POST /api/apis
Deprecated. Adds a new API and the first API version, or creates an API definition from an existing virtual service. Use POST /api/apis with custom headers instead.
Note: This operation is still in use in the Community Manager developer portal for one specific scenario, which is when the API setting Publish an existing service as an API is enabled (see PUT /api/businesses/{BusinessID}/apisettings). In this scenario, adding an API by using the Publish an existing service as an API option uses this operation. For all other scenarios, use the newer operation as above.
This operation sends the API definition in JSON or XML format. The platform assigns the APIID and returns the full API info in the response.
Authorization Roles/Permissions: Must be logged in. The user who adds the API automatically becomes the first API Administrator.
Workflow: There is no default workflow for new APIs. However, a custom workflow might be in place. There is only one initial action valid for Akana API Platform workflows relating to APIs, the @Create initial action. For more information on workflow, see Executing Workflow Actions.
Authorization token renewal: This operation changes information that is reflected in the authorization token; therefore, when invoking this operation, you must also renew the token.
This topic includes the following sections:
HTTP Method
POST
URL
https://{hostname}/api/apis
Sample Request #1: API with New Service
The example below adds an API that references the Swagger petstore API for testing purposes.
Sample Request URL
https://{hostname}/api/apis
Sample request headers
Host: {hostname} Accept: application/json, text/javascript, */*; q=0.01 Content-Type: application/json; charset=UTF-8 AtmoAuthToken_acmepaymentscorp=TokenID%3Dcd36a4bd-e600-4e99-961a-c4ca0cfc93cd%2Cclaimed_id%3Durn%3Aatmosphere%3Auser%3Aacmepaymentscorp%3A14b1902f-3dfc-43e3-b09a-81137f091b96%2CissueTime%3D1614802132363%2CexpirationTime%3D1614803992357%2C... X-Csrf-Token_acmepaymentscorp:TokenID%3Dcd36a4bd-e600-4e99-961a-c4ca0cfc93cd%2CexpirationTime%3D153...
Sample request body: application/json
{ "Name":"aaa_Swagger_Production", "Description":"Swagger API on the Community Manager developer portal", "Visibility":"Public", "PictureID":"", "APIVersion":{ "Visibility":"Public", "Name":"1.0", "ResourceLevelPermissionsSupported":true, "Description":"First version", "TargetAPI":{ "Endpoints":{ "Endpoint":[ { "Uri":"http://petstore.swagger.io/v2/", "Category":"Production" } ] }, "Type":"shttp", "Operations":{ "Operation":[ { "Method":"GET", "Path":"/get /pet/{petId}", "Input":[ { "Name":"petId", "Type":"path" } ], "InputContentType":"*/*", "OutputContentType":"*/*", "FaultContentType":"*/*", "Name":"getPetById" }, { "Method":"POST", "Path":"/pet", "Input":[ ], "InputContentType":"*/*", "OutputContentType":"*/*", "FaultContentType":"*/*", "Name":"addPet" } ] }, "Policies":{ "Policy":[ ] }, "DefaultProfile":"Any in and out" }, "Endpoints":{ "Endpoint":[ { "Uri":"http://www.acmepaymentscorp.com/api/swag", "Category":"Production", "CName":"www.acmepaymentscorp.com", "DeploymentZoneRule":"8c06bf74-5d31-4f7a-9a84-e842ab50default-http0" } ] }, "Operations":{ "Operation":[ { "Method":"GET", "Path":"/get /pet/{petId}", "Input":[ { "Name":"petId", "Type":"path" } ], "InputContentType":"*/*", "OutputContentType":"*/*", "FaultContentType":"*/*", "Name":"getPetById" }, { "Method":"POST", "Path":"/pet", "Input":[ ], "InputContentType":"*/*", "OutputContentType":"*/*", "FaultContentType":"*/*", "Name":"addPet" } ] }, "Type":"shttp", "ProductionEndpoint":"http://www.acmepaymentscorp.com/api/swag", "SandboxEndpoint":null, "Tag":[ "swagger", "test", "api" ], "Policies":{ "Policy":[ { "PolicyKey":"10001-acmepaymentscorpApplicationSecurityPolicy", "PolicyType":"Operational Policy" }, { "PolicyKey":"10001-CORSAllowAll", "PolicyType":"Operational Policy" }, { "PolicyKey":"10001-DetailedAuditing", "PolicyType":"Operational Policy" } ] }, "DefaultProfile":"Any in and out", "ProductionAnonymousAccessAllowed":false, "SandboxAnonymousAccessAllowed":false, "ProductionEndpointAccessAutoApproved":true, "SandboxEndpointAccessAutoApproved":true } }
Sample Request #2: API with Existing Service
The example below adds an API by referencing an existing API already set up in Policy Manager.
Sample Request URL
https://{hostname}/api/apis
Sample request headers
POST /api/apis HTTP/1.1 Host: {hostname} Accept: application/json, text/javascript, */*; q=0.01 Content-Type: application/json; charset=UTF-8 AtmoAuthToken_acmepaymentscorp=TokenID%3Dcd36a4bd-e600-4e99-961a-c4ca0cfc93cd%2Cclaimed_id%3Durn%3Aatmosphere%3Auser%3Aacmepaymentscorp%3A14b1902f-3dfc-43e3-b09a-81137f091b96%2CissueTime%3D1614802132363%2CexpirationTime%3D1614803992357%2C... X-Csrf-Token_acmepaymentscorp: TokenID%3D8ed70a13-8469-11e8-b37a-b155e4eabeb8%2CexpirationTime%3D153...
Sample request body: application/json
{ "APIVersion":{ "Type":"shttp", "Visibility":"com.soa.visibility.registered.users", "ProductionEndpointAccessAutoApproved":"true", "SandboxEndpointAccessAutoApproved":"true", "SandboxAnonymousAccessAllowed":"false", "ProductionAnonymousAccessAllowed":"false", "ResourceLevelPermissionsSupported":"false", "Name":"1.0", "Description":"First version", "Tag":[ "" ], "ProductionServiceKey":"uddi:058d20ff-c5dc-11e5-b708-e23f6b2a9732" }, "Name":"PM_SwaggerDelete_API", "Description":"PM_SwaggerDelete_API", "PictureID":"" }
Request Headers
For general information on request header values, refer to HTTP Request Headers.
Header | Description |
---|---|
Accept |
Any of the following media types is valid for the Accept header: application/json, application/xml application/vnd.soa.v71+json, application/vnd.soa.v71+xml application/vnd.soa.v72+json, application/vnd.soa.v72+xml application/vnd.soa.v80+json, application/vnd.soa.v80+xml application/vnd.soa.v83+json, application/vnd.soa.v83+xml |
Content-Type |
Any one of the following media types is valid for the request Content-Type: application/json or application/xml application/vnd.soa.v71+json or application/vnd.soa.v71+xml application/vnd.soa.v72+json or application/vnd.soa.v72+xml application/vnd.soa.v80+json or application/vnd.soa.v80+xml application/vnd.soa.v83+json or application/vnd.soa.v83+xml |
Cookie | AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies. |
X-Csrf-Token_{fedmemberID} | The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login. |
Request Parameters
Parameter | Parm Type | Data Type | Required | Description |
---|---|---|---|---|
API | Body | API | Required |
Contains information about an API. The request API object does not include APIID or APIVersionID, or other unique IDs that are assigned when the API is added (such as InterfaceQName for operations). |
Response
If successful, this operation returns HTTP status code 200, with the API information, including the unique APIID for the new API.
Sample Response #1: API with New Service
The example below shows the response for the request shown in Sample Request #1: API with New Service.
Sample response headers
HTTP/1.1 200 OK Date: Wed, 07 Oct 2015 15:30:26 GMT Content-Type: application/json Atmo-Renew-Token: renew
Sample response body: API with New Service: application/json
{ "APIID":"44d187c6-7aa0-492d-bb41-fa5b9c16b450.acmepaymentscorp", "Name":"aaa_Swagger_Production", "Description":"Swagger Testing API", "Visibility":"Public", "Tag":[ ], "APIVersion":{ "APIVersionID":"f9e38abc-9d29-4586-a45f-e61a6780b6a1.acmepaymentscorp", "APIID":"44d187c6-7aa0-492d-bb41-fa5b9c16b450.acmepaymentscorp", "Name":"1.0", "Description":"First version", "Type":"shttp", "DefaultProfile":"Any in and out", "Tag":[ ], "ProductionEndpoint":"http://www.acmepaymentscorp.com/api/", "Operations":{ "Operation":[ { "Name":"getPetById", "Method":"GET", "Path":"/pet/{path:.+|}", "InputContentType":"*/*", "OutputContentType":"*/*", "FaultContentType":"*/*", "Input":[ { "Name":"path", "Type":"path" } ], "InterfaceQName":"{uri:acmepaymentscorp}PortType_svc_f9e38abc-9d29-4586-a45f-e61a6780b6a1.acmepaymentscorp.production", "WsdlOperationName":"getPetById" } ] }, "Endpoints":{ "Endpoint":[ { "CName":"www.acmepaymentscorp.com", "Category":"Production", "Uri":"http://www.acmepaymentscorp.com/api/", "DeploymentZoneRule":"0dc4dce5-a255-4bdc-99cb-cd1ec000default-http0", "ConnectionProperties":[ ] } ] }, "Policies":{ "Policy":[ { "PolicyKey":"10001-DetailedAuditing", "PolicyType":"Operational Policy" } ] }, "TargetAPI":{ "Type":"shttp", "DefaultProfile":"Any in and out", "Endpoints":{ "Endpoint":[ { "Category":"Production", "Uri":"http://petstore.swagger.io/", "ConnectionProperties":[ ] } ] }, "Operations":{ "Operation":[ { "Name":"getPetById", "Method":"GET", "Path":"/pet/{path:.+|}", "InputContentType":"*/*", "OutputContentType":"*/*", "FaultContentType":"*/*", "Input":[ { "Name":"path", "Type":"path" } ], "InterfaceQName":"{uri:acmepaymentscorp}PortType_svc_f9e38abc-9d29-4586-a45f-e61a6780b6a1.acmepaymentscorp.production", "WsdlOperationName":"getPetById" } ] }, "Policies":{ "Policy":[ ] } }, "Visibility":"Public", "ProductionEndpointAccessAutoApproved":true, "SandboxEndpointAccessAutoApproved":true, "SandboxAnonymousAccessAllowed":false, "ProductionAnonymousAccessAllowed":true, "ResourceLevelPermissionsSupported":false } }
Sample Response #2: API with Existing Service
The example below shows the response for the request shown in Sample Request #2: API with Existing Service.
Sample response headers (ellipses indicate abbreviation for display purposes)
HTTP/1.1 200 OK Date: Thu, 28 Jan 2016 16:30:14 GMT Content-Type: application/json Atmo-Renew-Token: renew Set-Cookie: Csrf-Token_acmepaymentscorp=TokenID%3D68b24a75-c5dc- ... AtmoAuthToken_acmepaymentscorp=TokenID%3Dcd36a4bd-e600-4e99-961a-c4ca0cfc93cd%2Cclaimed_id%3Durn%3Aatmosphere%3Auser%3Aacmepaymentscorp%3A14b1902f-3dfc-43e3-b09a-81137f091b96%2CissueTime%3D1614802132363%2CexpirationTime%3D1614803992357%2C...
Sample response body: API with Existing Service: application/json
{ "APIID" : "e5cbd91a-f23d-49ea-b600-a99b3dfb47b7.acmepaymentscorp", "Name" : "PM_SwaggerDelete_API", "Description" : "PM_SwaggerDelete_API", "Visibility" : "com.soa.visibility.registered.users", "Tag" : [ ], "APIVersion" : { "APIVersionID" : "02e8e50d-d629-465e-868f-0d0771d90806.acmepaymentscorp", "APIID" : "e5cbd91a-f23d-49ea-b600-a99b3dfb47b7.acmepaymentscorp", "Name" : "1.0", "Description" : "First version", "Type" : "shttp", "Tag" : [ "" ], "Visibility" : "com.soa.visibility.registered.users", "ProductionEndpointAccessAutoApproved" : true, "SandboxEndpointAccessAutoApproved" : true, "SandboxAnonymousAccessAllowed" : false, "ProductionAnonymousAccessAllowed" : false, "ResourceLevelPermissionsSupported" : false, "ProductionServiceKey" : "uddi:058d20ff-c5dc-11e5-b708-e23f6b2a9732" } }
Response Headers
For general information on response header values, refer to HTTP Response Headers.
Header | Description |
---|---|
Content-Type |
application/json, application/xml application/vnd.soa.v71+json, application/vnd.soa.v71+xml application/vnd.soa.v72+json, application/vnd.soa.v72+xml application/vnd.soa.v80+json, application/vnd.soa.v80+xml application/vnd.soa.v83+json, application/vnd.soa.v83+xml |
Atmo-Renew-Token | renew |
Response Body
Name | Type | Description |
---|---|---|
API | API |
Contains information about an API. The response message includes IDs that are assigned when the API is created. |
Error Codes/Messages
If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.
Item | Value |
---|---|
400 |
Bad request: Returned if the client sends a malformed request; for example, invalid parameters or body content. For example, you might get this response if you send malformed XML in your request. |
401 | Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header. You would also get this response for any operation that requires login (almost all) if the login cookie was missing. |
404 | The resource could not be found. For example, you might get this if you have a typo in the URL, or if the Accept header is set to a wrong value. |
405 | Method Not Allowed. You might get this if there is an error in the URL, or if you used the wrong HTTP verb. |
500 | An error occurred processing the call. |
More information about Akana API Platform API error messages.