This documentation is for WSO2 API Manager 2.0.0 View documentation for the latest release.
Due to a known issue do not use JDK1.8.0_151 with WSO2 products. Use JDK 1.8.0_144 until JDK 1.8.0_162-ea is released.
Store APIs - API Manager 2.0.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

Note that the contents on this page are deprecated, except User Signup. Click https://docs.wso2.com/display/AM200/apidocs/store  for the recommended list of Store APIs.

Store APIs provide the following REST resources.

Note: When you access any API other than the login and logout APIs through an external REST client such as cURL, first invoke the login API to ensure that user is authenticated. When the login API is invoked, the system stores the generated session cookie in a file, which we use in the next API invocations.

The responses is a JSON message.

Login

DescriptionLog in to API Store.
URIhttp://localhost:9763/store/site/blocks/user/login/ajax/login.jag
URI Parametersaction=login&username=xxx&password=xxx
HTTP MethodsPOST
Examplecurl -X POST -c cookies http://localhost:9763/store/site/blocks/user/login/ajax/login.jag -d 'action=login&username=admin&password=admin'

Logout

User Signup

There is no replacement for User Signup in the recommended Store APIs. Please use this API, since this is the only option currently available.

DescriptionAdd a new API Consumer.
URIhttp://localhost:9763/store/site/blocks/user/sign-up/ajax/user-add.jag
URI Parametersaction=addUser&username=<username>&password=<password>&allFieldsValues=<first_name>|<last_name>|<organization>|<address>|<country>|<email>|<land>|<mobile>|<IM>|<url>
HTTP MethodsPOST
Example

curl 'http://localhost:9763/store/site/blocks/user/sign-up/ajax/user-add.jag' -H 'Accept: application/json
--data 'action=addUser&kimhill=username&password=kimhill1234&allFieldsValues=Kim|Hill|ABC Network|30 Palm Road,Pasadena,California|USA|kim@abcnetwork.com|0016269934122|0016269934134|kimhill|www.abcNsounds.org/'

Search APIs

DescriptionSearch for APIs using a given query.
URI

http://localhost:9763/store/site/blocks/search/api-search/ajax/search.jag

URI Parameters

action=searchAPIs&query=<query>&start=<number>&end=<number>

The start and end parameters determine the range of APIs you want to retrieve. For example, if start=1 and end=3, the first 3 APIs that appear in the search results will be returned. Note that both 0 and 1 represent the first API in the search results, so start=0 and start=1 both means the same.

HTTP MethodsPOST
Example

curl -X POST -b cookies "http://localhost:9763/store/site/blocks/search/api-search/ajax/search.jag" -d "action=searchAPIs&query=test&start=0&end=3"

Get all Paginated Published APIs

DescriptionGet a list of all published APIs in paginated form so that browsing is easier.
URIhttp://localhost:9763/store/site/blocks/api/listing/ajax/list.jag
URI Parameters

action=getAllPaginatedPublishedAPIs, tenant, start, end, returnAPITags (optional)

The start and end parameters determine the range of APIs you want to retrieve. For example, if start=0 and end=10, the first 10 APIs that appear in the API Store will be returned.

The returnAPITags parameter is optional. If returnAPITags=true, the system makes a call to the registry and returns the tags of each API in the response.

HTTP MethodsGET
Example

To get the first 100 APIs in the API Store:

curl -b cookies " http://localhost:9763/store/site/blocks/api/listing/ajax/list.jag ?action=getAllPaginatedPublishedAPIs&tenant=carbon.super&start=1&end=100 "

Please note that the getAllPublishedAPIs API is now deprecated. You can get the same functionality from getAllPaginatedPublishedAPIs.

Add an Application

DescriptionAdd a new application.
URIhttp://localhost:9763/store/site/blocks/application/application-add/ajax/application-add.jag
URI Parametersaction=addApplication&application=xxx&tier=xxx&description=xxx
HTTP MethodsPOST
Example

curl -X POST -b cookies http://localhost:9763/store/site/blocks/application/application-add/ajax/application-add.jag -d 'action=addApplication&application=NewApp1&tier=Unlimited&description='

Update an Application

DescriptionUpdate an existing application.
URIhttp://localhost:9763/store/site/blocks/application/application-update/ajax/application-update.jag
URI Parameters

action=updateApplication&applicationOld=xxx&applicationNew=xxx&callbackUrlNew=xxx&descriptionNew=xxx&tier=xxx

HTTP MethodsPOST
Example

curl -X POST -b cookies http://localhost:9763/store/site/blocks/application/application-update/ajax/application-update.jag -d 'action=updateApplication&applicationOld=NewApp1&applicationNew=NewApp2&tier=Unlimited&descriptionNew=&callbackUrlNew'

Get Applications

Get an Application by Name

DescriptionGet details of a single application by name.
URI

http://localhost:9763/store/site/blocks/application/application-list/ajax/application-list.jag

URI Parameters?action=getApplicationByName&applicationName=$APP_NAME
HTTP MethodsGET
Example

curl -b cookies 'http://localhost:9763/store/site/blocks/application/application-list/ajax/application-list.jag?action=getApplicationByName&applicationName=$APP_NAME'

Remove an Application

DescriptionRemove an existing application.
URIhttp://localhost:9763/store/site/blocks/application/application-remove/ajax/application-remove.jag
URI Parameters

action=removeApplication&application=xxx

HTTP MethodsPOST
Example

curl -X POST -b cookies http://localhost:9763/store/site/blocks/application/application-remove/ajax/application-remove.jag -d "action=removeApplication&application=NewApp2"

Generate an Application Key

DescriptionGenerate the key and secret values for a new application.
URI

http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag

URI Parameters

action=generateApplicationKey& application=<app_name>&keytype=<PRODUCTION|SANDBOX> &callbackUrl=<URL>& authorizedDomains=<The domains from which requests are allowed to the APIs>& validityTime=<time duration in seconds>&tokenScope

tokenScope is given in the request when your API has Auth scopes defined. See OAuth scopes.

HTTP MethodsPOST
Examples
  1. curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=generateApplicationKey&application=NewApp1&keytype=PRODUCTION &callbackUrl=& authorizedDomains=ALL&validityTime=360000'
  2. curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=generateApplicationKey&application=NewApp1&keytype=SANDBOX&callbackUrl=&authorizedDomains=ALL&validityTime=360000& tokenScope=scope1'

Update the Application Key

DescriptionUpdate the key and secret values for an application.
URI

http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag

URI Parameters

action=updateClientApplication& application=<app_name>&keytype=<PRODUCTION|SANDBOX> &callbackUrl=<URL>& authorizedDomains=<The domains from which requests are allowed to the APIs>& validityTime=<time duration in seconds>&tokenScope

tokenScope is given in the request when your API has Auth scopes defined. See OAuth scopes.

HTTP MethodsPOST
Examples
  1. curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=updateClientApplication&application=NewApp1&keytype=PRODUCTION &callbackUrl=& authorizedDomains=ALL&validityTime=360000'
  2. curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=updateClientApplication&application=NewApp1&keytype=SANDBOX&callbackUrl=&authorizedDomains=ALL&validityTime=360000& tokenScope=scope1 '

Add a Subscription

DescriptionAdd a new API subscription.
URIhttp://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters
  • By application name: action=addAPISubscription&name=xxx&version=xxx&provider=xxx&tier=xxx&applicationName=xxx
  • By application ID: action=addSubscription&name=xxx&version=xxx&provider=xxx&tier=xxx&applicationId=xxx
HTTP MethodsPOST
Example

List Subscriptions

DescriptionList all applications with active subscriptions, along with the access key information of each application.
URIhttp://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag
URI Parameters

action=getAllSubscriptions, selectedApp (optional)

You can give an application's name in the s electedApp parameter. The API then returns the given application's s ubscribed APIs and access key information. If you do not specify this parameter, only the first application in the retrieved application list will contain subscribed API details, in addition to the access key information.

HTTP MethodsGET
Examples
  1. curl -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag?action=getAllSubscriptions
  2. curl -b cookies 'http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag?action=getAllSubscriptions&selectedApp=NewApp1 '

List Subscriptions by Application

DescriptionList all API subscriptions of a given application.
URIhttp://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag
URI Parameters

action=getSubscriptionByApplication&app=<application_name>

HTTP MethodsGET
Example

curl -b cookies 'http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag?action=getSubscriptionByApplication&app=DefaultApplication'

List Subscriptions by API

Remove a Subscription

DescriptionRemove an API subscription.
URI http://localhost:9763/store/site/blocks/subscription/subscription-remove/ajax/subscription-remove.jag
URI Parameters
  • By application name: action=removeSubscription&name=xxx&version=xxx&provider=xxx&applicationName=xxx
  • By application Id: action=removeSubscription&name=xxx&version=xxx&provider=xxx&applicationId=xxx
HTTP MethodsPOST
Example

Delete an OAuth Application

DescriptionDeletes an OAuth application in a third-party Authorization Server. If you delete it through the API Store UI, only the mapping that is maintained in the API Manager side will be deleted.
URIhttp://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters

action=deleteAuthApplication&consumerKey=<application_key>

HTTP MethodsPOST
Example

curl -k -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=deleteAuthApplication&consumerKey=4lHddsxCtpFa2zJE1EbBpJy_NIQa'

Provision an Out-of-Band OAuth Client 

DescriptionProvisions an OAuth client that was created out-of-band.
URIhttp://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters

action= mapExistingOauthClient& application=<APPLICATION NAME>&keytype= PRODUCTION/SANDBOX&callbackUrl=<URL> &authorizedDomains=< The domains from which requests are allowed to the APIs>& validityTime=<time duration in seconds>&client_id=<client ID>

HTTP MethodsPOST
Example

curl -X POST -b cookies  http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag  -d 'action= mapExistingOauthClient& application=NewApp1&keytype= PRODUCTION&callbackUrl= google.com &authorizedDomains=ALL& validityTime=3600&client_id= mPbgvinvpEk1QcSrw962TLICriUa& jsonParams={"username":"admin" ,"key_type":"PRODUCTION"," client_secret":"ynEI1ugq1_ RCTJ9bM8jtD9RCsdoa"," validityPeriod":"3600","client_ id":" mPbgvinvpEk1QcSrw962TLICriUa"} '

Clean Partially Created Keys

DescriptionCleans any partially created keys from the API Manager database, before adding a new subscription. Partially created keys can remain in the API Manager databases when an OAuth application of a third-party authorization server gets deleted using the API Store UI. It only deletes the mapping that is maintained in the API Manager side.
URIhttp://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag
URI Parameters

action=cleanUpApplicationRegistration&applicationName=xxx&keyType=PRODUCTION/SANDBOX'

HTTP MethodsPOST
Example

curl -X POST -b cookies http://localhost:9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag -d 'action=cleanUpApplicationRegistration&applicationName=DefaultApplication&keyType=PRODUCTION'

Get all Documentation

DescriptionGet all documents create for a given API
URIhttp://localhost:9763 /store/site/blocks/api/listing/ajax/list.jag
URI Parameters

action=getAllDocumentationOfApi&name=<API Name>&version=x.x.x&provider=<Name of the API provider>"

HTTP MethodsGET
Example

curl -b cookies "http://localhost:9763/store/site/blocks/api/listing/ajax/list.jag?action=getAllDocumentationOfApi&name=PhoneVerification&version=1.0.0&provider=admin"

Get the Contents of a File Document

DescriptionGet the contents of a file that is attached to API documentation of type 'File'
URIhttp://localhost:9763/store/site/blocks/api/documentation/view/ajax/file-docs.jag
URI Parameters

action=getFileDocumentByFilePath&filePath=<Get the file path using getAllDocumentationOfApi>

HTTP Methods

GET

Example

curl -b cookies "http://localhost:9763/store/site/blocks/api/documentation/view/ajax/file-docs.jag?action=getFileDocumentByFilePath&filePath=/registry/resource/_system/governance/apimgt/applicationdata/provider/admin/host/1.0.0/documentation/files/test.txt''

Add an API Comment

DescriptionAdd a comment to an API.
URIhttp://localhost:9763/store/site/blocks/comment/comment-add/ajax/comment-add.jag
URI Parameters

action=addComment&name=xxx&version=xxx&provider=xxx&comment=xxx

HTTP MethodsPOST
Example

curl -X POST -b cookies http://localhost:9763/store/site/blocks/comment/comment-add/ajax/comment-add.jag -d 'action=addComment&name=CalculatorAPI&version=1.0&provider=admin&comment=test comment'

Get all Endpoint URLs

DescriptionGet all the endpoint URLs of the API Gateway environments configured for an API.
URI

http://localhost:9763/store/site/blocks/api/api-info/ajax/api-info.jag

URI Parameters

action=getAPIEndpointURLs&name=xxx&version=x.x.x&provider=xxx

HTTP MethodsPOST
Example

curl -X POST -b cookies http://localhost:9763/store/site/blocks/api/api-info/ajax/api-info.jag -d 'action=getAPIEndpointURLs&name=CalculatorAPI&version=1.0&provider=admin'

Get all Available Tiers

DescriptionGet all the tiers available in the deployment.
URI

http://localhost:9763/store/site/blocks/item-add/ajax/add.jag

URI Parameters

action=getTiers

HTTP MethodsGET
Example

curl -b cookies http://localhost:9763/store/site/blocks/item-add/ajax/add.jag?action=getTiers

Update Grant Types

Description

Edit default grant types and add new grant types

URI

https://localhost:9443/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag

URI Parameters

action=updateClientApplication&application=<Application_Name>&keytype=<Type of the key>&jsonParams=<URL encoded JSON>&callbackUrl=<callBackURL>

HTTP Methods

GET

Example

curl 'https://localhost:9443/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag' -H 'Content-Type: application/x-www-form-urlencoded' -d 'action=updateClientApplication&application=DefaultApplication&keytype=PRODUCTION&jsonParams=%7B%22grant_types%22%3A%22refresh_token%2Curn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Asaml2-bearer%2Cpassword%2Ciwa%3Antlm%2Cclient_credentials%22%7D&callbackUrl=' -k -b cookies


To create a list of the grant types to be encoded

  1. Write a JSON string with the required grant types.

    {"grant_types":"refresh_token,urn:ietf:params:oauth:grant-type:saml2-bearer,password,iwa:ntlm,client_credentials"}
  2. Encode them with a URL encoder.
  3. Use the encoded value for the jsonParams parameter as shown in the sample cURL command given above.



You can also invoke these APIs using mutual SSL authentication. Follow the instructions below to enable this:

  1. Go to <APIM_HOME>/repository/conf/tomcat/catalina-server.xml and set the clientAuth attribute to want.

    <Connector  protocol="org.apache.coyote.http11.Http11NioProtocol"
        port="9443"
    	...
        clientAuth="want"
        ...
    />
  2. For each Store API, attach the X509Certificate and pass the MutualAuthUserName parameter in the header.
  3. Ensure that both client and the server have each other's certificates in the trust store.
  • No labels