POST /api/apis

Deprecated. Adds a new API and the first API version, or creates an API definition from an existing virtual service. As of version 8.1, this operation is replaced by POST /api/apis (extended functionality, different headers). Use the newer operation.

Note: Legacy operation. From version 8.1 onwards, use POST /api/apis with custom headers.

This operation sends the API definition in JSON or XML format. The platform assigns the APIID and returns the full API info in the response.

Authorization Roles/Permissions: Must be logged in. The user who adds the API automatically becomes the first API Administrator.

Workflow: There is no default workflow for new APIs. However, a custom workflow might be in place. There is only one initial action valid for Akana API Platform workflows relating to APIs, the @Create initial action. For more information on workflow, see Executing Workflow Actions.

Authorization token renewal: This operation changes information that is reflected in the authorization token; therefore, when invoking this operation, you must also renew the token.

This topic includes the following sections:

HTTP Method

POST

Back to top

URL

https://{hostname}/api/apis

Back to top

Sample Request #1: API with New Service

The example below adds an API that references the Swagger petstore API for testing purposes.

Request URL

https://{hostname}/api/apis

Sample request headers

Host: {hostname}
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=UTF-8
X-Csrf-Token_acmepaymentscorp":"TokenID%3D8ed70a13-8469-11e8-b37a-b155e4eabeb8%2CexpirationTime%3D153...

Sample request body: application/json

{
  "Name":"aaa_Swagger_Production",
  "Description":"Swagger API on the developer portal",
  "Visibility":"Public",
  "PictureID":"",
  "APIVersion":{
    "Visibility":"Public",
    "Name":"1.0",
    "ResourceLevelPermissionsSupported":true,
    "Description":"First version",
    "TargetAPI":{
      "Endpoints":{
        "Endpoint":[
          {
            "Uri":"http://petstore.swagger.io/v2/",
            "Category":"Production"
          }
        ]
      },
      "Type":"shttp",
      "Operations":{
        "Operation":[
          {
            "Method":"GET",
            "Path":"/get /pet/{petId}",
            "Input":[
              {
                "Name":"petId",
                "Type":"path"
              }
            ],
            "InputContentType":"*/*",
            "OutputContentType":"*/*",
            "FaultContentType":"*/*",
            "Name":"getPetById"
          },
          {
            "Method":"POST",
            "Path":"/pet",
            "Input":[

            ],
            "InputContentType":"*/*",
            "OutputContentType":"*/*",
            "FaultContentType":"*/*",
            "Name":"addPet"
          }
        ]
      },
      "Policies":{
        "Policy":[

        ]
      },
      "DefaultProfile":"Any in and out"
    },
    "Endpoints":{
      "Endpoint":[
        {
          "Uri":"http://www.acmepaymentscorp.com/api/swag",
          "Category":"Production",
          "CName":"www.acmepaymentscorp.com",
          "DeploymentZoneRule":"8c06bf74-5d31-4f7a-9a84-e842ab50default-http0"
        }
      ]
    },
    "Operations":{
      "Operation":[
        {
          "Method":"GET",
          "Path":"/get /pet/{petId}",
          "Input":[
            {
              "Name":"petId",
              "Type":"path"
            }
          ],
          "InputContentType":"*/*",
          "OutputContentType":"*/*",
          "FaultContentType":"*/*",
          "Name":"getPetById"
        },
        {
          "Method":"POST",
          "Path":"/pet",
          "Input":[

          ],
          "InputContentType":"*/*",
          "OutputContentType":"*/*",
          "FaultContentType":"*/*",
          "Name":"addPet"
        }
      ]
    },
    "Type":"shttp",
    "ProductionEndpoint":"http://www.acmepaymentscorp.com/api/swag",
    "SandboxEndpoint":null,
    "Tag":[
      "swagger",
      "test",
      "api"
    ],
    "Policies":{
      "Policy":[
        {
          "PolicyKey":"10001-acmepaymentscorpApplicationSecurityPolicy",
          "PolicyType":"Operational Policy"
        },
        {
          "PolicyKey":"10001-CORSAllowAll",
          "PolicyType":"Operational Policy"
        },
        {
          "PolicyKey":"10001-DetailedAuditing",
          "PolicyType":"Operational Policy"
        }
      ]
    },
    "DefaultProfile":"Any in and out",
    "ProductionAnonymousAccessAllowed":false,
    "SandboxAnonymousAccessAllowed":false,
    "ProductionEndpointAccessAutoApproved":true,
    "SandboxEndpointAccessAutoApproved":true
  }
}

Back to top

Sample Request #2: API with Existing Service

The example below adds an API by referencing an existing API already set up in Policy Manager.

Request URL

https://{hostname}/api/apis

Sample request headers

POST /api/apis HTTP/1.1
Host: {hostname}
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=UTF-8
AtmoAuthToken_acmepaymentscorp={TokenID_Content}
X-Csrf-Token_acmepaymentscorp":"TokenID%3D8ed70a13-8469-11e8-b37a-b155e4eabeb8%2CexpirationTime%3D153...

Sample request body: application/json

{
  "APIVersion":{
    "Type":"shttp",
    "Visibility":"com.soa.visibility.registered.users",
    "ProductionEndpointAccessAutoApproved":"true",
    "SandboxEndpointAccessAutoApproved":"true",
    "SandboxAnonymousAccessAllowed":"false",
    "ProductionAnonymousAccessAllowed":"false",
    "ResourceLevelPermissionsSupported":"false",
    "Name":"1.0",
    "Description":"First version",
    "Tag":[
      ""
    ],
    "ProductionServiceKey":"uddi:058d20ff-c5dc-11e5-b708-e23f6b2a9732"
  },
  "Name":"PM_SwaggerDelete_API",
  "Description":"PM_SwaggerDelete_API",
  "PictureID":""
}

Back to top

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header Description
Accept

Any of the following media types is valid for the Accept header:

application/json, application/xml

application/vnd.soa.v71+json, application/vnd.soa.v71+xml

application/vnd.soa.v72+json, application/vnd.soa.v72+xml

application/vnd.soa.v80+json, application/vnd.soa.v80+xml

application/vnd.soa.v83+json, application/vnd.soa.v83+xml

Content-Type

Any one of the following media types is valid for the request Content-Type:

application/json or application/xml

application/vnd.soa.v71+json or application/vnd.soa.v71+xml

application/vnd.soa.v72+json or application/vnd.soa.v72+xml

application/vnd.soa.v80+json or application/vnd.soa.v80+xml

application/vnd.soa.v83+json, or application/vnd.soa.v83+xml

X-Csrf-Token_{fedmemberID} The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login.

Back to top

Request Parameters

Parameter Parm Type Data Type Required Description
API Body API Required

Includes information about an API.

The request API object does not include APIID or APIVersionID, or other unique IDs that are assigned when the API is added (such as InterfaceQName for operations).

Back to top

Response

If successful, this operation returns HTTP status code 200, with the API information, including the unique APIID for the new API.

Back to top

Sample Response #1: API with New Service

The example below shows the response for the request shown in Sample Request #1: API with New Service.

Sample response headers

HTTP/1.1 200 OK
Date: Wed, 07 Oct 2015 15:30:26 GMT
Content-Type: application/json
Atmo-Renew-Token: renew

Sample response body: API with New Service: application/json

{
  "APIID":"44d187c6-7aa0-492d-bb41-fa5b9c16b450.acmepaymentscorp",
  "Name":"aaa_Swagger_Production",
  "Description":"Swagger Testing API",
  "Visibility":"Public",
  "Tag":[

  ],
  "APIVersion":{
    "APIVersionID":"f9e38abc-9d29-4586-a45f-e61a6780b6a1.acmepaymentscorp",
    "APIID":"44d187c6-7aa0-492d-bb41-fa5b9c16b450.acmepaymentscorp",
    "Name":"1.0",
    "Description":"First version",
    "Type":"shttp",
    "DefaultProfile":"Any in and out",
    "Tag":[

    ],
    "ProductionEndpoint":"http://www.acmepaymentscorp.com/api/",
    "Operations":{
      "Operation":[
        {
          "Name":"getPetById",
          "Method":"GET",
          "Path":"/pet/{path:.+|}",
          "InputContentType":"*/*",
          "OutputContentType":"*/*",
          "FaultContentType":"*/*",
          "Input":[
            {
              "Name":"path",
              "Type":"path"
            }
          ],
          "InterfaceQName":"{uri:acmepaymentscorp}PortType_svc_f9e38abc-9d29-4586-a45f-e61a6780b6a1.acmepaymentscorp.production",
          "WsdlOperationName":"getPetById"
        }
      ]
    },
    "Endpoints":{
      "Endpoint":[
        {
          "CName":"www.acmepaymentscorp.com",
          "Category":"Production",
          "Uri":"http://www.acmepaymentscorp.com/api/",
          "DeploymentZoneRule":"0dc4dce5-a255-4bdc-99cb-cd1ec000default-http0",
          "ConnectionProperties":[

          ]
        }
      ]
    },
    "Policies":{
      "Policy":[
        {
          "PolicyKey":"10001-DetailedAuditing",
          "PolicyType":"Operational Policy"
        }
      ]
    },
    "TargetAPI":{
      "Type":"shttp",
      "DefaultProfile":"Any in and out",
      "Endpoints":{
        "Endpoint":[
          {
            "Category":"Production",
            "Uri":"http://petstore.swagger.io/",
            "ConnectionProperties":[

            ]
          }
        ]
      },
      "Operations":{
        "Operation":[
          {
            "Name":"getPetById",
            "Method":"GET",
            "Path":"/pet/{path:.+|}",
            "InputContentType":"*/*",
            "OutputContentType":"*/*",
            "FaultContentType":"*/*",
            "Input":[
              {
                "Name":"path",
                "Type":"path"
              }
            ],
            "InterfaceQName":"{uri:acmepaymentscorp}PortType_svc_f9e38abc-9d29-4586-a45f-e61a6780b6a1.acmepaymentscorp.production",
            "WsdlOperationName":"getPetById"
          }
        ]
      },
      "Policies":{
        "Policy":[

        ]
      }
    },
    "Visibility":"Public",
    "ProductionEndpointAccessAutoApproved":true,
    "SandboxEndpointAccessAutoApproved":true,
    "SandboxAnonymousAccessAllowed":false,
    "ProductionAnonymousAccessAllowed":true,
    "ResourceLevelPermissionsSupported":false
  }
}

Sample response body: API with New Service: application/xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<API xmlns="http://soa.com/xsd/api/1.0" xmlns:ns2="http://soa.com/xsd/business/1.0" xmlns:ns3="http://soa.com/xsd/legals/1.0" 
xmlns:ns4="http://soa.com/xsd/dnmodel/1.0" xmlns:ns5="http://soa.com/xsd/resource/1.0">
  <APIID>114f7e50-083f-4249-9e85-d3a1e89f3710.acmepaymentscorp</APIID>
  <Name>aaa_Swagger_Production</Name>
  <Description>Swagger API on the developer portal</Description>
  <Visibility>Public</Visibility>
  <APIVersion>
    <APIVersionID>107624b8-fca3-4d80-88b7-94ea84d388c9.acmepaymentscorp</APIVersionID>
    <APIID>114f7e50-083f-4249-9e85-d3a1e89f3710.acmepaymentscorp</APIID>
    <Name>1.0</Name>
    <Description>First version</Description>
    <Type>shttp</Type>
    <DefaultProfile>Any in and out</DefaultProfile>
    <Tag>swagger</Tag>
    <Tag>test</Tag>
    <Tag>api</Tag>
    <ProductionEndpoint>http://acmepaymentscorp.com/api/swag</ProductionEndpoint>
    <Operations>
      <Operation>
        <Name>getPetById</Name>
        <Method>GET</Method>
        <Path>/get /pet/{petId}</Path>
        <InputContentType>*/*</InputContentType>
        <OutputContentType>*/*</OutputContentType>
        <FaultContentType>*/*</FaultContentType>
        <Input>
          <Name>petId</Name>
          <Type>path</Type>
        </Input>
        <InterfaceQName>{uri:acmepaymentscorp}PortType_svc_107624b8-fca3-4d80-88b7-94ea84d388c9.acmepaymentscorp.production</InterfaceQName>
        <WsdlOperationName>getPetById</WsdlOperationName>
      </Operation>
      <Operation>
        <Name>addPet</Name>
        <Method>POST</Method>
        <Path>/pet</Path>
        <InputContentType>*/*</InputContentType>
        <OutputContentType>*/*</OutputContentType>
        <FaultContentType>*/*</FaultContentType>
        <InterfaceQName>{uri:acmepaymentscorp}PortType_svc_107624b8-fca3-4d80-88b7-94ea84d388c9.acmepaymentscorp.production</InterfaceQName>
        <WsdlOperationName>addPet</WsdlOperationName>
      </Operation>
    </Operations>
    <Endpoints>
      <Endpoint>
        <Category>Production</Category>
        <Uri>http://acmepaymentscorp.com/api/swag</Uri>
        <CName>acmepaymentscorp.com/api</CName>
        <DeploymentZoneRule>8c06bf74-5d31-4f7a-9a84-e842ab50default-http0</DeploymentZoneRule>
      </Endpoint>
    </Endpoints>
    <Policies>
      <Policy>
        <PolicyKey>10001-acmepaymentscorpApplicationSecurityPolicy</PolicyKey>
        <PolicyType>Operational Policy</PolicyType>
      </Policy>
      <Policy>
        <PolicyKey>10001-CORSAllowAll</PolicyKey>
        <PolicyType>Operational Policy</PolicyType>
      </Policy>
      <Policy>
        <PolicyKey>10001-DetailedAuditing</PolicyKey>
        <PolicyType>Operational Policy</PolicyType>
      </Policy>
    </Policies>
    <TargetAPI>
      <Type>shttp</Type>
      <DefaultProfile>Any in and out</DefaultProfile>
      <Endpoints>
        <Endpoint>
          <Category>Production</Category>
          <Uri>http://petstore.swagger.io/v2/</Uri>
        </Endpoint>
      </Endpoints>
      <Operations>
        <Operation>
          <Name>getPetById</Name>
          <Method>GET</Method>
          <Path>/get /pet/{petId}</Path>
          <InputContentType>*/*</InputContentType>
          <OutputContentType>*/*</OutputContentType>
          <FaultContentType>*/*</FaultContentType>
          <Input>
            <Name>petId</Name>
            <Type>path</Type>
          </Input>
          <InterfaceQName>{uri:acmepaymentscorp}PortType_svc_107624b8-fca3-4d80-88b7-94ea84d388c9.acmepaymentscorp.production</InterfaceQName>
          <WsdlOperationName>getPetById</WsdlOperationName>
        </Operation>
        <Operation>
          <Name>addPet</Name>
          <Method>POST</Method>
          <Path>/pet</Path>
          <InputContentType>*/*</InputContentType>
          <OutputContentType>*/*</OutputContentType>
          <FaultContentType>*/*</FaultContentType>
          <InterfaceQName>{uri:acmepaymentscorp}PortType_svc_107624b8-fca3-4d80-88b7-94ea84d388c9.acmepaymentscorp.production</InterfaceQName>
          <WsdlOperationName>addPet</WsdlOperationName>
        </Operation>
      </Operations>
      <Policies />
    </TargetAPI>
    <Visibility>Public</Visibility>
    <ProductionEndpointAccessAutoApproved>true</ProductionEndpointAccessAutoApproved>
    <SandboxEndpointAccessAutoApproved>true</SandboxEndpointAccessAutoApproved>
    <SandboxAnonymousAccessAllowed>false</SandboxAnonymousAccessAllowed>
    <ProductionAnonymousAccessAllowed>false</ProductionAnonymousAccessAllowed>
    <ResourceLevelPermissionsSupported>true</ResourceLevelPermissionsSupported>
  </APIVersion>
</API>

Back to top

Sample Response #2: API with Existing Service

The example below shows the response for the request shown in Sample Request #2: API with Existing Service.

Sample response headers (ellipses indicate abbreviation for display purposes)

HTTP/1.1 200 OK
Date: Thu, 28 Jan 2016 16:30:14 GMT
Content-Type: application/json
Atmo-Renew-Token: renew
Set-Cookie: Csrf-Token_acmepaymentscorp=TokenID%3D68b24a75-c5dc- ...
AtmoAuthToken_acmepaymentscorp=TokenID%3D68b24a75-c5dc-11e5-b708-...

Sample response body: API with Existing Service: application/json

{
  "APIID" : "e5cbd91a-f23d-49ea-b600-a99b3dfb47b7.acmepaymentscorp",
  "Name" : "PM_SwaggerDelete_API",
  "Description" : "PM_SwaggerDelete_API",
  "Visibility" : "com.soa.visibility.registered.users",
  "Tag" : [ ],
  "APIVersion" : {
    "APIVersionID" : "02e8e50d-d629-465e-868f-0d0771d90806.acmepaymentscorp",
    "APIID" : "e5cbd91a-f23d-49ea-b600-a99b3dfb47b7.acmepaymentscorp",
    "Name" : "1.0",
    "Description" : "First version",
    "Type" : "shttp",
    "Tag" : [ "" ],
    "Visibility" : "com.soa.visibility.registered.users",
    "ProductionEndpointAccessAutoApproved" : true,
    "SandboxEndpointAccessAutoApproved" : true,
    "SandboxAnonymousAccessAllowed" : false,
    "ProductionAnonymousAccessAllowed" : false,
    "ResourceLevelPermissionsSupported" : false,
    "ProductionServiceKey" : "uddi:058d20ff-c5dc-11e5-b708-e23f6b2a9732"
  }
}

Back to top

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header Description
Content-Type

application/json, application/xml

application/vnd.soa.v71+json, application/vnd.soa.v71+xml

application/vnd.soa.v72+json, application/vnd.soa.v72+xml

application/vnd.soa.v80+json, application/vnd.soa.v80+xml

application/vnd.soa.v83+json, application/vnd.soa.v83+xml

Atmo-Renew-Token renew

Back to top

Response Body

Name Type Description
API API Includes information about an API. The response message includes IDs that are assigned when the API is created.

Back to top

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item Value
400 Bad request: Returned if the client sends invalid parameters or body content. For example, you might get this response if you send malformed XML in your request.
401 Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header. You would also get this response for any operation that requires login (almost all) if the login cookie was missing.
404 The resource could not be found. For example, you might get this if you have a typo in the URL, or if the Accept header is set to a wrong value.
405 Method Not Allowed. For example, you might get this if you specified an invalid Accept header or omitted a required Content-Type header, or used the wrong HTTP verb.
500 An error occurred processing the call.

More information about Akana API Platform API error messages.

Back to top

Related Topics