissions: + $ref: '#/components/schemas/BusinessPlanPermission' + BusinessPlanPermission: + title: Business Plan Permission + required: + - permissionType + - roles + type: object + properties: + permissionType: + type: string + example: deny + enum: + - ALLOW + - DENY + roles: + type: array + example: + - Internal/everyone + items: + type: string + ThrottleLimit: + title: Throttle Limit + required: + - type + type: object + properties: + type: + type: string + description: | + Type of the throttling limit. Allowed values are "REQUESTCOUNTLIMIT" and "BANDWIDTHLIMIT". + Please see schemas of "RequestCountLimit" and "BandwidthLimit" throttling limit types in + Definitions section. + example: REQUESTCOUNTLIMIT + enum: + - REQUESTCOUNTLIMIT + - BANDWIDTHLIMIT + - EVENTCOUNTLIMIT + requestCount: + $ref: '#/components/schemas/RequestCountLimit' + bandwidth: + $ref: '#/components/schemas/BandwidthLimit' + eventCount: + $ref: '#/components/schemas/EventCountLimit' + #----------------------------------------------------- + # The API Revision resource + #----------------------------------------------------- + APIRevision: + title: Object with basic API Revision details + properties: + displayName: + type: string + readOnly: true + example: REVISION 1 + id: + type: string + readOnly: true + example: c26b2b9b-4632-4ca4-b6f3-521c8863990c + description: + maxLength: 255 + minLength: 0 + type: string + example: removed a post resource + createdTime: + readOnly: true + type: string + format: date-time + #----------------------------------------------------- + # The API Revision Deployment resource + #----------------------------------------------------- + APIDeployment: + title: Basic API deployment details + properties: + name: + maxLength: 255 + minLength: 1 + type: string + example: Europe + deployedTime: + readOnly: true + type: string + format: date-time + ModifiableAPI: + title: Modifiable API object + required: + - name + type: object + properties: + id: + type: string + description: | + UUID of the API + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 50 + minLength: 1 + type: string + description: Name of the API + example: PizzaShackAPI + context: + maxLength: 60 + minLength: 1 + type: string + example: pizzaproduct + description: + type: string + description: A brief description about the API + example: This is a simple API for Pizza Shack online pizza delivery store + hasThumbnail: + type: boolean + example: false + state: + type: string + description: | + State of the API. Only published APIs are visible on the Developer Portal + default: CREATED + enum: + - CREATED + - PUBLISHED + tags: + type: array + example: + - pizza + - food + items: + type: string + additionalProperties: + type: object + additionalProperties: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + default: false + monetization: + $ref: '#/components/schemas/APIMonetizationInfo' + businessInformation: + $ref: '#/components/schemas/APIBusinessInformation' + categories: + type: array + description: | + API categories + example: [] + items: + type: string + sdk: + type: array + description: | + Supported SDK + example: [] + items: + type: string + policies: + type: array + example: + - Unlimited + items: + type: string + ResourcePath: + title: ResourcePath + required: + - id + type: object + properties: + id: + type: integer + example: 1 + resourcePath: + type: string + example: /menu + httpVerb: + type: string + example: GET + ResourcePathList: + title: ResourcePath List + type: object + properties: + count: + type: integer + description: | + Number of API Resource Paths returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ResourcePath' + pagination: + $ref: '#/components/schemas/Pagination' + APIBusinessInformation: + type: object + properties: + businessOwner: + maxLength: 120 + type: string + example: businessowner + businessOwnerEmail: + type: string + example: businessowner@wso2.com + technicalOwner: + maxLength: 120 + type: string + example: technicalowner + technicalOwnerEmail: + type: string + example: technicalowner@wso2.com + SubscriberInfo: + title: SubscriberInfo + type: object + properties: + name: + type: string + example: admin + ApplicationInfo: + title: Application info object with basic application details + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + subscriber: + type: string + example: admin + description: + type: string + example: Sample calculator application + subscriptionCount: + type: integer + DocumentList: + title: Document List + type: object + properties: + count: + type: integer + description: | + Number of Documents returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Document' + pagination: + $ref: '#/components/schemas/Pagination' + Document: + title: Document + required: + - name + - sourceType + - type + - visibility + type: object + properties: + documentId: + type: string + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 60 + minLength: 1 + type: string + example: PizzaShackDoc + type: + type: string + example: HOWTO + enum: + - HOWTO + - SAMPLES + - PUBLIC_FORUM + - SUPPORT_FORUM + - API_MESSAGE_FORMAT + - SWAGGER_DOC + - OTHER + summary: + maxLength: 32766 + minLength: 1 + type: string + example: Summary of PizzaShackAPI Documentation + sourceType: + type: string + example: INLINE + enum: + - INLINE + - MARKDOWN + - URL + - FILE + sourceUrl: + type: string + readOnly: true + example: "" + fileName: + type: string + readOnly: true + example: "" + inlineContent: + type: string + example: This is doc content. This can have many lines. + otherTypeName: + type: string + readOnly: true + example: "" + visibility: + type: string + example: API_LEVEL + enum: + - OWNER_ONLY + - PRIVATE + - API_LEVEL + createdTime: + type: string + readOnly: true + createdBy: + type: string + example: admin + lastUpdatedTime: + type: string + readOnly: true + lastUpdatedBy: + type: string + readOnly: true + example: admin + UsagePlanList: + title: Usage Plan list + type: object + properties: + count: + type: integer + description: | + Number of Usage Plans returned. + example: 1 + list: + type: array + description: | + Array of Usage Policies + items: + $ref: '#/components/schemas/UsagePlan' + pagination: + $ref: '#/components/schemas/Pagination' + SubscriptionList: + title: Subscription List + type: object + properties: + count: + type: integer + description: | + Number of Subscriptions returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Subscription' + pagination: + $ref: '#/components/schemas/Pagination' + Subscription: + title: Subscription + required: + - applicationInfo + - subscriptionId + - subscriptionStatus + - usagePlan + type: object + properties: + subscriptionId: + type: string + example: 01234567-0123-0123-0123-012345678901 + applicationInfo: + $ref: '#/components/schemas/ApplicationInfo' + usagePlan: + type: string + example: Unlimited + subscriptionStatus: + type: string + example: BLOCKED + enum: + - BLOCKED + - PROD_ONLY_BLOCKED + - UNBLOCKED + - ON_HOLD + - REJECTED + - TIER_UPDATE_PENDING + - DELETE_PENDING + UsageLimitBase: + title: Throttle Limit Base + required: + - timeUnit + - unitTime + type: object + properties: + timeUnit: + type: string + description: Unit of the time. Allowed values are "sec", "min", "hour", + "day" + example: min + unitTime: + type: integer + description: Time limit that the usage limit applies. + example: 10 + UsageLimit: + title: Usage Limit + required: + - type + type: object + properties: + type: + type: string + description: | + Type of the usage limit. Allowed values are "REQUESTCOUNTLIMIT" and "BANDWIDTHLIMIT". + Please see schemas of "RequestCountLimit" and "BandwidthLimit" usage limit types in + Definitions section. + example: REQUESTCOUNTLIMIT + enum: + - REQUESTCOUNTLIMIT + - BANDWIDTHLIMIT + - EVENTCOUNTLIMIT + requestCount: + $ref: '#/components/schemas/RequestCountLimit' + bandwidth: + $ref: '#/components/schemas/BandwidthLimit' + eventCount: + $ref: '#/components/schemas/EventCountLimit' + + BandwidthLimit: + title: Bandwidth Limit object + allOf: + - $ref: '#/components/schemas/UsageLimitBase' + - required: + - dataAmount + - dataUnit + type: object + properties: + dataAmount: + type: integer + description: Amount of data allowed to be transferred + format: int64 + example: 1000 + dataUnit: + type: string + description: Unit of data allowed to be transferred. Allowed values are + "KB", "MB" and "GB" + example: KB + RequestCountLimit: + title: Request Count Limit object + allOf: + - $ref: '#/components/schemas/UsageLimitBase' + - required: + - requestCount + type: object + properties: + requestCount: + type: integer + description: Maximum number of requests allowed + format: int64 + example: 30 + EventCountLimit: + title: Event Count Limit object + allOf: + - $ref: '#/components/schemas/UsageLimitBase' + - required: + - eventCount + type: object + properties: + eventCount: + type: integer + description: Maximum number of events allowed + format: int64 + example: 3000 + UsagePlan: + title: Usage Plan + allOf: + - required: + - defaultLimit + type: object + properties: + policyId: + type: integer + description: Id of policy + example: 1 + uuid: + type: string + description: policy uuid + example: 0c6439fd-9b16-3c2e-be6e-1086e0b9aa93 + policyName: + maxLength: 60 + minLength: 1 + type: string + description: Name of policy + example: 30PerMin + displayName: + type: string + description: Display name of the policy + example: 30PerMin + maxLength: 512 + description: + maxLength: 1024 + type: string + description: Description of the policy + example: Allows 30 request per minute + organization: + type: string + description: Usage policy organization + example: wso2 + defaultLimit: + $ref: '#/components/schemas/UsageLimit' + rateLimitCount: + type: integer + description: Burst control request count + example: 10 + rateLimitTimeUnit: + type: string + description: Burst control time unit + example: min + subscriberCount: + type: integer + description: Number of subscriptions allowed + example: 10 + customAttributes: + type: array + description: | + Custom attributes added to the Usage plan + example: [ ] + items: + $ref: '#/components/schemas/CustomAttribute' + stopOnQuotaReach: + type: boolean + description: | + This indicates the action to be taken when a user goes beyond the allocated quota. If checked, the user's requests will be dropped. If unchecked, the requests will be allowed to pass through. + default: false + billingPlan: + type: string + description: | + define whether this is Paid or a Free plan. Allowed values are FREE or COMMERCIAL. + example: FREE + permissions: + $ref: '#/components/schemas/SubscriptionThrottlePolicyPermission' + CustomAttribute: + title: Name-Value pair + required: + - name + - value + type: object + properties: + name: + type: string + description: Name of the custom attribute + example: customAttr1 + value: + type: string + description: Value of the custom attribute + example: value1 + SubscriptionThrottlePolicyPermission: + title: SubscriptionThrottlePolicyPermission + required: + - permissionType + - roles + type: object + properties: + permissionType: + type: string + example: deny + enum: + - ALLOW + - DENY + roles: + type: array + example: + - Internal/everyone + items: + type: string + APIMonetizationUsage: + title: API monetization usage object + type: object + properties: + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to monetization usage + APIRevenue: + title: API revenue data object + type: object + properties: + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to API revenue + Error: + title: Error object returned with 4XX HTTP Status + required: + - code + - message + type: object + properties: + code: + type: integer + format: int64 + message: + type: string + description: Error message. + description: + type: string + description: | + A detail description about the error message. + moreInfo: + type: string + description: | + Preferably an url with more details about the error. + error: + type: array + description: | + If there are more than one error list them out. + For example, list out validation errors by each field. + items: + $ref: '#/components/schemas/ErrorListItem' + ErrorListItem: + title: Description of individual errors that may have occurred during a request. + required: + - code + - message + type: object + properties: + code: + type: string + message: + type: string + description: | + Description about individual errors occurred + description: + type: string + description: | + A detail description about the error message. + Environment: + title: Environment + required: + - id + - name + - serverUrl + - showInApiConsole + - type + type: object + properties: + id: + type: string + name: + type: string + example: default + displayName: + type: string + example: Default + type: + type: string + example: hybrid + serverUrl: + type: string + example: https://localhost:9443/services/ + provider: + type: string + example: wso2 + showInApiConsole: + type: boolean + example: true + endpointURIs: + type: array + items: + $ref: '#/components/schemas/GatewayEnvironmentProtocolURI' + additionalProperties: + type: array + items: + $ref: '#/components/schemas/AdditionalProperty' + AdditionalProperty: + title: Additional Gateway Properties + type: object + properties: + key: + type: string + example: Organization + value: + type: string + example: wso2 + FileInfo: + title: File Information including meta data + type: object + properties: + relativePath: + type: string + description: relative location of the file (excluding the base context and + host of the Publisher API) + example: apis/01234567-0123-0123-0123-012345678901/thumbnail + mediaType: + type: string + description: media-type of the file + example: image/jpeg + Scope: + title: Scope + required: + - name + type: object + properties: + id: + type: string + description: | + UUID of the Scope. Valid only for shared scopes. + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 255 + minLength: 1 + type: string + description: | + name of Scope + example: apk:api_view + displayName: + maxLength: 255 + type: string + description: | + display name of Scope + example: api_view + description: + maxLength: 512 + type: string + description: | + description of Scope + example: This Scope can used to view Apis + bindings: + type: array + description: | + role bindings list of the Scope + example: + - admin + - Internal/creator + - Internal/publisher + items: + type: string + usageCount: + type: integer + description: | + usage count of Scope + readOnly: true + example: 3 + APIScope: + title: APIScope + required: + - scope + type: object + properties: + scope: + $ref: '#/components/schemas/Scope' + APIOperations: + title: Operation + type: object + properties: + id: + type: string + example: postapiresource + target: + type: string + example: /order/{orderId} + verb: + type: string + example: POST + usagePlan: + type: string + example: Unlimited + ExternalStore: + title: External Store + type: object + properties: + id: + type: string + description: | + The external store identifier, which is a unique value. + example: Store123# + displayName: + type: string + description: | + The name of the external API Store that is displayed in the Publisher UI. + example: UKStore + type: + type: string + description: | + The type of the Store. This can be a WSO2-specific API Store or an external one. + example: wso2 + endpoint: + type: string + description: | + The endpoint URL of the external store + example: http://localhost:9764/store + APIExternalStore: + title: API External Store + type: object + properties: + id: + type: string + description: | + The external store identifier, which is a unique value. + example: Store123# + lastUpdatedTime: + type: string + description: | + The recent timestamp which a given API is updated in the external store. + example: 2019-09-09T13:57:16.229 + APIExternalStoreList: + title: API External Store List + type: object + properties: + count: + type: integer + description: | + Number of external stores returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIExternalStore' + ExternalStoreList: + title: External Store List + type: object + properties: + count: + type: integer + description: | + Number of external stores returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ExternalStore' + LifecycleState: + title: Lifecycle State + type: object + properties: + state: + type: string + example: Created + availableTransitions: + type: array + items: + type: object + properties: + event: + type: string + example: Publish + targetState: + type: string + example: Published + LifecycleHistory: + title: Lifecycle history item list + type: object + properties: + count: + type: integer + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/LifecycleHistoryItem' + LifecycleHistoryItem: + title: Lifecycle history item + type: object + properties: + previousState: + type: string + example: Created + postState: + type: string + example: Published + user: + type: string + example: admin + updatedTime: + type: string + format: dateTime + example: 2019-02-31T23:59:60Z + WorkflowResponse: + title: workflow Response + required: + - workflowStatus + type: object + properties: + workflowStatus: + type: string + description: | + This attribute declares whether this workflow task is approved or rejected. + example: APPROVED + enum: + - CREATED + - APPROVED + - REJECTED + - REGISTERED + jsonPayload: + type: string + description: | + Attributes that returned after the workflow execution + example: null + lifecycleState: + $ref: '#/components/schemas/LifecycleState' + ThreatProtectionPolicy: + title: Threat Protection Policy Schema + required: + - name + - policy + - type + type: object + properties: + uuid: + type: string + description: Policy ID + name: + type: string + description: Name of the policy + type: + type: string + description: Type of the policy + policy: + type: string + description: policy as a json string + SearchResult: + title: Search Result + required: + - name + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: TestAPI + type: + type: string + example: API + enum: + - DOC + - API + transportType: + type: string + description: Accepted values are HTTP, WS, SOAPTOREST, GRAPHQL + discriminator: + propertyName: name + SearchResultList: + title: Unified Search Result List + type: object + properties: + count: + type: integer + description: | + Number of results returned. + example: 1 + list: + type: array + items: + type: object + pagination: + $ref: '#/components/schemas/Pagination' + APIMonetizationInfo: + title: API monetization object + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Flag to indicate the monetization status + example: true + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to monetization + Settings: + title: SettingsDTO + type: object + properties: + devportalUrl: + type: string + description: The Developer Portal URL + example: https://localhost:9443/devportal + environment: + type: array + items: + $ref: '#/components/schemas/Environment' + monetizationAttributes: + type: array + example: [] + items: + $ref: '#/components/schemas/MonetizationAttribute' + docVisibilityEnabled: + type: boolean + description: | + Is Document Visibility configuration enabled + example: false + authorizationHeader: + type: string + description: Authorization Header + example: authorization + Pagination: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 1 + total: + type: integer + example: 10 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + MonetizationAttribute: + title: Monetization attribute object + type: object + properties: + required: + type: boolean + description: | + Is attribute required + example: true + name: + type: string + description: | + Name of the attribute + displayName: + type: string + description: | + Display name of the attribute + description: + type: string + description: | + Description of the attribute + hidden: + type: boolean + description: | + Is attribute hidden + default: + type: string + description: | + Default value of the attribute + APICategory: + title: API Category + required: + - name + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: Finance + description: + type: string + example: Finance related APIs + APICategoryList: + title: API Category List + type: object + properties: + count: + type: integer + description: | + Number of API categories returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APICategory' + GatewayEnvironmentProtocolURI: + title: Gateway Environment protocols and URIs + required: + - protocol + - endpointURI + type: object + properties: + protocol: + type: string + example: default + endpointURI: + type: string + example: default + responses: + BadRequest: + description: Bad Request. Invalid request or validation error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + Conflict: + description: Conflict. Specified resource already exists. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 409 + message: Conflict + description: Specified resource already exists + moreInfo: "" + error: [] + Forbidden: + description: Forbidden. The request must be conditional but no condition has + been specified. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has been + specified + moreInfo: "" + error: [] + InternalServerError: + description: Internal Server Error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + NotAcceptable: + description: Not Acceptable. The requested media type is not supported. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + NotFound: + description: Not Found. The specified resource does not exist. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + PreconditionFailed: + description: Precondition Failed. The request has not been performed because + one of the preconditions is not met. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 412 + message: Precondition Failed + description: The request has not been performed because one of the preconditions + is not met + moreInfo: "" + error: [] + Unauthorized: + description: Unauthorized. The user is not authorized. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 401 + message: Unauthorized + description: The user is not authorized + moreInfo: "" + error: [] + UnsupportedMediaType: + description: Unsupported Media Type. The entity of the request was not in a + supported format. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 415 + message: Unsupported media type + description: The entity of the request was not in a supported format + moreInfo: "" + error: [] + parameters: + replyLimit: + name: replyLimit + in: query + description: | + Maximum size of replies array to return. + schema: + type: integer + default: 25 + replyOffset: + name: replyOffset + in: query + description: | + Starting point within the complete list of replies. + schema: + type: integer + default: 0 + commentId: + name: commentId + in: path + description: | + Comment Id + required: true + schema: + type: string + parentCommentID: + name: replyTo + in: query + description: | + ID of the parent comment. + schema: + type: string + includeCommenterInfo: + name: includeCommenterInfo + in: query + description: | + Whether we need to display commenter details. + schema: + type: boolean + default : false + apiId: + name: apiId + in: path + description: | + **API ID** consisting of the **UUID** of the API. + required: true + schema: + type: string + endpointId: + name: endpointId + in: path + description: | + **Endpoint ID** consisting of the **UUID** of the Endpoint**. + required: true + schema: + type: string + apiId-Q: + name: apiId + in: query + description: | + **API ID** consisting of the **UUID** of the API. + The combination of the provider of the API, name of the API and the version is also accepted as a valid API I. + Should be formatted as **provider-name-version**. + required: true + schema: + type: string + apiId-Q-Opt: + name: apiId + in: query + description: | + **API ID** consisting of the **UUID** of the API. + The combination of the provider of the API, name of the API and the version is also accepted as a valid API I. + Should be formatted as **provider-name-version**. + schema: + type: string + labelType-Q: + name: labelType + in: query + description: | + **API ID** consisting of the **UUID** of the API. + The combination of the provider of the API, name of the API and the version is also accepted as a valid API I. + Should be formatted as **provider-name-version**. + schema: + type: string + name: + name: name + in: path + description: | + Name of the API + required: true + schema: + type: string + version: + name: version + in: path + description: | + Version of the API + required: true + schema: + type: string + apiName-Q: + name: name + in: query + description: | + Name of the API + schema: + type: string + apiVersion-Q: + name: version + in: query + description: | + Version of the API + schema: + type: string + apiProvider-Q: + name: providerName + in: query + description: | + Provider name of the API + schema: + type: string + documentId: + name: documentId + in: path + description: | + Document Identifier + required: true + schema: + type: string + applicationId: + name: applicationId + in: path + description: | + **Application Identifier** consisting of the UUID of the Application. + required: true + schema: + type: string + subscriptionId: + name: subscriptionId + in: path + description: | + Subscription Id + required: true + schema: + type: string + resourcePolicyId: + name: resourcePolicyId + in: path + description: | + registry resource Id + required: true + schema: + type: string + subscriptionId-Q: + name: subscriptionId + in: query + description: | + Subscription Id + required: true + schema: + type: string + operationPolicyId: + name: operationPolicyId + in: path + description: | + Operation policy Id + required: true + schema: + type: string + + # API Revision Identifier + # Specified as part of the path expression + revisionId: + name: revisionId + in: path + description: | + Revision ID of an API + required: true + schema: + type: string + + # API Revision Identifier + # Specified as part of the query string + revisionId-Q: + name: revisionId + in: query + description: | + Revision ID of an API + schema: + type: string + revisionNum-Q: + name: revisionNumber + in: query + description: | + Revision Number of an API + schema: + type: string + deploymentId: + name: deploymentId + in: path + description: | + Base64 URL encoded value of the name of an environment + required: true + schema: + type: string + policyName: + name: policyName + in: path + description: | + Tier name + required: true + schema: + type: string + policyName-Q: + name: policyName + in: query + description: | + Name of the policy + required: true + schema: + type: string + policyLevel: + name: policyLevel + in: path + description: | + List API or Application or Resource type policies. + required: true + schema: + type: string + enum: + - api + - subcription + policyLevel-Q: + name: policyLevel + in: query + description: | + List API or Application or Resource type policies. + required: true + schema: + type: string + enum: + - api + - subcription + limit: + name: limit + in: query + description: | + Maximum size of resource array to return. + schema: + type: integer + default: 25 + policyLimit: + name: limit + in: query + description: | + Maximum size of policy array to return. + schema: + type: integer + Accept: + name: Accept + in: header + description: | + Media types acceptable for the response. Default is application/json. + schema: + type: string + default: application/json + offset: + name: offset + in: query + description: | + Starting point within the complete list of items qualified. + schema: + type: integer + default: 0 + sortBy: + name: sortBy + in: query + description: | + Criteria for sorting. + schema: + type: string + default: createdTime + enum: + - apiName + - version + - createdTime + - status + sortOrder: + name: sortOrder + in: query + description: | + Order of sorting(ascending/descending). + schema: + type: string + default: desc + enum: + - asc + - desc + If-None-Match: + name: If-None-Match + in: header + description: | + Validator for conditional requests; based on the ETag of the formerly retrieved + variant of the resource. + schema: + type: string + If-Match: + name: If-Match + in: header + description: | + Validator for conditional requests; based on ETag. + schema: + type: string + scopeName: + name: scopeId + in: path + description: | + Base64 URL encoded value of the scope name + required: true + schema: + type: string + scopeId: + name: scopeId + in: path + description: | + Scope Id consisting the UUID of the shared scope + required: true + schema: + type: string + threatProtectionPolicyId: + name: policyId + in: path + description: | + The UUID of a Policy + required: true + schema: + type: string + roleId: + name: roleId + in: path + description: | + The Base 64 URL encoded role name with domain. If the given role is in secondary user-store, role ID should be + derived as Base64URLEncode({user-store-name}/{role-name}). If the given role is in PRIMARY user-store, role ID + can be derived as Base64URLEncode(role-name) + required: true + schema: + type: string + alertType: + name: alertType + in: path + description: The alert type. + required: true + schema: + type: string + configurationId: + name: configurationId + in: path + description: The alert configuration id. + required: true + schema: + type: string + tierQuotaType: + name: tierQuotaType + description: Filter the subscription base on tier quota type + in: query + schema: + type: string + envId: + name: envId + in: path + description: | + **Env ID** consisting of the **UUID** of the gateway environment. + required: true + schema: + type: string + requestBodies: + threatProtectionPolicy: + description: | + Threat protection policy request parameter + content: + application/json: + schema: + $ref: '#/components/schemas/ThreatProtectionPolicy' + required: true + securitySchemes: + OAuth2Security: + type: oauth2 + flows: + password: + tokenUrl: https://localhost:9443/oauth2/token + scopes: + type: array + items: test diff --git a/en/docs/catalogs/devportal-api.yaml b/en/docs/catalogs/devportal-api.yaml new file mode 100644 index 000000000..4a44e2738 --- /dev/null +++ b/en/docs/catalogs/devportal-api.yaml @@ -0,0 +1,5744 @@ +# Copyright (c) 2020, WSO2 LLC. (http://www.wso2.org) All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################################ +openapi: 3.0.1 +info: + title: WSO2 API Platform for Kubernetes - Developer Portal + description: | + This document specifies a **RESTful API** for WSO2 **API Platform for Kubernetes(APK)** - **Developer Portal**. + + # Authentication + The Developer Portal REST API is protected using OAuth2 and access control is achieved through scopes (in the initial release + WSO2 does not provide scope support for APIs). Before you start invoking the API, you need to obtain an access token with the required scopes. + This guide will walk you through the steps that you will need to follow to obtain an access token. + First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred + grant types in the payload. A Sample payload is shown below. + ``` + { + "callbackUrl":"www.google.lk", + "clientName":"rest_api_devportal", + "owner":"admin", + "grantType":"client_credentials password refresh_token", + "saasApp":true + } + ``` + Create a file (payload.json) with the above sample payload, and use the cURL shown below to invoke the DCR endpoint. Authorization header of this should contain the + base64 encoded admin username and password. + **Format of the request** + ``` + curl -X POST -H "Authorization: Basic Base64(admin_username:admin_password)" -H "Content-Type: application/json" + \ -d @payload.json https://:/client-registration/v0.17/register + ``` + **Sample request** + ``` + curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" + \ -d @payload.json https://localhost:9443/client-registration/v0.17/register + ``` + Following is a sample response after invoking the above curl. + ``` + { + "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", + "clientName": "rest_api_devportal", + "callBackURL": "www.google.lk", + "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", + "isSaasApplication": true, + "appOwner": "admin", + "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.google.lk\",\"client_name\":\"rest_api_devportal\"}", + "jsonAppAttribute": "{}", + "tokenType": null + } + ``` + Next you must use the above client id and secret to obtain the access token. + We will be using the password grant type for this, you can use any grant type you desire. + You also need to add the proper **scope** when getting the access token. All possible scopes for devportal REST API can be viewed in **OAuth2 Security** section + of this document and scope for each resource is given in **authorization** section of resource documentation. + Following is the format of the request if you are using the password grant type. + ``` + curl -k -d "grant_type=password&username=&password=&scope=" + \ -H "Authorization: Basic base64(client_id:client_secret)" + \ https://:/oauth2/token + ``` + **Sample request** + ``` + curl https://localhost:9443/oauth2/token -k \ + -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ + -d "grant_type=password&username=admin&password=admin&scope=apk:subscribe apk:api_key" + ``` + Shown below is a sample response to the above request. + ``` + { + "access_token": "e79bda48-3406-3178-acce-f6e4dbdcbb12", + "refresh_token": "a757795d-e69f-38b8-bd85-9aded677a97c", + "token_type": "Bearer", + "expires_in": 3600 + } + ``` + Now you have a valid access token, which you can use to invoke an API. + Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. + If you use a different authentication mechanism, this process may change. + + # Try out in Postman + If you want to try-out the embedded postman collection with "Run in Postman" option, please follow the guidelines listed below. + * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. + * Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. + * Make sure you have an API Platform for Kubernetes(APK) instance up and running. + * Update the `basepath` parameter to match the hostname and port of the APK instance. + + contact: + name: WSO2 + url: https://wso2.com/api-manager/ + email: architecture@wso2.com + license: + name: Apache 2.0 + url: http://www.apache.org/licenses/LICENSE-2.0.html + version: v2.1 +servers: + - url: https://apk.wso2.com/api/am/devportal +###################################################### +# The "API Collection" resource APIs +###################################################### +paths: + /apis: + get: + tags: + - APIs + summary: | + Retrieve/Search APIs + description: | + This operation provides you a list of available APIs qualifying under a given search condition. + + Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. + + **NOTE:** + * By default, this operation retrieves Published APIs. In order to retrieve Prototyped APIs, you need to use **query** parameter and specify **status:PROTOTYPED**. + * This operation does not require an Authorization header by default. But if it is provided, it will be validated and checked for permissions of the user, hence you may be able to see APIs which are restricted for special permissions/roles. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + - name: query + in: query + description: | + **Search condition**. + + You can search in attributes by using an **":"** modifier. + + Eg. + "provider:wso2" will match an API if the provider of the API is exactly "wso2". + + Additionally you can use wildcards. + + Eg. + "provider:wso2*" will match an API if the provider of the API starts with "wso2". + + Supported attribute modifiers are [**version, context, status, + description, doc, provider, tag**] + + To search by API Properties provide the query in below format. + + **property_name:property_value** + + Eg. + "environment:test" where environment is the property name and test is the property value. + + If no advanced attribute modifier has been specified, search will match the + given query string against API Name. + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of qualifying APIs is returned. + content: + application/json: + schema: + $ref: '#/components/schemas/APIList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis" + + /apis/{apiId}: + get: + tags: + - APIs + summary: | + Get Details of an API + description: | + Using this operation, you can retrieve complete details of a single API. You need to provide the Id of the API to retrieve it. + + **NOTE:** + * This operation does not require an Authorization header by default. But if it is provided, it will be validated and checked for permissions of the user, hence you may be able to see APIs which are restricted for special permissions/roles. \n + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/c43a325c-260b-4302-81cb-768eafaa3aed" + + /apis/{apiId}/definition: + get: + tags: + - APIs + summary: Get the API Definition + description: | + This operation can be used to retrieve the definition of an API. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Requested definition document of the API is returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIDefinition' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/apk/devportal/v1/apis/7a2298c4-c905-403f-8fac-38c73301631f/definition"' + operationId: getAPIDefinition + + /apis/{apiId}/sdks/{language}: + get: + tags: + - SDKs + summary: | + Generate a SDK for an API + description: | + This operation can be used to generate SDKs (System Development Kits), for the APIs available in the API Developer Portal, for a requested development language. + parameters: + - $ref: '#/components/parameters/apiId' + - name: language + in: path + description: | + Programming language of the SDK that is required. + + Languages supported by default are **Java**, **Javascript**, **Android** and **JMeter**. + required: true + schema: + type: string + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + SDK generated successfully. + content: + application/zip: + schema: + type: string + format: byte + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/sdks/java" + > Petstore_java_1.0.0.zip + + ###################################################### + # The "Document Collection" resource APIs + ###################################################### + /apis/{apiId}/documents: + get: + tags: + - API Documents + summary: | + Get a List of Documents of an API + description: | + This operation can be used to retrieve a list of documents belonging to an API by providing the id of the API. + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's documents, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document list is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/DocumentList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents" + + ###################################################### + # The "Individual Document" resource APIs + ###################################################### + /apis/{apiId}/documents/{documentId}: + get: + tags: + - API Documents + summary: | + Get a Document of an API + description: | + This operation can be used to retrieve a particular document's metadata associated with an API. + + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's document, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Document returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Document' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/c43a325c-260b-4302-81cb-768eafaa3aed/documents/850a4f34-db2c-4d23-9d85-3f95fbfb082c" + + /apis/{apiId}/documents/{documentId}/content: + get: + tags: + - API Documents + summary: | + Get the Content of an API Document + description: | + This operation can be used to retrieve the content of an API's document. + + The document can be of 3 types. In each cases responses are different. + + 1. **Inline type**: + The content of the document will be retrieved in `text/plain` content type + 2. **FILE type**: + The file will be downloaded with the related content type (eg. `application/pdf`) + 3. **URL type**: + The client will receive the URL of the document as the Location header with the response with - `303 See Other` + + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's document content, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/documentId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + File or inline content returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: {} + 303: + description: | + See Other. + Source can be retrieved from the URL specified at the Location header. + headers: + Location: + description: | + The Source URL of the document. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/documents/0bcb7f05-599d-4e1a-adce-5cb89bfe58d5/content" + + /apis/{apiId}/thumbnail: + get: + tags: + - APIs + summary: Get Thumbnail Image + description: | + This operation can be used to download a thumbnail image of an API. + + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's thumbnail, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Thumbnail image returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: {} + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: 'curl -k "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/thumbnail" > image.jpeg' + + /apis/{apiId}/ratings: + get: + tags: + - Ratings + summary: Retrieve API Ratings + description: | + This operation can be used to retrieve the list of ratings of an API. + + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Rating list returned. + content: + application/json: + schema: + $ref: '#/components/schemas/RatingList' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/ratings" + + /apis/{apiId}/user-rating: + get: + tags: + - Ratings + summary: Retrieve API Rating of User + description: | + This operation can be used to get the user rating of an API. + + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Rating returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Rating' + 304: + description: | + Not Modified. + Empty body because the client already has the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/user-rating" + + put: + tags: + - Ratings + summary: Add or Update Logged in User's Rating for an API + description: | + This operation can be used to add or update an API rating. + + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Rating object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Rating' + required: true + responses: + 200: + description: | + OK. + Successful response with the newly created or updated object as entity in the body. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Rating' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/user-rating"' + + delete: + tags: + - Ratings + summary: Delete User API Rating + description: | + This operation can be used to delete logged in user API rating. + + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/user-rating" + + /apis/{apiId}/comments: + get: + tags: + - Comments + summary: Retrieve API Comments + description: | + Get a list of Comments that are already added to APIs + operationId: getAllCommentsOfAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/includeCommenterInfo' + responses: + 200: + description: | + OK. + Comments list is returned. + content: + application/json: + schema: + $ref: '#/components/schemas/CommentList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments" + + post: + tags: + - Comments + summary: Add an API Comment + operationId: addCommentToAPI + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/parentCommentID' + requestBody: + description: | + Comment object that should to be added + content: + application/json: + schema: + title: Post request body + type: object + properties: + content: + type: string + maxLength: 512 + description: | + Content of the comment + example: This is a comment + category: + type: string + description: | + Category of the comment + example: general + required: + - content + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created Comment. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments"' + + /apis/{apiId}/comments/{commentId}: + get: + tags: + - Comments + summary: Get Details of an API Comment + description: | + Get the individual comment given by a user for a certain API. + operationId: getCommentOfAPI + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/includeCommenterInfo' + - $ref: '#/components/parameters/replyLimit' + - $ref: '#/components/parameters/replyOffset' + responses: + 200: + description: | + OK. + Comment returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" + + patch: + tags: + - Comments + summary: Edit a comment + description: | + Edit the individual comment + operationId: editCommentOfAPI + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + requestBody: + description: | + Comment object that should to be updated + content: + application/json: + schema: + title: Patch request body + type: object + properties: + content: + type: string + maxLength: 512 + description: | + Content of the comment + example: This is a comment + category: + type: string + description: | + Category of the comment + example: general + required: true + responses: + 200: + description: | + OK. + Comment updated. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created Comment. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Comment' + 400: + $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 403: + description: | + Forbidden. + The request must be conditional but no condition has been specified. + 404: + $ref: '#/components/responses/NotFound' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -X PATCH -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4"' + + delete: + tags: + - Comments + summary: Delete an API Comment + description: | + Remove a Comment + operationId: deleteComment + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 401: + $ref: '#/components/responses/Unauthorized' + 403: + description: | + Forbidden. + The request must be conditional but no condition has been specified. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 405: + description: | + MethodNotAllowed. + Request method is known by the server but is not supported by the target resource. + content: {} + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:subscribe + - apk:admin # special scope added to moderate comments + x-code-samples: + - lang: Curl + source: curl -k -X DELETE -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4" + + /apis/{apiId}/comments/{commentId}/replies: + get: + tags: + - Comments + summary: Get replies of a comment + description: | + Get replies of a comment + operationId: getRepliesOfComment + parameters: + - $ref: '#/components/parameters/commentId' + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/includeCommenterInfo' + responses: + 200: + description: | + OK. + Comment returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/CommentList' + 401: + $ref: '#/components/responses/Unauthorized' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/comments/d4cf1704-5d09-491c-bc48-4d19ce6ea9b4/replies" + + /apis/{apiId}/topics: + get: + tags: + - Topics + summary: | + Get a list of available topics for a given Async API + description: | + This operation will provide a list of topics available for a given Async API, based on the provided API ID. + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Topic list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TopicList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/apis/5b65808c-cdf2-43e1-a695-de63e3ad0ae9/topics" + + /apis/{apiId}/subscription-policies: + get: + tags: + - APIs + summary: | + Get Details of the Subscription Throttling Policies of an API + description: | + This operation can be used to retrieve details of the subscription throttling policy of an API by specifying the API Id. + + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Throttling Policy returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ThrottlingPolicy' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/268c9e55-3dc1-4f47-82e7-977e5343d077/subscription-policies" + + ###################################################### + # The "Application Collection" resource APIs + ###################################################### + /applications: + get: + tags: + - Applications + summary: | + Retrieve/Search Applications + description: | + This operation can be used to retrieve list of applications that is belonged to the user associated with the provided access token. + parameters: + - $ref: '#/components/parameters/groupId' + - name: query + in: query + description: | + **Search condition**. + + You can search for an application by specifying the name as "query" attribute. + + Eg. + "app1" will match an application if the name is exactly "app1". + + Currently this does not support wildcards. Given name must exactly match the application name. + schema: + type: string + - name: sortBy + in: query + schema: + type: string + enum: + - name + - throttlingPolicy + - status + - name: sortOrder + in: query + schema: + type: string + enum: + - asc + - desc + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Application list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + - apk:app_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/applications?query=CalculatorApp"' + + post: + tags: + - Applications + summary: | + Create a New Application + description: | + This operation can be used to create a new application specifying the details of the application in the payload. + requestBody: + description: | + Application object that is to be created. + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request + schema: + type: string + Location: + description: | + Location of the newly created Application. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the newly created Application. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 400: + $ref: '#/components/responses/BadRequest' + 409: + $ref: '#/components/responses/Conflict' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/applications"' + + ###################################################### + # The "Individual Application" resource APIs + ###################################################### + /applications/{applicationId}: + get: + tags: + - Applications + summary: | + Get Details of an Application + description: | + This operation can be used to retrieve details of an individual application specifying the application id in the URI. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Application returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015"' + + put: + tags: + - Applications + summary: | + Update an Application + description: | + This operation can be used to update an application. Upon successful you will retrieve the updated application as the response. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + Application object that needs to be updated + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + required: true + responses: + 200: + description: | + OK. + Application updated. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + Location: + description: | + The URL of the newly created resource. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015"' + + delete: + tags: + - Applications + summary: | + Remove an Application + description: | + This operation can be used to remove an application specifying its id. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the existing Application. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + - apk:app_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -X DELETE "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015"' + + /applications/{applicationId}/generate-keys: + post: + tags: + - Application Keys + summary: Generate Application Keys + description: | + Generate keys (Consumer key/secret) for application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Application key generation request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyGenerateRequest' + required: true + responses: + 200: + description: | + OK. + Keys are generated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015/generate-keys"' + + /applications/{applicationId}/map-keys: + post: + tags: + - Application Keys + summary: Map Application Keys + description: | + Map keys (Consumer key/secret) to an application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Application key mapping request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyMappingRequest' + required: true + responses: + 200: + description: | + OK. + Keys are mapped. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015/map-keys"' + + /applications/{applicationId}/keys: + get: + tags: + - Application Keys + summary: Retrieve All Application Keys + description: | + Retrieve keys (Consumer key/secret) of application + parameters: + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Keys are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyList' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys"' + + /applications/{applicationId}/keys/{keyType}: + get: + tags: + - Application Keys + summary: | + Get Key Details of a Given Type + description: | + This operation can be used to retrieve key details of an individual application specifying the key type in the URI. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/groupId' + responses: + 200: + description: | + OK. + Keys of given type are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION"' + + put: + tags: + - Application Keys + summary: | + Update Grant Types and Callback Url of an Application + description: | + This operation can be used to update grant types and callback url of an application. (Consumer Key and Consumer Secret are ignored) Upon successful you will retrieve the updated key details as the response. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + requestBody: + description: | + Grant types/Callback URL update request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + required: true + responses: + 200: + description: | + Ok. + Grant types or/and callback url is/are updated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION"' + + /applications/{applicationId}/keys/{keyType}/regenerate-secret: + post: + tags: + - Application Keys + summary: | + Re-Generate Consumer Secret + description: | + This operation can be used to re generate consumer secret for an application for the give key type + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + responses: + 200: + description: | + OK. + Keys are re generated. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in future).‚ + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyReGenerateResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION/regenerate-secret"' + + /applications/{applicationId}/keys/{keyType}/clean-up: + post: + tags: + - Application Keys + summary: Clean-Up Application Keys + description: | + Clean up keys after failed key generation of an application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Clean up is performed + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/applications/896658a0-b4ee-4535-bbfa-806c894a4015/keys/PRODUCTION/clean-up"' + + /applications/{applicationId}/keys/{keyType}/generate-token: + post: + tags: + - Application Tokens + summary: Generate Application Token + description: | + Generate an access token for application by client_credentials grant type + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + Application token generation request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationTokenGenerateRequest' + required: true + responses: + 200: + description: | + OK. + Token is generated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationToken' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + deprecated: true + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/applications/16cd2684-9657-4a01-a956-4efd89e96077/keys/PRODUCTION/generate-token"' + + /applications/{applicationId}/oauth-keys: + get: + tags: + - Application Keys + summary: Retrieve All Application Keys + description: | + Retrieve keys (Consumer key/secret) of application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Keys are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyList' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys"' + + /applications/{applicationId}/oauth-keys/{keyMappingId}: + get: + tags: + - Application Keys + summary: | + Get Key Details of a Given Type + description: | + This operation can be used to retrieve key details of an individual application specifying the key type in the URI. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + - $ref: '#/components/parameters/groupId' + responses: + 200: + description: | + OK. + Keys of given type are returned. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584"' + + put: + tags: + - Application Keys + summary: | + Update Grant Types and Callback URL of an Application + description: | + This operation can be used to update grant types and callback url of an application. (Consumer Key and Consumer Secret are ignored) Upon successful you will retrieve the updated key details as the response. + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + requestBody: + description: | + Grant types/Callback URL update request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + required: true + responses: + 200: + description: | + Ok. + Grant types or/and callback url is/are updated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584"' + + /applications/{applicationId}/oauth-keys/{keyMappingId}/regenerate-secret: + post: + tags: + - Application Keys + summary: | + Re-Generate Consumer Secret + description: | + This operation can be used to re generate consumer secret for an application for the give key type + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + responses: + 200: + description: | + OK. + Keys are re generated. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in future).‚ + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationKeyReGenerateResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584/regenerate-secret"' + + /applications/{applicationId}/oauth-keys/{keyMappingId}/clean-up: + post: + tags: + - Application Keys + summary: Clean-Up Application Keys + description: | + Clean up keys after failed key generation of an application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Clean up is performed + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/devportal/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/df972173-c957-46d4-96ac-99be8e303584/clean-up"' + + /applications/{applicationId}/oauth-keys/{keyMappingId}/generate-token: + post: + tags: + - Application Tokens + summary: Generate Application Token + description: | + Generate an access token for application by client_credentials grant type + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyMappingId' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + Application token generation request object + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationTokenGenerateRequest' + required: true + responses: + 200: + description: | + OK. + Token is generated. + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationToken' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/applications/16cd2684-9657-4a01-a956-4efd89e96077/oauth-keys/{keyMappingId}/generate-token"' + + /applications/{applicationId}/api-keys/{keyType}/generate: + post: + tags: + - API Keys + summary: Generate API Key + description: | + Generate a self contained API Key for the application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + API Key generation request object + content: + application/json: + schema: + $ref: '#/components/schemas/APIKeyGenerateRequest' + required: false + responses: + 200: + description: | + OK. + apikey generated. + content: + application/json: + schema: + $ref: '#/components/schemas/APIKey' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + - apk:api_key + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/applications/16cd2684-9657-4a01-a956-4efd89e96077/api-keys/PRODUCTION/generate"' + + /applications/{applicationId}/api-keys/{keyType}/revoke: + post: + tags: + - API Keys + summary: Revoke API Key + description: | + Revoke a self contained API Key for the application + parameters: + - $ref: '#/components/parameters/applicationId' + - $ref: '#/components/parameters/keyType' + - $ref: '#/components/parameters/If-Match' + requestBody: + description: | + API Key revoke request object + content: + application/json: + schema: + $ref: '#/components/schemas/APIKeyRevokeRequest' + required: false + responses: + 200: + description: | + OK. + apikey revoked successfully. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:app_manage + - apk:api_key + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/applications/16cd2684-9657-4a01-a956-4efd89e96077/api-keys/PRODUCTION/revoke"' + + /applications/export: + get: + tags: + - Import Export + summary: Export an Application + description: | + This operation can be used to export the details of a particular application as a zip file. + parameters: + - name: appName + in: query + description: | + Application Name + required: true + schema: + type: string + - name: appOwner + in: query + description: | + Owner of the Application + required: true + schema: + type: string + - name: withKeys + in: query + description: | + Export application keys + schema: + type: boolean + - name: format + in: query + description: | + Format of output documents. Can be YAML or JSON. + schema: + type: string + enum: + - JSON + - YAML + responses: + 200: + description: | + OK. + Export Successful. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/zip: + schema: + type: string + format: binary + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:app_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/applications/export?appName=sampleApp&appOwner=admin&withKeys=true" + > exportedApplication.zip' + + /applications/import: + post: + tags: + - Import Export + summary: Import an Application + description: | + This operation can be used to import an application. + parameters: + - name: preserveOwner + in: query + description: | + Preserve Original Creator of the Application + schema: + type: boolean + - name: skipSubscriptions + in: query + description: | + Skip importing Subscriptions of the Application + schema: + type: boolean + - name: appOwner + in: query + description: | + Expected Owner of the Application in the Import Environment + schema: + type: string + - name: skipApplicationKeys + in: query + description: | + Skip importing Keys of the Application + schema: + type: boolean + - name: update + in: query + description: | + Update if application exists + schema: + type: boolean + requestBody: + content: + multipart/form-data: + schema: + required: + - file + properties: + file: + type: string + description: | + Zip archive consisting of exported Application Configuration. + format: binary + required: true + responses: + 200: + description: | + OK. + Successful response with the updated object information as entity in the body. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationInfo' + # 207: + # description: | + # Multi Status. + # Partially successful response with skipped APIs information object as entity in the body. + # content: + # application/json: + # schema: + # $ref: '#/components/schemas/APIInfoList' + 400: + $ref: '#/components/responses/BadRequest' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:app_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@exportedApplication.zip "https://127.0.0.1:9443/api/am/devportal/applications/import?preserveOwner=true&skipSubscriptions=false&appOwner=admin&skipApplicationKeys=false&update=true"' + + ###################################################### + # The "Subscription Collection" resource APIs + ###################################################### + /subscriptions: + get: + tags: + - Subscriptions + summary: | + Get All Subscriptions + description: | + This operation can be used to retrieve a list of subscriptions of the user associated with the provided access token. This operation is capable of + + 1. Retrieving applications which are subscribed to a specific API. + `GET https://localhost:9443/api/am/devportal/subscriptions?apiId=c43a325c-260b-4302-81cb-768eafaa3aed` + + 2. Retrieving APIs which are subscribed by a specific application. + `GET https://localhost:9443/api/am/devportal/subscriptions?applicationId=c43a325c-260b-4302-81cb-768eafaa3aed` + + **IMPORTANT:** + * It is mandatory to provide either **apiId** or **applicationId**. + parameters: + - $ref: '#/components/parameters/apiId-Q' + - $ref: '#/components/parameters/applicationId-Q' + - $ref: '#/components/parameters/groupId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Subscription list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SubscriptionList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:subscribe + - apk:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/subscriptions?apiId=02e658e7-71c7-4b1d-a623-be145b789340"' + + post: + tags: + - Subscriptions + summary: | + Add a New Subscription + description: | + This operation can be used to add a new subscription providing the id of the API and the application. + parameters: + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Subscription object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + example: + applicationId: bbcc3be9-e29c-4ba2-a756-d922a5bd6c4d + apiId: abcff4cf-24c5-4298-a7b4-39a1fbd34693 + throttlingPolicy: Unlimited + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the newly created subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the newly created subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apk:subscribe + - apk:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/subscriptions"' + + /subscriptions/multiple: + post: + tags: + - Subscriptions + summary: | + Add New Subscriptions + description: | + This operation can be used to add a new subscriptions providing the ids of the APIs and the applications. + parameters: + - $ref: '#/components/parameters/requestedTenant' + requestBody: + description: | + Subscription objects that should to be added + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Subscription' + example: + - applicationId: bbcc3be9-e29c-4ba2-a756-d922a5bd6c4d + apiId: abcff4cf-24c5-4298-a7b4-39a1fbd34693 + throttlingPolicy: Unlimited + - applicationId: 67543be9-e29c-4ba2-7856-d922a5bd6c4d + apiId: abcff4cf-24c5-4298-a7b4-39a1f7896693 + throttlingPolicy: Bronze + required: true + responses: + 200: + description: | + OK. + Successful response with the newly created objects as entity in the body. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Subscription' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apk:subscribe + - apk:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/subscriptions/multiple"' + + ###################################################### + # The "Subscriptions related to API" resource API + ###################################################### + /subscriptions/{apiId}/additionalInfo: + get: + tags: + - Subscriptions + summary: Get Additional Information of subscriptions attached to an API. + description: | + This operation can be used to retrieve all additional Information of subscriptions attached to an API by providing the API id. + operationId: getAdditionalInfoOfAPISubscriptions + parameters: + - $ref: '#/components/parameters/apiId' + - $ref: '#/components/parameters/groupId' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Types and fields returned successfully. + headers: + Content-Type: + description: | + The content of the body. + schema: + type: string + default: application/json + content: + application/json: + schema: + $ref: '#/components/schemas/AdditionalSubscriptionInfoList' + 404: + description: | + Not Found. + Retrieving types and fields failed. + content: {} + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://localhost:9443/api/am/devportal/subscriptions/e93fb282-b456-48fc-8981-003fb89086ae/additionalInfo"' + + ###################################################### + # The "Individual Subscription" resource APIs + ###################################################### + /subscriptions/{subscriptionId}: + get: + tags: + - Subscriptions + summary: | + Get Details of a Subscription + description: | + This operation can be used to get details of a single subscription. + parameters: + - $ref: '#/components/parameters/subscriptionId' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Subscription returned + headers: + ETag: + description: Entity Tag of the response resource. Used by caches, or + in conditional requests. + schema: + type: string + Last-Modified: + description: Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:subscribe + - apk:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9"' + + put: + tags: + - Subscriptions + summary: | + Update Existing Subscription + description: | + This operation can be used to update a subscription providing the subscription id, api id, application Id, status and updated throttling policy tier. + parameters: + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/subscriptionId' + requestBody: + description: | + Subscription object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + required: true + responses: + 200: + description: | + Subscription Updated. + Successful response with the updated object as entity in the body. + Location header contains URL of newly updates entity. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional request. + schema: + type: string + Location: + description: | + Location to the updated subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Subscription' + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the updated subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + description: | + Not Found. + Requested Subscription does not exist. + content: {} + 415: + description: | + Unsupported media type. + The entity of the request was in a not supported format. + content: {} + security: + - OAuth2Security: + - apk:subscribe + - apk:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X PUT -d @data.json "https://localhost:9443/api/am/devportal/subscriptions/80369180-7d90-4ee8-99a1-19fa68512aa5"' + + delete: + tags: + - Subscriptions + summary: | + Remove a Subscription + description: | + This operation can be used to remove a subscription. + parameters: + - $ref: '#/components/parameters/subscriptionId' + - $ref: '#/components/parameters/If-Match' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the existing subscription. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' + security: + - OAuth2Security: + - apk:subscribe + - apk:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X DELETE "https://localhost:9443/api/am/devportal/subscriptions/80369180-7d90-4ee8-99a1-19fa68512aa5"' + + /subscriptions/{subscriptionId}/usage: + get: + tags: + - API Monetization + summary: Get Details of a Pending Invoice for a Monetized Subscription with + Metered Billing. + description: | + This operation can be used to get details of a pending invoice for a monetized subscription with metered billing. + parameters: + - $ref: '#/components/parameters/subscriptionId' + responses: + 200: + description: | + OK. + Details of a pending invoice returned. + headers: + ETag: + description: Entity Tag of the response resource. Used by caches, or + in conditional requests (Will be supported in future). + schema: + type: string + Last-Modified: + description: Date and time the resource has been modified the last time. + Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/APIMonetizationUsage' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:subscribe + - apk:sub_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/subscriptions/5b65808c-cdf2-43e1-a695-de63e3ad0ae9/usage"' + + ###################################################### + # The "Throttling Policy Collection" resource APIs + ###################################################### + /throttling-policies/{policyLevel}: + get: + tags: + - Throttling Policies + summary: Get All Available Throttling Policies + description: | + This operation can be used to get all available application or subscription level throttling policies + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/policyLevel' + - $ref: '#/components/parameters/If-None-Match' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + List of throttling policies returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ThrottlingPolicyList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/throttling-policies/application" + + ###################################################### + # The "Individual Throttling Policy" resource APIs + ###################################################### + /throttling-policies/{policyLevel}/{policyId}: + get: + tags: + - Throttling Policies + summary: | + Get Details of a Throttling Policy + description: | + This operation can be used to retrieve details of a single throttling policy by specifying the policy level and policy name. + + parameters: + - $ref: '#/components/parameters/policyId' + - $ref: '#/components/parameters/policyLevel' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Throttling Policy returned + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + Last-Modified: + description: | + Date and time the resource has been modified the last time. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ThrottlingPolicy' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/throttling-policies/application/10PerMin" + + ###################################################### + # The "Tag Collection" resource API + ###################################################### + /tags: + get: + tags: + - Tags + summary: | + Get All Tags + description: | + This operation can be used to retrieve a list of tags that are already added to APIs. + + **NOTE:** + * This operation does not require an Authorization header by default. But in order to see a restricted API's tags, you need to provide Authorization header. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Tag list is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TagList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/tags" + + ###################################################### + # The "Content Search Results" resource APIs + ###################################################### + /search: + get: + tags: + - Unified Search + summary: | + Retrieve/Search APIs and API Documents by Content + description: | + This operation provides you a list of available APIs and API Documents qualifying the given keyword match. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/requestedTenant' + - name: query + in: query + description: | + **Search**. + + You can search by using providing the search term in the query parameters. + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + List of qualifying APIs and docs is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/SearchResultList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/search?query=PizzaShackAPI" + + ###################################################### + # The "SDK Generation Languages" list resource APIs + ###################################################### + /sdk-gen/languages: + get: + tags: + - SDKs + summary: | + Get a List of Supported SDK Languages + description: | + This operation will provide a list of programming languages that are supported by the swagger codegen library for generating System Development Kits (SDKs) for APIs available in the API Platform for Kubernetes (APK) Developer Portal. + responses: + 200: + description: | + OK. + List of supported languages for generating SDKs. + content: + application/json: + example : ["android","java","javascript","jmeter"] + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/sdk-gen/languages" + + ###################################################### + # The Web hook API topic details + ###################################################### + /webhooks/subscriptions: + get: + tags: + - Webhooks + summary: | + Get available web hook subscriptions for a given application. + description: | + This operation will provide a list of web hook topic subscriptions for a given application. If the api id is provided + results will be filtered by the api Id. + parameters: + - $ref: '#/components/parameters/applicationId-Q' + - $ref: '#/components/parameters/apiId-Q' + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Topic list returned. + headers: + ETag: + description: | + Entity Tag of the response resource. + Used by caches, or in conditional requests. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WebhookSubscriptionList' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k -H "Authorization:Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/webhooks/subscriptions?applicationId=5b65808c-cdf2-43e1-a695-de63e3ad0ae9&apiId=ae4eae22-3f65-387b-a171-d37eaa366fa8" + + ###################################################### + # The Developer Portal settings List + ###################################################### + /settings: + get: + tags: + - Settings + summary: Retrieve Developer Portal settings + description: | + Retreive Developer Portal settings + parameters: + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Settings returned + content: + application/json: + schema: + $ref: '#/components/schemas/Settings' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:store_settings + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/settings"' + + /settings/application-attributes: + get: + tags: + - Settings + summary: | + Get All Application Attributes from Configuration + description: | + This operation can be used to retrieve the application attributes from configuration. It will not return hidden attributes. + parameters: + - $ref: '#/components/parameters/If-None-Match' + responses: + 200: + description: | + OK. + Application attributes returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationAttributeList' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/settings/application-attributes"' + + ###################################################### + # The tenant resource APIs + ###################################################### + /tenants: + get: + tags: + - Tenants + summary: | + Get Tenants by State + description: | + This operation is used to get tenants by state + parameters: + - name: state + in: query + description: | + The state represents the current state of the tenant + + Supported states are [ active, inactive] + schema: + type: string + default: active + enum: + - active + - inactive + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + responses: + 200: + description: | + OK. + Tenant names returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TenantList' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/tenants" + + ###################################################### + # The "Recommendations" resource API + ###################################################### + /recommendations: + get: + tags: + - Recommendations + summary: Give API Recommendations for a User + description: This API can be used to get recommended APIs for a user who logs + into the API Developer Portal + responses: + 200: + description: | + OK. + Requested recommendations are returned + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/Recommendations' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/recommendations"' + + ###################################################### + # The "Category Collection" resource API + ###################################################### + /api-categories: + get: + tags: + - API Categories + summary: Get All API Categories + description: | + Get all API categories + parameters: + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Categories returned + content: + application/json: + schema: + $ref: '#/components/schemas/APICategoryList' + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/api-categories" + + ###################################################### + # The "Key Manager Collection" resource API + ###################################################### + /key-managers: + get: + tags: + - Key Managers + summary: Get All Key Managers + description: | + Get all Key managers + parameters: + - $ref: '#/components/parameters/requestedTenant' + responses: + 200: + description: | + OK. + Key Manager list returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerList' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://localhost:9443/api/am/devportal/key-managers"' + + ###################################################### + # GraphQL "Query Complexity" resource APIs + ###################################################### + /apis/{apiId}/graphql-policies/complexity: + get: + tags: + - GraphQL Policies + summary: Get the Complexity Related Details of an API + description: | + This operation can be used to retrieve complexity related details belonging to an API by providing the API id. + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Requested complexity details returned. + headers: + Content-Type: + description: | + The content of the body. + schema: + type: string + default: application/json + content: + application/json: + schema: + $ref: '#/components/schemas/GraphQLQueryComplexityInfo' + 404: + description: | + Not Found. + Requested API does not contain any complexity details. + content: {} + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/graphql-policies/complexity" + + /apis/{apiId}/graphql-policies/complexity/types: + get: + tags: + - GraphQL Policies + summary: Retrieve Types and Fields of a GraphQL Schema + description: | + This operation can be used to retrieve all types and fields of the GraphQL Schema by providing the API id. + parameters: + - $ref: '#/components/parameters/apiId' + responses: + 200: + description: | + OK. + Types and fields returned successfully. + headers: + Content-Type: + description: | + The content of the body. + schema: + type: string + default: application/json + content: + application/json: + schema: + $ref: '#/components/schemas/GraphQLSchemaTypeList' + 404: + description: | + Not Found. + Retrieving types and fields failed. + content: {} + security: + - OAuth2Security: [] + x-code-samples: + - lang: Curl + source: curl -k "https://localhost:9443/api/am/devportal/apis/e93fb282-b456-48fc-8981-003fb89086ae/graphql-policies/complexity/types" + + ###################################################### + # User resource APIs + ###################################################### + /me/change-password: + post: + tags: + - Users + summary: Change the Password of the user + description: | + Using this operation, logged-in user can change their password. + operationId: changeUserPassword + requestBody: + description: | + Current and new password of the user + content: + application/json: + schema: + $ref: '#/components/schemas/CurrentAndNewPasswords' + required: true + responses: + 200: + description: OK. User password changed successfully + content: {} + 400: + $ref: '#/components/responses/BadRequest' + security: + - OAuth2Security: + - apk:subscribe + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/devportal/me/change-password"' + +components: + schemas: + APIList: + title: API List + type: object + properties: + count: + type: integer + description: | + Number of APIs returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIInfo' + pagination: + $ref: '#/components/schemas/Pagination' + example: + count: 2 + list: + - id: 01234567-0123-0123-0123-012345678901 + name: CalculatorAPI + description: A calculator API that supports basic operations + context: /CalculatorAPI + version: 1.0.0 + type: HTTP + provider: admin + lifeCycleStatus: PUBLISHED + thumbnailUri: /apis/01234567-0123-0123-0123-012345678901/thumbnail + avgRating: 4.3 + throttlingPolicies: [Unlimited] + advertiseInfo: + advertised: false, + apiExternalProductionEndpoint: null, + apiExternalSandboxEndpoint: null, + originalDevPortalUrl: null, + apiOwner: null + businessInformation: + businessOwner: Jane Roe + businessOwnerEmail: businessowner@wso2.com + technicalOwner: John Doe + technicalOwnerEmail: technicalowner@wso2.com + isSubscriptionAvailable: true + monetizationLabel: null + - id: 01123567-1233-5453-0212-12353678901 + name: PizzaShackAPI + description: A Pizza ordering API + context: /PizzaShackAPI + version: 1.0.0 + type: HTTP + provider: admin + lifeCycleStatus: PUBLISHED + thumbnailUri: /apis/01123567-1233-5453-0212-12353678901/thumbnail + avgRating: 4.3 + throttlingPolicies: [ Unlimited ] + advertiseInfo: + advertised: false, + apiExternalProductionEndpoint: null, + apiExternalSandboxEndpoint: null, + originalDevPortalUrl: null, + apiOwner: null + businessInformation: + businessOwner: Jane Roe + businessOwnerEmail: businessowner@wso2.com + technicalOwner: John Doe + technicalOwnerEmail: technicalowner@wso2.com + isSubscriptionAvailable: true + monetizationLabel: null + pagination: + offset: 2 + limit: 2 + total: 10 + next: /apis?limit=2&offset=4 + previous: /apis?limit=2&offset=0 + APIInfo: + title: API Info object with basic API details. + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorAPI + description: + type: string + example: A calculator API that supports basic operations + context: + type: string + example: CalculatorAPI + version: + type: string + example: 1.0.0 + type: + type: string + example: WS + createdTime: + type: string + example: 1614020559444 + provider: + type: string + description: | + If the provider value is not given, the user invoking the API will be used as the provider. + example: admin + lifeCycleStatus: + type: string + example: PUBLISHED + thumbnailUri: + type: string + example: /apis/01234567-0123-0123-0123-012345678901/thumbnail + avgRating: + type: string + description: Average rating of the API + example: "4.5" + throttlingPolicies: + type: array + description: List of throttling policies of the API + example: + - Unlimited + - Bronze + items: + type: string + advertiseInfo: + $ref: '#/components/schemas/AdvertiseInfo' + businessInformation: + $ref: '#/components/schemas/APIBusinessInformation' + isSubscriptionAvailable: + type: boolean + example: false + monetizationLabel: + type: string + example: Free + gatewayVendor: + type: string + example: WSO2 + additionalProperties: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + description: | + Custom(user defined) properties of API + example: { } + APIInfoList: + title: API Info List + type: object + properties: + count: + type: integer + description: | + Number of API Info objects returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIInfo' + APIDefinition: + title: API Schema + required: + - type + type: object + properties: + type: + type: string + enum: + - swagger + - graphql + - wsdl + - async + schemaDefinition: + type: string + API: + title: API object + required: + - context + - lifeCycleStatus + - name + - provider + - version + type: object + properties: + id: + type: string + description: | + UUID of the api + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + description: Name of the API + example: CalculatorAPI + description: + type: string + description: A brief description about the API + example: A calculator API that supports basic operations + context: + type: string + description: A string that represents the context of the user's request + example: CalculatorAPI + version: + type: string + description: The version of the API + example: 1.0.0 + provider: + type: string + description: | + If the provider value is not given user invoking the api will be used as the provider. + example: admin + apiDefinition: + type: string + description: | + Swagger definition of the API which contains details about URI templates and scopes + example: '{"paths":{"\/subtract":{"get":{"x-auth-type":"Application & Application + User","x-throttling-tier":"Unlimited","parameters":[{"name":"x","required":true,"type":"string","in":"query"},{"name":"y","required":true,"type":"string","in":"query"}],"responses":{"200":{}}}},"\/add":{"get":{"x-auth-type":"Application + & Application User","x-throttling-tier":"Unlimited","parameters":[{"name":"x","required":true,"type":"string","in":"query"},{"name":"y","required":true,"type":"string","in":"query"}],"responses":{"200":{}}}}},"swagger":"2.0","info":{"title":"CalculatorAPI","version":"1.0.0"}}' + wsdlUri: + type: string + description: | + WSDL URL if the API is based on a WSDL endpoint + example: http://www.webservicex.com/globalweather.asmx?wsdl + lifeCycleStatus: + type: string + description: This describes in which status of the lifecycle the API is. + example: PUBLISHED + isDefaultVersion: + type: boolean + example: false + type: + type: string + description: This describes the transport type of the API + example: HTTP + transport: + type: array + example: + - http + - https + items: + type: string + description: | + Supported transports for the API (http and/or https). + operations: + type: array + example: [] + items: + $ref: '#/components/schemas/APIOperations' + authorizationHeader: + type: string + description: | + Name of the Authorization header used for invoking the API. If it is not set, Authorization header name specified + in tenant or system level will be used. + example: Authorization + securityScheme: + type: array + description: | + Types of API security, the current API secured with. It can be either OAuth2 or mutual SSL or both. If + it is not set OAuth2 will be set as the security for the current API. + example: + - oauth2 + - oauth_basic_auth_api_key_mandatory + items: + type: string + tags: + type: array + description: Search keywords related to the API + example: + - subtract + - add + items: + type: string + tiers: + type: array + description: The subscription tiers selected for the particular API + items: + type: object + properties: + tierName: + type: string + example: Gold + tierPlan: + type: string + example: COMMERCIAL + monetizationAttributes: + type: object + properties: + fixedPrice: + type: string + example: "10" + pricePerRequest: + type: string + example: "1" + currencyType: + type: string + example: USD + billingCycle: + type: string + example: month + hasThumbnail: + type: boolean + example: true + default: false + additionalProperties: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + display: + type: boolean + description: | + Custom(user defined) properties of API + example: {} + monetization: + $ref: '#/components/schemas/APIMonetizationInfo' + endpointURLs: + type: array + items: + type: object + properties: + environmentName: + type: string + example: Default + environmentDisplayName: + type: string + example: Default + environmentType: + type: string + example: hybrid + URLs: + type: object + properties: + http: + type: string + description: HTTP environment URL + example: http://localhost:8280/phoneverify/1.0.0 + https: + type: string + description: HTTPS environment URL + example: https://localhost:8243/phoneverify/1.0.0 + ws: + type: string + description: WS environment URL + example: ws://localhost:9099/phoneverify/1.0.0 + wss: + type: string + description: WSS environment URL + example: wss://localhost:9099/phoneverify/1.0.0 + defaultVersionURLs: + type: object + properties: + http: + type: string + description: HTTP environment default URL + example: http://localhost:8280/phoneverify/ + https: + type: string + description: HTTPS environment default URL + example: https://localhost:8243/phoneverify/ + ws: + type: string + description: WS environment default URL + example: ws://localhost:9099/phoneverify/ + wss: + type: string + description: WSS environment default URL + example: wss://localhost:9099/phoneverify/ + businessInformation: + $ref: '#/components/schemas/APIBusinessInformation' + environmentList: + type: array + description: The environment list configured with non empty endpoint URLs + for the particular API. + example: + - PRODUCTION + - SANDBOX + items: + type: string + scopes: + type: array + items: + $ref: '#/components/schemas/ScopeInfo' + avgRating: + type: string + description: The average rating of the API + example: "4.5" + advertiseInfo: + $ref: '#/components/schemas/AdvertiseInfo' + isSubscriptionAvailable: + type: boolean + example: false + categories: + type: array + description: | + API categories + items: + type: string + example: "Marketing" + sdk: + type: array + description: | + Supported SDK + example: [] + items: + type: string + keyManagers: + type: object + properties: {} + description: | + API Key Managers + example: ["all"] + createdTime: + type: string + example: 2020-10-31T13:57:16.229 + lastUpdatedTime: + type: string + example: 2020-10-31T13:57:16.229 + gatewayVendor: + title: Gateway vendor of the API + type: string + example: + wso2 + asyncTransportProtocols: + type: array + description: | + Supported transports for the Async API. + example: + - http + - mqtt + items: + type: string + APIMonetizationInfo: + title: API monetization object + required: + - enabled + type: object + properties: + enabled: + type: boolean + description: Flag to indicate the monetization status + example: true + ApplicationList: + title: Application List + type: object + properties: + count: + type: integer + description: | + Number of applications returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationInfo' + pagination: + $ref: '#/components/schemas/Pagination' + Application: + title: Application + required: + - name + - throttlingPolicy + type: object + properties: + applicationId: + type: string + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 100 + minLength: 1 + type: string + example: CalculatorApp + throttlingPolicy: + minLength: 1 + type: string + example: Unlimited + description: + maxLength: 512 + type: string + example: Sample calculator application + tokenType: + type: string + description: | + Type of the access token generated for this application. + + **OAUTH:** A UUID based access token + **JWT:** A self-contained, signed JWT based access token which is issued by default. + example: JWT + default: JWT + enum: + - OAUTH + - JWT + status: + type: string + readOnly: true + example: APPROVED + default: "" + groups: + type: array + example: [] + items: + type: string + subscriptionCount: + type: integer + readOnly: true + keys: + type: array + readOnly: true + example: [] + items: + $ref: '#/components/schemas/ApplicationKey' + attributes: + type: object + additionalProperties: + type: string + example: {} + subscriptionScopes: + type: array + example: [] + items: + $ref: '#/components/schemas/ScopeInfo' + owner: + type: string + description: | + Application created user + readOnly: true + example: admin + hashEnabled: + type: boolean + readOnly: true + example: false + createdTime: + type: string + readOnly: true + example: 1651555310208 + updatedTime: + type: string + readOnly: true + example: 1651555310208 + ApplicationInfo: + title: Application info object with basic application details + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + throttlingPolicy: + type: string + example: Unlimited + description: + type: string + example: Sample calculator application + status: + type: string + example: APPROVED + default: "" + groups: + type: array + example: "" + items: + type: string + subscriptionCount: + type: integer + attributes: + type: object + properties: {} + example: External Reference ID, Billing Tier + owner: + type: string + example: admin + createdTime: + type: string + readOnly: true + example: 1651555310208 + updatedTime: + type: string + readOnly: true + example: 1651555310208 + DocumentList: + title: Document List + type: object + properties: + count: + type: integer + description: | + Number of Documents returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Document' + pagination: + $ref: '#/components/schemas/Pagination' + Document: + title: Document + required: + - name + - sourceType + - type + type: object + properties: + documentId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorDoc + type: + type: string + example: HOWTO + enum: + - HOWTO + - SAMPLES + - PUBLIC_FORUM + - SUPPORT_FORUM + - API_MESSAGE_FORMAT + - SWAGGER_DOC + - OTHER + summary: + type: string + example: Summary of Calculator Documentation + sourceType: + type: string + example: INLINE + enum: + - INLINE + - MARKDOWN + - URL + - FILE + sourceUrl: + type: string + example: "" + otherTypeName: + type: string + example: "" + ThrottlingPolicyList: + title: Throttling Policy List + type: object + properties: + count: + type: integer + description: | + Number of Throttling Policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ThrottlingPolicy' + pagination: + $ref: '#/components/schemas/Pagination' + ThrottlingPolicy: + title: Throttling Policy + required: + - name + - requestCount + - stopOnQuotaReach + - tierPlan + - unitTime + type: object + properties: + name: + type: string + example: Platinum + description: + type: string + example: Allows 50 request(s) per minute. + policyLevel: + type: string + example: subscription + enum: + - application + - subscription + attributes: + type: object + additionalProperties: + type: string + description: | + Custom attributes added to the throttling policy + example: {} + requestCount: + type: integer + description: | + Maximum number of requests which can be sent within a provided unit time + format: int64 + example: 50 + dataUnit: + description: | + Unit of data allowed to be transferred. Allowed values are "KB", "MB" and "GB" + type: string + example: KB + unitTime: + type: integer + format: int64 + example: 60000 + timeUnit: + type: string + example: min + rateLimitCount: + type: integer + default: 0 + description: Burst control request count + example: 10 + rateLimitTimeUnit: + type: string + description: Burst control time unit + example: min + quotaPolicyType: + type: string + description: Default quota limit type + enum: + - REQUESTCOUNT + - BANDWIDTHVOLUME + example: REQUESTCOUNT + tierPlan: + type: string + description: | + This attribute declares whether this tier is available under commercial or free + example: FREE + enum: + - FREE + - COMMERCIAL + stopOnQuotaReach: + type: boolean + description: | + If this attribute is set to false, you are capable of sending requests + even if the request count exceeded within a unit time + example: true + monetizationAttributes: + $ref: '#/components/schemas/MonetizationInfo' + throttlingPolicyPermissions: + $ref: '#/components/schemas/ThrottlingPolicyPermissionInfo' + SubscriptionList: + title: Subscription List + type: object + properties: + count: + type: integer + description: | + Number of Subscriptions returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Subscription' + pagination: + $ref: '#/components/schemas/Pagination' + TopicList: + title: Topic List + type: object + properties: + count: + type: integer + description: | + Number of Topics returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Topic' + pagination: + $ref: '#/components/schemas/Pagination' + Topic: + title: Topic + type: object + properties: + apiId: + type: string + example: faae5fcc-cbae-40c4-bf43-89931630d313 + name: + type: string + example: orderBooks + type: + type: string + example: publisher + WebhookSubscriptionList: + title: Subscribed Webhook List + type: object + properties: + count: + type: integer + description: | + Number of webhook subscriptions returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/WebhookSubscription' + pagination: + $ref: '#/components/schemas/Pagination' + WebhookSubscription: + title: Webhook Subscription + type: object + properties: + apiId: + type: string + example: faae5fcc-cbae-40c4-bf43-89931630d313 + appId: + type: string + example: faae5fcc-cbae-40c4-bf43-89931630d313 + topic: + type: string + example: orderBooks + callBackUrl: + type: string + example: www.orderbooksite.com + deliveryTime: + type: string + example: faae5fcc-cbae-40c4-bf43-89931630d313 + deliveryStatus: + type: integer + example: 1 + APIBusinessInformation: + type: object + properties: + businessOwner: + type: string + example: businessowner + businessOwnerEmail: + type: string + example: businessowner@wso2.com + technicalOwner: + type: string + example: technicalowner + technicalOwnerEmail: + type: string + example: technicalowner@wso2.com + Subscription: + title: Subscription + required: + - applicationId + - throttlingPolicy + type: object + properties: + subscriptionId: + type: string + description: The UUID of the subscription + readOnly: true + example: faae5fcc-cbae-40c4-bf43-89931630d313 + applicationId: + type: string + description: The UUID of the application + example: b3ade481-30b0-4b38-9a67-498a40873a6d + apiId: + type: string + description: The unique identifier of the API. + example: 2962f3bb-8330-438e-baee-0ee1d6434ba4 + apiInfo: + $ref: '#/components/schemas/APIInfo' + applicationInfo: + $ref: '#/components/schemas/ApplicationInfo' + throttlingPolicy: + type: string + example: Unlimited + requestedThrottlingPolicy: + type: string + example: Unlimited + status: + type: string + example: UNBLOCKED + enum: + - BLOCKED + - PROD_ONLY_BLOCKED + - UNBLOCKED + - ON_HOLD + - REJECTED + - TIER_UPDATE_PENDING + - DELETE_PENDING + redirectionParams: + type: string + description: A url and other parameters the subscriber can be redirected. + readOnly: true + example: "" + Tag: + title: Tag + type: object + properties: + value: + type: string + example: tag1 + count: + type: integer + example: 5 + TagList: + title: Tag List + type: object + properties: + count: + type: integer + description: | + Number of Tags returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Tag' + pagination: + $ref: '#/components/schemas/Pagination' + Rating: + title: Rating + required: + - rating + type: object + properties: + ratingId: + type: string + readOnly: true + example: 32acfa7a-77f8-4fe0-bb7f-a902f36546d0 + apiId: + type: string + readOnly: true + example: e93fb282-b456-48fc-8981-003fb89086ae + ratedBy: + maxLength: 50 + type: string + readOnly: true + example: admin + rating: + type: integer + example: 4 + RatingList: + title: Rating List + type: object + properties: + avgRating: + type: string + description: | + Average Rating of the API + example: "4" + userRating: + type: integer + description: | + Rating given by the user + example: 4 + count: + type: integer + description: | + Number of Subscriber Ratings returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Rating' + pagination: + $ref: '#/components/schemas/Pagination' + Comment: + title: Comment + required: + - content + type: object + properties: + id: + type: string + readOnly: true + example: 943d3002-000c-42d3-a1b9-d6559f8a4d49 + content: + maxLength: 512 + type: string + example: This is a comment + createdTime: + type: string + readOnly: true + example: 2021-02-11-09:57:25 + createdBy: + type: string + readOnly: true + example: admin + updatedTime: + type: string + readOnly: true + example: 2021-02-12-19:57:25 + category: + type: string + readOnly: true + default: general + example : general + parentCommentId: + type: string + readOnly: true + example: 6f38aea2-f41e-4ac9-b3f2-a9493d00ba97 + entryPoint: + type: string + readOnly: true + enum: [devPortal, publisher] + commenterInfo: + $ref: '#/components/schemas/CommenterInfo' + replies: + $ref: '#/components/schemas/CommentList' + CommentList: + title: Comments List + type: object + properties: + count: + type: integer + readOnly: true + description: | + Number of Comments returned. + example: 1 + list: + type: array + readOnly: true + items: + $ref: '#/components/schemas/Comment' + pagination: + $ref: '#/components/schemas/Pagination' + Error: + title: Error object returned with 4XX HTTP status + required: + - code + - message + type: object + properties: + code: + type: integer + format: int64 + message: + type: string + description: Error message. + description: + type: string + description: | + A detail description about the error message. + moreInfo: + type: string + description: | + Preferably an url with more details about the error. + error: + type: array + description: | + If there are more than one error list them out. + For example, list out validation errors by each field. + items: + $ref: '#/components/schemas/ErrorListItem' + ErrorListItem: + title: Description of individual errors that may have occurred during a request. + required: + - code + - message + type: object + properties: + code: + type: string + message: + type: string + description: | + Description about individual errors occurred + ApplicationToken: + title: Application token details to invoke APIs + type: object + properties: + accessToken: + type: string + description: Access token + example: 1.2345678901234568E30 + tokenScopes: + type: array + description: Valid comma separated scopes for the access token + example: + - default + - read_api + - write_api + items: + type: string + validityTime: + type: integer + description: Maximum validity time for the access token + format: int64 + example: 3600 + APIKey: + title: API Key details to invoke APIs + type: object + properties: + apikey: + type: string + description: API Key + example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= + validityTime: + type: integer + format: int32 + example: 3600 + ApplicationKey: + title: Application key details + type: object + properties: + keyMappingId: + type: string + description: Key Manager Mapping UUID + readOnly: true + example: 92ab520c-8847-427a-a921-3ed19b15aad7 + keyManager: + type: string + description: Key Manager Name + example: Resident Key Manager + consumerKey: + type: string + description: Consumer key of the application + readOnly: true + example: vYDoc9s7IgAFdkSyNDaswBX7ejoa + consumerSecret: + type: string + description: Consumer secret of the application + readOnly: true + example: TIDlOFkpzB7WjufO3OJUhy1fsvAa + supportedGrantTypes: + type: array + description: The grant types that are supported by the application + example: + - client_credentials + - password + items: + type: string + callbackUrl: + type: string + description: Callback URL + example: http://sample.com/callback/url + keyState: + type: string + description: Describes the state of the key generation. + example: APPROVED + keyType: + type: string + description: Describes to which endpoint the key belongs + example: PRODUCTION + enum: + - PRODUCTION + - SANDBOX + mode: + type: string + description: Describe the which mode Application Mapped. + example: CREATED + enum: + - MAPPED + - CREATED + groupId: + type: string + description: Application group id (if any). + example: "2" + token: + $ref: '#/components/schemas/ApplicationToken' + additionalProperties: + type: object + properties: {} + description: additionalProperties (if any). + ApplicationKeyReGenerateResponse: + title: Application key details after re generating consumer secret + type: object + properties: + consumerKey: + type: string + description: The consumer key associated with the application, used to identify + the client + example: vYDoc9s7IgAFdkSyNDaswBX7ejoa + consumerSecret: + type: string + description: The client secret that is used to authenticate the client with + the authentication server + example: TIDlOFkpzB7WjufO3OJUhy1fsvAa + ApplicationKeyList: + title: Application Keys List + type: object + properties: + count: + type: integer + description: | + Number of applications keys returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationKey' + ApplicationKeyGenerateRequest: + title: Application key generation request object + required: + - grantTypesToBeSupported + - keyType + type: object + properties: + keyType: + type: string + enum: + - PRODUCTION + - SANDBOX + keyManager: + type: string + description: key Manager to Generate Keys + example: Resident Key Manager + grantTypesToBeSupported: + type: array + description: Grant types that should be supported by the application + example: + - password + - client_credentials + items: + type: string + callbackUrl: + type: string + description: Callback URL + example: http://sample.com/callback/url + validityTime: + type: string + example: "3600" + clientId: + type: string + description: Client ID for generating access token. + readOnly: true + example: sZzoeSCI_vL2cjSXZQmsmV8JEyga + clientSecret: + type: string + description: Client secret for generating access token. This is given together + with the client Id. + readOnly: true + example: nrs3YAP4htxnz_DqpvGhf9Um04oa + additionalProperties: + type: object + properties: {} + description: Additional properties needed. + example: {} + ApplicationKeyMappingRequest: + title: Application key provision request object + required: + - consumerKey + - keyType + type: object + properties: + consumerKey: + type: string + description: Consumer key of the application + example: oYhwZu4P2ThDmiDprBk6c0YfjR8a + consumerSecret: + type: string + description: Consumer secret of the application + example: ondWGtFTCOVM4sfPyOfZ7fel610a + keyManager: + type: string + description: Key Manager Name + example: Resident Key Manager + keyType: + type: string + enum: + - PRODUCTION + - SANDBOX + ApplicationTokenGenerateRequest: + title: Application access token generation request object + type: object + properties: + consumerSecret: + type: string + description: Consumer secret of the application + example: cV5pvyisxug5b5QZInq9cGZrMOMa + validityPeriod: + type: integer + description: Token validity period + format: int64 + example: 3600 + revokeToken: + type: string + description: Token to be revoked, if any + example: "" + grantType: + type: string + default: CLIENT_CREDENTIALS + enum: + - CLIENT_CREDENTIALS + - TOKEN_EXCHANGE + additionalProperties: + type: object + properties: {} + description: Additional parameters if Authorization server needs any + APIKeyGenerateRequest: + title: API Key generation request object + type: object + properties: + validityPeriod: + type: integer + description: Token validity period + format: int32 + example: 3600 + additionalProperties: + type: object + properties: {} + description: Additional parameters if Authorization server needs any + APIKeyRevokeRequest: + title: API Key revoke request object + type: object + properties: + apikey: + type: string + description: API Key to revoke + example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= + ScopeInfo: + title: API Scope info object with scope details + type: object + properties: + key: + type: string + example: admin_scope + name: + type: string + example: admin scope + roles: + type: array + description: Allowed roles for the scope + example: + - manager + - developer + items: + type: string + description: + type: string + description: Description of the scope + ScopeList: + title: Scope list + type: object + properties: + count: + type: integer + description: | + Number of results returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ScopeInfo' + pagination: + $ref: '#/components/schemas/Pagination' + ThrottlingPolicyPermissionInfo: + title: Throttling Policy Permission info object with throttling policy permission + details + type: object + properties: + type: + type: string + enum: + - allow + - deny + roles: + type: array + description: roles for this permission + example: + - manager + - developer + items: + type: string + MonetizationInfo: + title: Monetization + type: object + properties: + billingType: + type: string + example: fixedPrice + enum: + - fixedPrice + - dynamicRate + billingCycle: + type: string + example: month + fixedPrice: + type: string + example: "10" + pricePerRequest: + type: string + example: "1" + currencyType: + type: string + example: USD + APIMonetizationUsage: + title: API monetization usage object + type: object + properties: + properties: + type: object + additionalProperties: + type: string + description: Map of custom properties related to monetization usage + WorkflowResponse: + title: workflow Response + required: + - workflowStatus + type: object + properties: + workflowStatus: + type: string + description: | + This attribute declares whether this workflow task is approved or rejected. + example: APPROVED + enum: + - CREATED + - APPROVED + - REJECTED + - REGISTERED + jsonPayload: + type: string + description: | + Attributes that returned after the workflow execution + User: + title: User + required: + - email + - firstName + - lastName + - password + - username + type: object + properties: + username: + type: string + password: + type: string + firstName: + type: string + lastName: + type: string + email: + type: string + APIOperations: + title: Operation + type: object + properties: + id: + type: string + example: apioperation + target: + type: string + verb: + type: string + SearchResultList: + title: Search Result List + type: object + properties: + count: + type: integer + description: | + Number of results returned. + example: 1 + list: + type: array + items: + type: object + example: + - id: abcff4cf-24c5-4298-a7b4-39a1fbd34693 + name: PizzaShackAPI + type: API + transportType: + description: + context: "/pizzashack" + version: 1.0.0 + provider: admin + status: PUBLISHED + thumbnailUri: + businessInformation: + businessOwner: Jane Roe + businessOwnerEmail: businessowner@wso2.com + technicalOwner: John Doe + technicalOwnerEmail: technicalowner@wso2.com + avgRating: '4.0' + pagination: + $ref: '#/components/schemas/Pagination' + SearchResult: + title: Search Result + required: + - name + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: TestAPI + type: + type: string + example: API + enum: + - DOC + - API + transportType: + type: string + description: Accepted values are HTTP, WS, SOAPTOREST, GRAPHQL + discriminator: + propertyName: name + APISearchResult: + title: API Result + allOf: + - $ref: '#/components/schemas/SearchResult' + - type: object + properties: + description: + type: string + description: A brief description about the API + example: A calculator API that supports basic operations + context: + type: string + description: A string that represents the context of the user's request + example: CalculatorAPI + version: + type: string + description: The version of the API + example: 1.0.0 + provider: + type: string + description: | + If the provider value is not given, the user invoking the API will be used as the provider. + example: admin + status: + type: string + description: This describes in which status of the lifecycle the API is + example: CREATED + thumbnailUri: + type: string + example: /apis/01234567-0123-0123-0123-012345678901/thumbnail + businessInformation: + $ref: '#/components/schemas/APIBusinessInformation' + avgRating: + type: string + description: Average rating of the API + example: "4.5" + DocumentSearchResult: + title: Document Result + allOf: + - $ref: '#/components/schemas/SearchResult' + - type: object + properties: + docType: + type: string + example: HOWTO + enum: + - HOWTO + - SAMPLES + - PUBLIC_FORUM + - SUPPORT_FORUM + - API_MESSAGE_FORMAT + - SWAGGER_DOC + - OTHER + summary: + type: string + example: Summary of Calculator Documentation + sourceType: + type: string + example: INLINE + enum: + - INLINE + - URL + - FILE + - MARKDOWN + sourceUrl: + type: string + example: "" + otherTypeName: + type: string + example: "" + visibility: + type: string + example: API_LEVEL + enum: + - OWNER_ONLY + - PRIVATE + - API_LEVEL + apiName: + type: string + description: The name of the associated API + example: TestAPI + apiVersion: + type: string + description: The version of the associated API + example: 1.0.0 + apiProvider: + type: string + example: admin + apiUUID: + type: string + CommenterInfo: + type: object + properties: + firstName: + type: string + example: John + lastName: + type: string + example: David + fullName: + type: string + example: John David + Pagination: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 10 + total: + type: integer + example: 1 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + example: "" + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + example: "" + Settings: + title: Settings + type: object + properties: + grantTypes: + type: array + items: + type: string + example: + - refresh_token + - urn:ietf:params:oauth:grant-type:saml2-bearer + - password + - client_credentials + - iwa:ntlm + - authorization_code + - urn:ietf:params:oauth:grant-type:jwt-bearer + applicationSharingEnabled: + type: boolean + default: false + mapExistingAuthApps: + type: boolean + default: false + apiGatewayEndpoint: + type: string + monetizationEnabled: + type: boolean + default: false + recommendationEnabled: + type: boolean + default: false + IsUnlimitedTierPaid: + type: boolean + default: false + identityProvider: + type: object + properties: + external: + type: boolean + default: false + IsAnonymousModeEnabled: + type: boolean + default: true + IsPasswordChangeEnabled: + type: boolean + default: true + userStorePasswordPattern: + type: string + description: The 'PasswordJavaRegEx' configured in the UserStoreManager + example: "^[\\S]{5,30}$" + passwordPolicyPattern: + type: string + description: The regex configured in the Password Policy property 'passwordPolicy.pattern' + example: "^[\\S]{5,30}$" + passwordPolicyMinLength: + type: integer + description: If Password Policy Feature is enabled, the property 'passwordPolicy.min.length' + is returned as the 'passwordPolicyMinLength'. If password policy is not + enabled, default value -1 will be returned. And it should be noted that + the regex pattern(s) returned in 'passwordPolicyPattern' and 'userStorePasswordPattern' + properties too will affect the minimum password length allowed and an + intersection of all conditions will be considered finally to validate + the password. + passwordPolicyMaxLength: + type: integer + description: If Password Policy Feature is enabled, the property 'passwordPolicy.max.length' + is returned as the 'passwordPolicyMaxLength'. If password policy is not + enabled, default value -1 will be returned. And it should be noted that + the regex pattern(s) returned in 'passwordPolicyPattern' and 'userStorePasswordPattern' + properties too will affect the maximum password length allowed and an + intersection of all conditions will be considered finally to validate + the password. + ApplicationAttribute: + title: Application attributes + type: object + properties: + description: + type: string + description: description of the application attribute + example: Sample description of the attribute + type: + type: string + description: type of the input element to display + example: text + tooltip: + type: string + description: tooltop to display for the input element + example: Sample tooltip + required: + type: string + description: whether this is a required attribute + example: "false" + attribute: + type: string + description: the name of the attribute + example: External Reference Id + hidden: + type: string + description: whether this is a hidden attribute + example: "false" + ApplicationAttributeList: + title: Application Attributes List + type: object + properties: + count: + type: integer + description: | + Number of application attributes returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ApplicationAttribute' + Tenant: + title: Tenant + type: object + properties: + domain: + type: string + description: tenant domain + example: wso2.com + status: + type: string + description: current status of the tenant active/inactive + example: active + TenantList: + title: Tenant list + type: object + properties: + count: + type: integer + description: | + Number of tenants returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Tenant' + pagination: + $ref: '#/components/schemas/Pagination' + AdvertiseInfo: + title: API Advertise info object with advertise details + type: object + properties: + advertised: + type: boolean + example: true + apiExternalProductionEndpoint: + type: string + example: https://localhost:9443/devportal + apiExternalSandboxEndpoint: + type: string + example: https://localhost:9443/devportal + originalDevPortalUrl: + type: string + example: https://localhost:9443/devportal + apiOwner: + type: string + example: admin + vendor: + type: string + default: WSO2 + enum: + - WSO2 + - AWS + APICategory: + title: API Category + required: + - name + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: Finance + description: + type: string + example: Finance related APIs + APICategoryList: + title: API Category List + type: object + properties: + count: + type: integer + description: | + Number of API categories returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APICategory' + Recommendations: + title: API recommendations + type: object + properties: + count: + type: integer + description: | + Number of APIs returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/recommendedAPI' + recommendedAPI: + title: Recommended API + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorAPI + avgRating: + type: string + description: Average rating of the API + example: "4.5" + KeyManagerInfo: + title: Key Manager Info + required: + - name + - type + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: Resident Key Manager + type: + type: string + example: default + displayName: + type: string + description: | + display name of Keymanager + example: Resident Key Manager + description: + type: string + example: This is Resident Key Manager + enabled: + type: boolean + example: true + availableGrantTypes: + type: array + items: + type: string + example: client_credentials + tokenEndpoint: + type: string + example: https://localhost:9443/oauth2/token + revokeEndpoint: + type: string + example: https://localhost:9443/oauth2/revoke + userInfoEndpoint: + type: string + example: "" + enableTokenGeneration: + type: boolean + example: true + enableTokenEncryption: + type: boolean + example: false + default: false + enableTokenHashing: + type: boolean + example: false + default: false + enableOAuthAppCreation: + type: boolean + example: true + default: true + enableMapOAuthConsumerApps: + type: boolean + example: false + default: false + applicationConfiguration: + type: array + items: + $ref: '#/components/schemas/KeyManagerApplicationConfiguration' + alias: + type: string + description: | + The alias of Identity Provider. + If the tokenType is EXCHANGED, the alias value should be inclusive in the audience values of the JWT token + example: https://localhost:9443/oauth2/token + additionalProperties: + type: object + properties: {} + tokenType: + type: string + description: The type of the tokens to be used (exchanged or without exchanged). + Accepted values are EXCHANGED, DIRECT and BOTH. + example: EXCHANGED + default: DIRECT + enum: + - EXCHANGED + - DIRECT + - BOTH + KeyManagerApplicationConfiguration: + title: Key Manager application Configuration + type: object + properties: + name: + type: string + example: consumer_key + label: + type: string + example: Consumer Key + type: + type: string + example: select + required: + type: boolean + example: true + mask: + type: boolean + example: true + multiple: + type: boolean + example: true + tooltip: + type: string + example: Enter username to connect to key manager + default: + type: object + properties: {} + example: admin + values: + type: array + items: + type: object + properties: {} + KeyManagerList: + title: Key Manager List + type: object + properties: + count: + type: integer + description: | + Number of Key managers returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/KeyManagerInfo' + GraphQLQueryComplexityInfo: + title: GraphQL Query Complexity Info + type: object + properties: + list: + type: array + items: + $ref: '#/components/schemas/GraphQLCustomComplexityInfo' + GraphQLCustomComplexityInfo: + title: GraphQL Custom Complexity Info + required: + - complexityValue + - field + - type + type: object + properties: + type: + type: string + description: | + The type found within the schema of the API + example: Country + field: + type: string + description: | + The field which is found under the type within the schema of the API + example: name + complexityValue: + type: integer + description: | + The complexity value allocated for the associated field under the specified type + example: 1 + GraphQLSchemaTypeList: + title: List of types and corresponding fields of the GraphQL Schema + type: object + properties: + typeList: + type: array + items: + $ref: '#/components/schemas/GraphQLSchemaType' + GraphQLSchemaType: + title: Single type and corresponding fields found within the GraphQL Schema + type: object + properties: + type: + type: string + description: | + Type found within the GraphQL Schema + example: Country + fieldList: + type: array + description: | + Array of fields under current type + example: + - code + - name + items: + type: string + CurrentAndNewPasswords: + title: Current and new password of the user + type: object + properties: + currentPassword: + type: string + example: password123 + newPassword: + type: string + example: newpassword1234 + AdditionalSubscriptionInfoList: + title: Additional Subscription Info List + type: object + properties: + count: + type: integer + description: | + Number of additional information sets of subscription returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/AdditionalSubscriptionInfo' + pagination: + $ref: '#/components/schemas/Pagination' + AdditionalSubscriptionInfo: + title: Additional Information of subscriptions related to an API + type: object + properties: + subscriptionId: + type: string + description: The UUID of the subscription + readOnly: true + example: faae5fcc-cbae-40c4-bf43-89931630d313 + applicationId: + type: string + description: The UUID of the application + example: b3ade481-30b0-4b38-9a67-498a40873a6d + applicationName: + type: string + description: The name of the application + example: Sample Application + apiId: + type: string + description: The unique identifier of the API. + example: 2962f3bb-8330-438e-baee-0ee1d6434ba4 + isSolaceAPI: + type: boolean + example: false + solaceOrganization: + type: string + example: SolaceWso2 + solaceDeployedEnvironments: + type: array + items: + type: object + properties: + environmentName: + type: string + environmentDisplayName: + type: string + organizationName: + type: string + solaceURLs: + type: array + items: + type: object + properties: + protocol: + type: string + example: Default + endpointURL: + type: string + example: Default + SolaceTopicsObject: + type: object + properties: + defaultSyntax: + $ref: '#/components/schemas/SolaceTopics' + mqttSyntax: + $ref: '#/components/schemas/SolaceTopics' + SolaceTopics: + title: SolaceTopics + type: object + properties: + publishTopics: + type: array + items: + type: string + subscribeTopics: + type: array + items: + type: string + responses: + BadRequest: + description: Bad Request. Invalid request or validation error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + Conflict: + description: Conflict. Specified resource already exists. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 409 + message: Conflict + description: Specified resource already exists + moreInfo: "" + error: [] + InternalServerError: + description: Internal Server Error. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + NotAcceptable: + description: Not Acceptable. The requested media type is not supported. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + NotFound: + description: Not Found. The specified resource does not exist. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + PreconditionFailed: + description: Precondition Failed. The request has not been performed because + one of the preconditions is not met. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 412 + message: Precondition Failed + description: The request has not been performed because one of the preconditions + is not met + moreInfo: "" + error: [] + Unauthorized: + description: Unauthorized. The user is not authorized. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 401 + message: Unauthorized + description: The user is not authorized + moreInfo: "" + error: [] + UnsupportedMediaType: + description: Unsupported Media Type. The entity of the request was not in a + supported format. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + code: 415 + message: Unsupported media type + description: The entity of the request was not in a supported format + moreInfo: "" + error: [] + parameters: + parentCommentID: + name: replyTo + in: query + required: false + description: | + ID of the parent comment. + schema: + type: string + requestedTenant: + name: X-WSO2-Tenant + in: header + description: | + For cross-tenant invocations, this is used to specify the tenant/organization domain, where the resource need to be + retrieved from. + schema: + type: string + includeCommenterInfo: + name: includeCommenterInfo + in: query + required: false + description: | + Whether we need to display commenter details. + schema: + type: boolean + default : false + apiId: + name: apiId + in: path + description: | + **API ID** consisting of the **UUID** of the API. + required: true + schema: + type: string + apiProductId: + name: apiProductId + in: path + description: | + **API Product ID** consisting of the **UUID** of the API Product. + required: true + schema: + type: string + x-encoded: true + x-encoded: true + apiId-Q: + name: apiId + in: query + required: false + description: | + **API ID** consisting of the **UUID** of the API. + schema: + type: string + apiType-Q: + name: apiType + in: query + required: false + description: | + **API TYPE** Identifies the type API(API or API_PRODUCT). + schema: + type: string + language: + name: language + in: query + description: | + Programming language to generate SDK. + required: true + schema: + type: string + documentId: + name: documentId + in: path + description: | + Document Identifier + required: true + schema: + type: string + applicationId: + name: applicationId + in: path + description: | + Application Identifier consisting of the UUID of the Application. + required: true + schema: + type: string + keyMappingId: + name: keyMappingId + in: path + description: | + OAuth Key Identifier consisting of the UUID of the Oauth Key Mapping. + required: true + schema: + type: string + filterByUserRoles: + name: filterByUserRoles + in: query + required: false + description: | + Filter user by roles. + schema: + type: boolean + applicationId-Q: + name: applicationId + in: query + required: false + description: | + **Application Identifier** consisting of the UUID of the Application. + schema: + type: string + groupId: + name: groupId + in: query + required: false + description: | + Application Group Id + schema: + type: string + subscriptionId: + name: subscriptionId + in: path + description: | + Subscription Id + required: true + schema: + type: string + policyId: + name: policyId + in: path + description: | + The name of the policy + required: true + schema: + type: string + commentId: + name: commentId + in: path + description: | + Comment Id + required: true + schema: + type: string + ratingId: + name: ratingId + in: path + description: | + Rating Id + required: true + schema: + type: string + policyLevel: + name: policyLevel + in: path + description: | + List Application or Subscription type thro. + required: true + schema: + type: string + enum: + - application + - subscription + environmentName: + name: environmentName + in: query + required: false + description: | + Name of the API gateway environment. + schema: + type: string + limit: + name: limit + in: query + required: false + description: | + Maximum size of resource array to return. + schema: + type: integer + default: 25 + offset: + name: offset + in: query + required: false + description: | + Starting point within the complete list of items qualified. + schema: + type: integer + default: 0 + replyLimit: + name: replyLimit + in: query + required: false + description: | + Maximum size of replies array to return. + schema: + type: integer + default: 25 + replyOffset: + name: replyOffset + in: query + required: false + description: | + Starting point within the complete list of replies. + schema: + type: integer + default: 0 + keyType: + name: keyType + in: path + description: | + **Application Key Type** standing for the type of the keys (i.e. Production or Sandbox). + required: true + schema: + type: string + enum: + - PRODUCTION + - SANDBOX + If-None-Match: + name: If-None-Match + in: header + description: | + Validator for conditional requests; based on the ETag of the formerly retrieved + variant of the resource. + schema: + type: string + If-Match: + name: If-Match + in: header + description: | + Validator for conditional requests; based on ETag. + schema: + type: string + alertType: + name: alertType + in: path + description: | + The alert type. + required: true + schema: + type: string + configurationId: + name: configurationId + in: path + description: | + The alert configuration id. + Base64 encoded value of 'apiName#apiVersion#applicationName'. + required: true + schema: + type: string + securitySchemes: + OAuth2Security: + type: oauth2 + flows: + password: + tokenUrl: https://localhost:9443/oauth2/token + scopes: + type: array + items: test diff --git a/en/docs/catalogs/runtime-api.yaml b/en/docs/catalogs/runtime-api.yaml new file mode 100644 index 000000000..2e65e8e0c --- /dev/null +++ b/en/docs/catalogs/runtime-api.yaml @@ -0,0 +1,1988 @@ +--- +openapi: 3.0.1 +info: + title: WSO2 API Platform for Kubernetes - Runtime Service API + description: | + This document specifies a **RESTful API** for WSO2 **API Platform for Kubernetes (APK)** - **Runtime Service**. + version: 1.0.0 +paths: + /apis: + get: + tags: + - APIs + summary: | + Retrieve/Search APIs + description: | + This operation provides you a list of available APIs qualifying under a given search condition. + Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. + operationId: getAllAPIs + parameters: + - name: limit + in: query + description: | + Maximum size of resource array to return. + required: false + style: form + explode: true + schema: + type: integer + default: 25 + - name: offset + in: query + description: | + Starting point within the complete list of items qualified. + required: false + style: form + explode: true + schema: + type: integer + default: 0 + - name: sortBy + in: query + description: | + Criteria for sorting. + required: false + style: form + explode: true + schema: + type: string + default: createdTime + enum: + - apiName + - createdTime + - name: sortOrder + in: query + description: | + Order of sorting (ascending/descending). + required: false + style: form + explode: true + schema: + type: string + default: desc + enum: + - asc + - desc + - name: query + in: query + required: false + style: form + explode: true + schema: + type: string + responses: + "200": + description: | + OK. + List of qualifying APIs is returned. + headers: + Content-Type: + description: The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/APIList" + "500": + $ref: "#/components/responses/InternalServerError" + "400": + $ref: "#/components/responses/BadRequest" + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/apis"' + + post: + tags: + - APIs + summary: Create a New API + description: | + Use this operation to create a new API specifying the details of the API in the payload. + operationId: createAPI + requestBody: + description: The API object that needs to be added. + content: + application/json: + schema: + $ref: "#/components/schemas/API" + required: true + responses: + "201": + description: | + Created. + Successful response with the newly created object as the entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + The URL of the newly created resource. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/API" + "400": + $ref: "#/components/responses/BadRequest" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" + -H "Accept: application/json" + -d @data.json + "https://api.am.wso2.com:9095/api/am/runtime/apis"' + + /apis/{apiId}: + get: + tags: + - APIs + summary: Get Details of an API + description: | + Using this operation, you can retrieve complete details of a single API. You need to provide the ID of the API to retrieve it. + operationId: getAPI + parameters: + - name: apiId + in: path + description: | + **API ID** consisting of the **Name** of the API. + required: true + style: simple + explode: false + schema: + type: string + responses: + "200": + description: | + OK. + Requested API is returned + headers: + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/API" + "404": + $ref: "#/components/responses/NotFound" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/apis/01234567-0123-0123-0123-012345678901"' + + put: + tags: + - APIs + summary: Update an API + description: | + Use this operation to update an existing API. This operation will instruct the Runtime to update the deployment. + operationId: updateAPI + parameters: + - name: apiId + in: path + description: | + **API ID** consisting of the **Name** of the API. + required: true + style: simple + explode: false + schema: + type: string + requestBody: + description: The API object that needs to be added. + content: + application/json: + schema: + $ref: "#/components/schemas/API" + required: true + responses: + "200": + description: | + OK. + Successful response with an updated API object. + headers: + Location: + description: | + The URL of the newly created resource. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/API" + "400": + $ref: "#/components/responses/BadRequest" + "403": + $ref: "#/components/responses/Forbidden" + "404": + $ref: "#/components/responses/NotFound" + "412": + $ref: "#/components/responses/PreconditionFailed" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json + "https://api.am.wso2.com:9095/api/am/runtime/apis/01234567-0123-0123-0123-012345678901"' + delete: + tags: + - APIs + summary: Delete an API + description: | + Use this operation to delete an existing API by providing the ID of the API. + operationId: deleteAPI + parameters: + - name: apiId + in: path + description: | + **API ID** consisting of the **Name** of the API. + required: true + style: simple + explode: false + schema: + type: string + responses: + "200": + description: | + OK. + Resource successfully deleted. + content: {} + "403": + $ref: "#/components/responses/Forbidden" + "404": + $ref: "#/components/responses/NotFound" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/apis/01234567-0123-0123-0123-012345678901"' + + /apis/{apiId}/generate-key: + post: + tags: + - APIs + summary: Generate Internal API Key to Invoke APIs + description: | + Use this operation to generate an internal API key that you can use to invoke API. + operationId: generateInternalAPIKey + parameters: + - $ref: "#/components/parameters/apiId" + responses: + 200: + description: | + OK. + apikey generated. + content: + application/json: + schema: + $ref: "#/components/schemas/APIKey" + 400: + $ref: "#/components/responses/BadRequest" + 404: + $ref: "#/components/responses/NotFound" + "403": + $ref: "#/components/responses/Forbidden" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X POST "https://api.am.wso2.com:9095/api/am/runtime/apis/01234567-0123-0123-0123-012345678901/generate-key" + -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" + -H "Accept: application/json"' + + /apis/import-service: + post: + tags: + - Service or Schema Import + summary: Create an API From a Service + description: Use this operation to create an API from an available Service by providing Service. + operationId: importService + parameters: + - name: serviceKey + in: query + description: The ID of the Service that should be imported from the Service Catalog. + required: true + style: form + explode: true + schema: + type: string + example: Pizzashack-1.0.0 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/API" + responses: + "201": + description: | + Created. + Successful response with the newly created object as the entity in the body. + Location header contains the URL of the newly created entity. + headers: + Location: + description: | + The URL of the newly created resource. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/API" + "400": + $ref: "#/components/responses/BadRequest" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X POST "https://api.am.wso2.com:9095/api/am/runtime/apis/import-service?serviceKey=11cd3fa3-c886-49f9-bf78-0ec349b1f4c1" + -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" + -H "Accept: application/json" + -d @data.json' + + /apis/import-definition: + post: + tags: + - Service or Schema Import + summary: Import an API Definition + description: | + Use this operation to create an API from an API definition. Provide either the `url` or `file` + to specify the definition. + + Specify `additionalProperties`` with **at least** the API's name, version, context and endpointConfig. + operationId: importAPIDefinition + requestBody: + content: + multipart/form-data: + schema: + $ref: "#/components/schemas/apis_importdefinition_body" + responses: + "201": + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: + Location: + description: | + The URL of the newly created resource. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/API" + "400": + $ref: "#/components/responses/BadRequest" + "412": + $ref: "#/components/responses/PreconditionFailed" + + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X POST "https://api.am.wso2.com:9095/api/am/runtime/apis/import-definition" + -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" + -F file=@openapi.json -F additionalProperties=@data.json' + + /apis/validate-definition: + post: + tags: + - Validation + summary: Validate an OpenAPI Definition + description: | + Use this operation to validate an OpenAPI definition and retrieve a summary. Provide either the `url` + or `file` to specify the definition. + operationId: validateOpenAPIDefinition + parameters: + - name: returnContent + in: query + description: | + Specify whether to return the full content of the OpenAPI definition in the response. This is only + applicable when using URL based validation. + required: false + style: form + explode: true + schema: + type: boolean + default: false + requestBody: + content: + multipart/form-data: + schema: + $ref: "#/components/schemas/apis_validatedefinition_body" + responses: + "200": + description: | + OK. + API definition validation information is returned. + headers: + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + $ref: "#/components/schemas/APIDefinitionValidationResponse" + "400": + $ref: "#/components/responses/BadRequest" + "404": + $ref: "#/components/responses/NotFound" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" + -F file=@openapi.json "https://api.am.wso2.com:9095/api/am/runtime/apis/validate-definition"' + + /apis/validate: + post: + tags: + - Validation + summary: Check if the Given API Context Name Already Exists + description: | + You can use this operation to check if a given API context is already being used. You need to provide the context name you want to check. + operationId: validateAPI + parameters: + - name: query + in: query + description: | + **Search condition**. + You can search in attributes by using an **":"** modifier. + + Example: + "name:wso2" will match an API if the provider of the API is exactly "wso2". + The supported attribute modifiers are `version`, `context`, `name` + If no advanced attribute modifier has been specified, search will match the + given query string against API Name. + required: true + schema: + type: string + responses: + "200": + description: | + OK. + API definition validation information is returned + headers: + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: {} + "404": + $ref: "#/components/responses/NotFound" + "400": + $ref: "#/components/responses/BadRequest" + "412": + $ref: "#/components/responses/PreconditionFailed" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/apis/validate?query=name%3Awso2"' + + /apis/{apiId}/definition: + get: + tags: + - APIs + summary: Get API Definition + description: | + Use this operation to retrieve the definition of an API. + operationId: getAPIDefinition + parameters: + - name: apiId + in: path + description: | + **API ID** consisting of the **Name** of the API. + required: true + style: simple + explode: false + schema: + type: string + responses: + "200": + description: | + OK. + The requested definition document of the API is returned. + headers: + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + type: string + example: "" + "404": + $ref: "#/components/responses/NotFound" + "412": + $ref: "#/components/responses/PreconditionFailed" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/apis/01234567-0123-0123-0123-012345678901/definition"' + + put: + tags: + - APIs + summary: Update API Definition + description: | + Use this operation to update the API definition of an existing API. API definition to be updated is passed as a form data parameter `apiDefinition`. + operationId: updateAPIDefinition + parameters: + - name: apiId + in: path + description: | + **API ID** consisting of the **Name** of the API. + required: true + style: simple + explode: false + schema: + type: string + requestBody: + content: + multipart/form-data: + schema: + $ref: "#/components/schemas/apiId_definition_body" + responses: + "200": + description: | + OK. + Successful response with updated Open API Specification. + headers: + Location: + description: | + The URL of the newly created resource. + style: simple + explode: false + schema: + type: string + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/json: + schema: + type: string + example: "" + "400": + $ref: "#/components/responses/BadRequest" + "403": + $ref: "#/components/responses/Forbidden" + "404": + $ref: "#/components/responses/NotFound" + "412": + $ref: "#/components/responses/PreconditionFailed" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" + -F apiDefinition=@oaspecification.json + "https://api.am.wso2.com:9095/api/am/runtime/apis/01234567-0123-0123-0123-012345678901/definition"' + /apis/export: + get: + tags: + - Import Export + summary: Export an API + description: | + Use this operation to export the details of a particular API as a ZIP file. + operationId: exportAPI + parameters: + - name: apiId + in: query + description: Name of the API + required: false + style: form + explode: true + schema: + type: string + - name: name + in: query + description: | + API Name + required: false + style: form + explode: true + schema: + type: string + - name: version + in: query + description: | + Version of the API + required: false + style: form + explode: true + schema: + type: string + - name: format + in: query + description: | + Format of output documents. This can be YAML or JSON. + required: false + style: form + explode: true + schema: + type: string + enum: + - JSON + - YAML + responses: + "200": + description: | + OK. + Export Successful. + headers: + Content-Type: + description: | + The content type of the body. + style: simple + explode: false + schema: + type: string + content: + application/zip: + schema: + type: string + format: binary + "404": + $ref: "#/components/responses/NotFound" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/apis/export?apiId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=PizzaShackAPI&version=1.0&provider=admin&format=YAML" + > exportAPI.zip' + + /apis/import: + post: + tags: + - Import Export + summary: Import an API + description: | + Use this operation to import an API. + operationId: importAPI + parameters: + - name: overwrite + in: query + description: | + Whether to update the API or not. Use this when updating already existing APIs. + required: false + style: form + explode: true + schema: + type: boolean + requestBody: + content: + multipart/form-data: + schema: + $ref: "#/components/schemas/apis_import_body" + responses: + "200": + description: | + Created. + API Imported Successfully. + "403": + $ref: "#/components/responses/Forbidden" + "409": + $ref: "#/components/responses/Conflict" + "412": + $ref: "#/components/responses/PreconditionFailed" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: multipart/form-data" + -F file=@admin-PizzaShackAPI-1.0.0.zip + "https://api.am.wso2.com:9095/api/am/runtime/apis/import?preserveProvider=false&overwrite=false"' + + /apis/copy-api: + post: + tags: + - APIs + summary: Create a New API Version + description: | + Use this operation to create a new version of an existing API. The new version is specified as `newVersion` query parameter. New API will be in `CREATED` state. + parameters: + - name: newVersion + in: query + description: Version of the new API. + required: true + schema: + maxLength: 30 + type: string + - name: serviceId + in: query + description: Version of the Service that you are using to create a new API version. + schema: + type: string + required: false + - $ref: '#/components/parameters/apiId-Q' + responses: + 201: + description: | + Created. + Successful response with the newly created API as the entity in the body. Location header contains the URL of the newly created API. + headers: + Location: + description: | + The URL of the newly created API. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/API' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apk:api_create + - apk:api_manage + operationId: createNewAPIVersion + x-code-samples: + - lang: Curl + source: 'curl -k -X POST "https://api.am.wso2.com:9095/api/am/runtime/apis/copy-api?apiId=01234567-0123-0123-0123-012345678901&newVersion=2.0.0" + -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8"' + + /services: + get: + tags: + - Services + summary: Retrieve/Search for Services + description: | + Retrieve or search services in the Cluster. + operationId: searchServices + parameters: + - name: query + in: query + description: Search K8s Services based on name or namespace. + required: false + style: form + explode: true + schema: + type: string + - name: sortBy + in: query + description: | + Criteria for sorting. + required: false + style: form + explode: true + schema: + type: string + default: createdTime + enum: + - serviceName + - createdTime + - name: sortOrder + in: query + description: | + Order of sorting (ascending/descending). + required: false + style: form + explode: true + schema: + type: string + default: desc + enum: + - asc + - desc + - name: limit + in: query + description: | + Maximum size of resource array to return. + required: false + style: form + explode: true + schema: + type: integer + default: 25 + - name: offset + in: query + description: | + Starting point within the complete list of items qualified. + required: false + style: form + explode: true + schema: + type: integer + default: 0 + responses: + "200": + description: | + Paginated matched list of Services returned. + content: + application/json: + schema: + $ref: "#/components/schemas/ServiceList" + "400": + $ref: "#/components/responses/BadRequest" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/services"' + + /services/{serviceId}: + get: + tags: + - Services + summary: Get Details of a Service + description: | + Get details of a Service using the ID of the Service. + operationId: getServiceById + parameters: + - name: serviceId + in: path + description: UUID (unique across all namespaces) of the Service + required: true + style: simple + explode: false + schema: + type: string + responses: + "200": + description: | + Requested Service in the Service Catalog is returned. + content: + application/json: + schema: + $ref: "#/components/schemas/Service" + "400": + $ref: "#/components/responses/BadRequest" + "404": + $ref: "#/components/responses/NotFound" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/services/11cd3fa3-c886-49f9-bf78-0ec349b1f4c1"' + + /services/{serviceId}/usage: + get: + tags: + - Services + summary: Retrieve the Usage of a Service + description: | + Retrieve usage + operationId: getServiceUsage + parameters: + - name: serviceId + in: path + description: UUID (unique ID across cluster) of the Service + required: true + style: simple + explode: false + schema: + type: string + responses: + "200": + description: | + List of APIs that uses the Service in the Service Catalog is returned. + content: + application/json: + schema: + $ref: "#/components/schemas/APIList" + "400": + $ref: "#/components/responses/BadRequest" + "404": + $ref: "#/components/responses/NotFound" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/services/11cd3fa3-c886-49f9-bf78-0ec349b1f4c1/usage"' + + /policies: + get: + tags: + - Mediation Policies + summary: | + Get All Common Mediation Policies For All the APIs + description: | + This operation provides you a list of the available Operation Policies that any API can use. + operationId: getMediationPolicyList + parameters: + - name: limit + in: query + description: | + Maximum size of resource array to return. + required: false + style: form + explode: true + schema: + type: integer + default: 25 + - name: offset + in: query + description: | + Starting point within the complete list of items qualified. + required: false + style: form + explode: true + schema: + type: integer + default: 0 + - name: sortBy + in: query + description: | + Criteria for sorting. + required: false + style: form + explode: true + schema: + type: string + default: createdTime + enum: + - policyName + - createdTime + - name: sortOrder + in: query + description: | + Order of sorting (ascending/descending). + required: false + style: form + explode: true + schema: + type: string + default: desc + enum: + - asc + - desc + - name: query + in: query + required: false + style: form + explode: true + schema: + type: string + - name: Accept + in: header + description: | + Media types acceptable for the response. + required: false + style: simple + explode: false + schema: + type: string + default: application/json + responses: + "200": + description: | + OK. + List of qualifying Policies is returned. + headers: + Content-Type: + description: The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/MediationPolicyList' + "400": + $ref: "#/components/responses/BadRequest" + "404": + $ref: "#/components/responses/NotFound" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/policies"' + + /policies/{policyId}: + get: + tags: + - Mediation Policies + summary: Get Details of a Specific Common Mediation Policy + description: | + Use this operation to retrieve details of a specific Common Mediation Policy based on its Mediation Policy ID. + operationId: getMediationPolicyByPolicyId + parameters: + - name: policyId + in: path + description: Mediation policy ID + required: true + style: simple + explode: false + schema: + type: string + responses: + "200": + description: | + OK. + Mediation policy returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/MediationPolicy' + "404": + $ref: "#/components/responses/NotFound" + "500": + $ref: "#/components/responses/InternalServerError" + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://api.am.wso2.com:9095/api/am/runtime/policies/1"' + +components: + schemas: + APIList: + title: API List + type: object + properties: + count: + type: integer + description: | + Number of APIs returned. + example: 1 + list: + type: array + items: + $ref: "#/components/schemas/APIInfo" + pagination: + $ref: "#/components/schemas/Pagination" + APIInfo: + title: API Info object with basic API details. + type: object + properties: + id: + type: string + description: | + UUID of the API + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorAPI + context: + type: string + example: CalculatorAPI + version: + type: string + example: 1.0.0 + type: + type: string + example: HTTP + createdTime: + type: string + example: 2023-02-11 09:57:25 + updatedTime: + type: string + example: 2023-02-11 09:57:25 + API: + title: API object + required: + - context + - name + - version + type: object + properties: + id: + type: string + description: | + UUID of the API + readOnly: true + example: 01234567-0123-0123-0123-012345678901 + name: + maxLength: 60 + minLength: 1 + pattern: (^[^~!@#;:%^*()+={}|\\<>"',&$\[\]\/]*$) + type: string + example: PizzaShackAPI + context: + maxLength: 232 + minLength: 1 + type: string + example: pizza + version: + maxLength: 30 + minLength: 1 + pattern: ^[^~!@#;:%^*()+={}|\\<>"',&/$\[\]\s+\/]+$ + type: string + example: 1.0.0 + type: + type: string + description: The API creation type. + example: REST + default: REST + enum: + - REST + endpointConfig: + type: object + properties: {} + description: | + Endpoint configuration of the API. You can use this to provide different types of endpoints including Simple REST Endpoints, Loadbalanced and Failover. + + `Simple REST Endpoint` + ``` + { + "endpoint_type": "http", + "sandbox_endpoints": { + "url": "https://pizzashack-service:8080/am/sample/pizzashack/v3/api/" + }, + "production_endpoints": { + "url": "https://pizzashack-service:8080/am/sample/pizzashack/v3/api/" + } + } + ``` + example: + endpoint_type: http + sandbox_endpoints: + url: https://pizzashack-service:8080/am/sample/pizzashack/v3/api/ + production_endpoints: + url: https://pizzashack-service:8080/am/sample/pizzashack/v3/api/ + operations: + type: array + example: + - target: /order/{orderId} + verb: POST + authTypeEnabled: true + throttlingPolicy: 1000 + - target: /menu + verb: GET + authTypeEnabled: false + throttlingPolicy: 1000 + items: + $ref: "#/components/schemas/APIOperations" + serviceInfo: + $ref: "#/components/schemas/API_serviceInfo" + apiPolicies: + $ref: "#/components/schemas/APIOperationPolicies" + optional: true + createdTime: + type: string + readOnly: true + lastUpdatedTime: + type: string + readOnly: true + APIOperations: + title: Operation + type: object + properties: + target: + type: string + example: /order/{orderId} + verb: + type: string + example: POST + authTypeEnabled: + type: boolean + example: true + default: true + description: Authentication mode for resource. + enum: + - true + - false + endpointConfig: + type: object + properties: {} + description: | + Endpoint configuration of the API. You can use this to provide different types of endpoints including Simple REST Endpoints, Loadbalanced and Failover. + + `Simple REST Endpoint` + ``` + { + "endpoint_type": "http", + "sandbox_endpoints": { + "url": "https://pizzashack-service:8080/am/sample/pizzashack/v3/api/" + }, + "production_endpoints": { + "url": "https://pizzashack-service:8080/am/sample/pizzashack/v3/api/" + } + } + ``` + example: + endpoint_type: http + sandbox_endpoints: + url: https://pizzashack-service:8080/am/sample/pizzashack/v3/api/ + production_endpoints: + url: https://pizzashack-service:8080/am/sample/pizzashack/v3/api/ + scopes: + type: array + example: [] + items: + type: string + operationPolicies: + $ref: "#/components/schemas/APIOperationPolicies" + APIOperationPolicies: + title: API Operation Level Policies + properties: + request: + type: array + items: + $ref: "#/components/schemas/OperationPolicy" + response: + type: array + items: + $ref: "#/components/schemas/OperationPolicy" + fault: + type: array + items: + $ref: "#/components/schemas/OperationPolicy" + OperationPolicy: + title: API Operation Policy + required: + - policyName + type: object + properties: + policyName: + type: string + policyVersion: + type: string + default: v1 + policyId: + type: string + parameters: + type: array + items: + $ref: "#/components/schemas/OperationPolicyParameters" + OperationPolicyParameters: + title: API Operation Policy Parameters + type: object + properties: + headerName: + type: string + headerValue: + type: string + GraphQLSchema: + title: GraphQL Schema + required: + - name + type: object + properties: + name: + type: string + example: admin--HackerNewsAPI.graphql + schemaDefinition: + type: string + MediationPolicyList: + title: Paginated List of Policies + type: object + properties: + count: + type: integer + description: | + Number of mediation policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/MediationPolicy' + pagination: + $ref: '#/components/schemas/Pagination' + MediationPolicy: + title: Mediation Policy Data + required: + - id + - name + - type + type: object + properties: + id: + type: string + example: 1 + type: + type: string + example: RequestHeaderModifier + name: + type: string + example: addHeader + displayName: + type: string + example: Add Header + description: + type: string + example: The user can add a new header to the request using this policy. + applicableFlows: + type: array + items: + type: string + example: request + supportedApiTypes: + type: array + items: + type: string + example: REST + policyAttributes: + type: array + items: + $ref: '#/components/schemas/MediationPolicySpecAttribute' + MediationPolicySpecAttribute: + title: Mediation Policy Attribute Specs + type: object + properties: + name: + type: string + description: Name of the attribute + example: headerName + description: + type: string + description: Description of the attribute + example: Name of the header to be added + required: + type: boolean + description: This defines whether or not this option is mandatory for the Policy + example: true + validationRegex: + type: string + description: UI validation Regex for the attribute + type: + type: string + description: Type of the attribute + example: string + defaultValue: + type: string + description: Default value for the attribute + example: true + Error: + title: Error object returned with 4XX HTTP Status + required: + - code + - message + type: object + properties: + code: + type: integer + format: int64 + message: + type: string + description: Error message. + description: + type: string + description: | + A detailed description of the error message. + moreInfo: + type: string + description: | + Preferably a URL with more details about the error. + error: + type: array + description: | + If there is more than one error, list them out. + For example, list out validation errors by each field. + items: + $ref: "#/components/schemas/ErrorListItem" + ErrorListItem: + title: Description of individual errors that may have occurred during a request. + required: + - code + - message + type: object + properties: + code: + type: string + message: + type: string + description: | + A description on the individual errors that occurred. + description: + type: string + description: | + A detailed description of the error message. + APIDefinitionValidationResponse: + title: API Definition Validation Response + required: + - isValid + type: object + properties: + isValid: + type: boolean + description: | + This attribute declares whether this definition is valid or not. + example: true + content: + type: string + description: | + OpenAPI definition content. + info: + $ref: "#/components/schemas/APIDefinitionValidationResponse_info" + errors: + type: array + description: | + If there is more than one error, list them out. + For example, list out validation errors by each field. + items: + $ref: "#/components/schemas/ErrorListItem" + SearchResult: + title: Search Result + required: + - name + type: object + properties: + id: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: TestAPI + transportType: + type: string + description: Accepted values are HTTP, WS, GRAPHQL + discriminator: + propertyName: name + Pagination: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 1 + total: + type: integer + example: 10 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + ServiceList: + title: Paginated List of Services in Service Catalog + type: object + properties: + list: + title: List of Services in Service Catalog + type: array + items: + $ref: "#/components/schemas/Service" + pagination: + $ref: "#/components/schemas/Pagination" + Service: + title: The Service Object + required: + - id + - name + - namespace + - type + type: object + properties: + id: + type: string + minLength: 1 + maxLength: 255 + example: 11cd3fa3-c886-49f9-bf78-0ec349b1f4c1 + name: + maxLength: 255 + minLength: 1 + type: string + example: pizzashack-service + namespace: + maxLength: 255 + type: string + example: dev + type: + type: string + example: ClusterIP + portmapping: + title: List of PortMapping in the Service + type: array + items: + $ref: "#/components/schemas/PortMapping" + createdTime: + type: string + example: 2023-02-11 09:57:25 + + PortMapping: + title: The PortMapping Object + required: + - name + - port + - targetport + type: object + properties: + name: + maxLength: 255 + minLength: 1 + type: string + example: pizzashack-service + protocol: + type: string + example: tcp + targetport: + type: integer + format: int32 + example: 8088 + port: + type: integer + format: int32 + example: 8080 + GatewayList: + title: Paginated List of Gateways + type: object + properties: + list: + title: List of Gateways + type: array + items: + $ref: "#/components/schemas/Gateway" + pagination: + $ref: "#/components/schemas/Pagination" + Gateway: + title: Gateway object + required: + - name + - port + - protocol + type: object + properties: + name: + maxLength: 255 + minLength: 1 + type: string + description: Name of the Gateway + example: PizzaOrdersGateway + protocol: + maxLength: 50 + minLength: 1 + type: string + description: Protocol of the Listener + example: HTTP + port: + type: number + description: Port of the Listener. + example: 8080 + apis_importdefinition_body: + properties: + type: + type: string + description: Type of Definition. + format: string + file: + type: string + description: Definition to upload as a file. + format: binary + url: + type: string + description: Definition URL + additionalProperties: + type: string + description: Additional attributes specified as a stringified JSON with API's schema + inlineAPIDefinition: + type: string + description: Inline content of the API definition + apis_validatedefinition_body: + properties: + url: + type: string + description: API definition definition URL + file: + type: string + description: API definition as a file + format: binary + type: + type: string + description: API definition type - OpenAPI/AsyncAPI/GraphQL + inlineAPIDefinition: + type: string + description: Inline content of the API definition. + apiId_definition_body: + properties: + apiDefinition: + type: string + description: API definition of the API. + url: + type: string + description: API definition URL of the API. + file: + type: string + description: API definition as a file. + format: binary + apis_import_body: + required: + - file + properties: + file: + type: string + description: ZIP archive consisting of exported API configuration. + format: binary + API_serviceInfo: + type: object + properties: + name: + type: string + example: pizzashack-service + namespace: + type: string + example: apk-platform + APIDefinitionValidationResponse_info: + type: object + description: | + API definition information + properties: + name: + type: string + example: PetStore + description: | + Name of the API + version: + type: string + example: 1.0.0 + description: | + Version of the API + context: + type: string + example: /petstore + description: | + Context of the API + description: + type: string + example: A sample API that uses a petstore as an example to demonstrate OpenAPI Specification 2.0 + description: | + Description of the API + openAPIVersion: + type: string + example: 3.0.0 + description: | + OpenAPI Version. + endpoints: + type: array + description: | + contains host/servers specified in the API definition file/URL + items: + type: string + example: https://localhost:9443/am/sample/pizzashack/v3/api/ + APIKey: + title: API Key details to invoke APIs + type: object + properties: + apikey: + type: string + description: API Key + example: eyJoZWxsbyI6IndvcmxkIn0=.eyJ3c28yIjoiYXBpbSJ9.eyJ3c28yIjoic2lnbmF0dXJlIn0= + validityTime: + type: integer + format: int32 + example: 3600 + responses: + BadRequest: + description: Bad Request. Invalid request or validation error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + Conflict: + description: Conflict. Specified resource already exists. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + example: + code: 409 + message: Conflict + description: Specified resource already exists + moreInfo: "" + error: [] + Forbidden: + description: Forbidden. The request must be conditional but no condition has been specified. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has been specified. + moreInfo: "" + error: [] + InternalServerError: + description: Internal Server Error. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact the Administrator. + moreInfo: "" + error: [] + NotAcceptable: + description: Not Acceptable. The requested media type is not supported. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported. + moreInfo: "" + error: [] + NotFound: + description: Not Found. The specified resource does not exist. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + example: + code: 404 + message: Not Found + description: The specified resource does not exist. + moreInfo: "" + error: [] + PreconditionFailed: + description: Precondition Failed. The request has not been performed because one of the preconditions was not met. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + example: + code: 412 + message: Precondition Failed + description: The request has not been performed because one of the preconditions was not met. + moreInfo: "" + error: [] + Unauthorized: + description: Unauthorized. The user is not authorized. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + example: + code: 401 + message: Unauthorized + description: The user is not authorized. + moreInfo: "" + error: [] + UnsupportedMediaType: + description: Unsupported Media Type. The entity of the request was not in a supported format. + content: + application/json: + schema: + $ref: "#/components/schemas/Error" + example: + code: 415 + message: Unsupported media type + description: The entity of the request was not in a supported format. + moreInfo: "" + error: [] + parameters: + apiId: + name: apiId + in: path + description: | + **API ID** consisting of the **Name** of the API. + required: true + style: simple + explode: false + schema: + type: string + apiId-Q: + name: apiId + in: query + description: | + **API ID** consisting of the **UUID** of the API. + The combination of the provider of the API, name of the API, and the version is also accepted as a valid API ID. + Should be formatted as **provider-name-version**. + required: true + schema: + type: string + name: + name: name + in: path + description: | + Name of the API + required: true + style: simple + explode: false + schema: + type: string + version: + name: version + in: path + description: | + Version of the API + required: true + style: simple + explode: false + schema: + type: string + limit: + name: limit + in: query + description: | + Maximum size of resource array to return. + required: false + style: form + explode: true + schema: + type: integer + default: 25 + Accept: + name: Accept + in: header + description: | + Media types acceptable for the response. Default is application/json. + required: false + style: simple + explode: false + schema: + type: string + default: application/json + offset: + name: offset + in: query + description: | + Starting point within the complete list of items qualified. + required: false + style: form + explode: true + schema: + type: integer + default: 0 + sortBy: + name: sortBy + in: query + description: | + Criteria for sorting. + required: false + style: form + explode: true + schema: + type: string + default: createdTime + enum: + - apiName + - version + - createdTime + - status + sortOrder: + name: sortOrder + in: query + description: | + Order of sorting (ascending/descending). + required: false + style: form + explode: true + schema: + type: string + default: desc + enum: + - asc + - desc + serviceId: + name: serviceId + in: path + description: Name of the Service. + required: true + style: simple + explode: false + schema: + type: string + gatewayId: + name: gatewayId + in: path + description: Name of the Gateway. + required: true + style: simple + explode: false + schema: + type: string + policyId: + name: policyId + in: path + description: Policy UUID + required: true + style: simple + explode: false + schema: + type: string