This documentation is for WSO2 API Manager 1.6.0 View documentation for the latest release.
Creating an API - API Manager 1.6.0 - WSO2 Documentation
Skip to end of metadata
Go to start of metadata

Follow the steps below to create an API:

  1. Log in to the API Publisher as a user who has the creator role assigned. For more information on creating users and assigning roles, refer to section User Management .     
  2. Once logged in, click Add. The Add New API screen opens.  The tables below explain its fields. The fields marked with * are mandatory.  

    General details

    Name*Name of API as you want it to appear in the API store (E.g., PhoneVerification)
    Context*URI context path that is used by to API consumers. (E.g., /phoneverify)
    Version*API version in the form of version.major.minor. (E.g., 1.0.0)
    Tier Availability*For details, see Throttling Tiers


    The transport protocol on which the API is exposed. Both HTTP and HTTPS transports are selected by default. If you want to limit API availability to only one transport (e.g., HTTPS), un-check the other transport.

    Response Caching Used to enable caching of response messages per each API. Caching protects the backend systems from being exhausted due to serving the same response (for same request) multiple times. If you select the enable option, specify the cache timeout value (in seconds) within which the system tries to retrieve responses from the cache without going to the backend.

    To configure response caching,
    edit <APIM_HOME>/repository/resources/api_templates/velocity_template.xml file. The cache mediator properties in the XML file are as follows:
      • collector  
        • true - Specifies that the mediator instance is a response collection instance.
        • false - Specifies that it's a cache serving instance.  
      • max MessageSize - Specifies the maximum size of a message to be cached in bytes. An optional attribute, with the default value as unlimited.  
      • maxSize - Defines the maximum number of elements to be cached.
    Visibility* For details, see API Visibility.
    Thumbnail Image

    Icon to be displayed in API store (can be jpeg, tiff, png format)

    DescriptionHigh-level description of API functionality.
    TagsAny number of tags separated by comma. Tags allow you to group/categorize APIs that have similar attributes and behaviors. When tagging, always use relevant keywords and common search terms. Once a tagged API gets published to the API Store, its tags appear on the dashboard as links to the API consumers, who can click on them to quickly jump to a category they are interested in.
    SequencesCustom sequences that you want to invoke in the message flow. For details, see per-API sequences.


    Endpoint Type*

    An endpoint defines the external destination for an outgoing message. WSO2 API Manager has support for a range of different endpoint types allowing the API Gateway to connect with advanced types of backends. The API Manager supports HTTP endpoints, URL endpoints (also termed as address endpoint), WSDL endpoints, Failover endpoints, Load-balanced endpoints.

    Also see Adding an Endpoint section in the ESB docs for details of the advanced configuration options.

    Production/Sandbox URLs*Endpoint of the back-end service URL and endpoint of sandbox (testing) back-end service. A sandbox URL is used for online testing of an API with easy access to an API key.

    Also see Maintaining Separate Production and Sandbox Gateways.

    The system reads gateway endpoints from api-manager.xml file. When there are multiple gateway environments defined, it picks the gateway endpoint of the production environment. You can define both HTTP and HTTPS gateway endpoints as follows:


    If both types of endpoints are defined, the HTTPS endpoint will be picked as the server endpoint.

    You cannot call back-end services secured with OAuth through APIs created in the API Manager. At the moment, you can call only services secured with username/password.

    The API Manager allows you to expose both REST and SOAP services to consumers through APIs.

    Endpoint Security Scheme*

    Secured endpoint or Non secured endpoint. Default is non secured endpoint.

    If secured endpoint is selected, user is asked for credentials of the backend service.

    If you get a Hostname verfiication failed exception when trying to send requests to a secured endpoint, set <parameter name="HostnameVerifier"> to AllowAll in <APIM_HOME>/repository/conf/axis2/axis2.xml file's HTTPS transport sender configuration. For example, <parameter name="HostnameVerifier">AllowAll</parameter>.

    This parameter verifies the hostname of the certificate of a server when API Manager acts as a client and does outbound service calls.


    URL of WSDL file describing API interface. (E.g., )

    When you provide the WSDL URL, the WSDL content will be saved as a resource file under /system/governance/apimgt/applicationdata/ wsdls folder in the registry. API artifacts have a dependency to this WSDL resource. Its original service address location is reset to the API Gateway's address URL to prevent accessing the service endpoint directly. At the store, we will show the registry permlink of the wsdl resource. User can download the WSDL and create a service project out of that.

    WADLURL to WADL file (describing API interface).

    Business information


    Business Owner and Email

    Information about the person responsible for this API at a business level.

    Technical Owner and Email

    Information about the person responsible for this API at a technical level.



    Used to specify the tenants who can subscribe to an API, in a multi-tenanted API Manager deployment. The following types of subscription categories are available between tenants:

    • Available to current Tenant Only - Only users who are in the current tenant domain, i.e., the tenant domain of the API creator, can subscribe to this API.     
    • Available to All the Tenants - Users of all tenant domains in the API Manager deployment can subscribe to this API.   
    • Available to Specific Tenants - Users of specified tenant domains as well as the current tenant domain (i.e., the tenant domain of the API creator) can subscribe to this API.

    API resources

    API ResourcesFor details, see API Resources.
  3. Once the required information is filled, click the Create button at the end of the page to create the API.

  4. If the API is created successfully, the All APIs window opens with the newly-added API.

  5. Click the API to access its information. It has the following tabs:

    • Overview: Displays the details of the API
    • Edit: Allows the user to change the API details and test the Endpoint URL, Sandbox URL, WSDL and WADL.

      The Edit tab is only visible to users with creator privileges. Users logged in as creators do not have permission to publish the API. To publish, you need to log in as a user with publisher privileges.

    • Versions: Shows usage and subscription statistics of the API per version.
    • Docs: Allows to add   documents to an API. For instructions, refer to section Adding Documentation Using API Publisher.  
    • Users: Shows the list of active users subscribed to the API and their subscription statistics.  

Using these tabs, you can manage your API. Next, see Modifying and Deleting an API.

  • No labels