PUT /api/contracts/{ContractID}

Updates scopes (licenses selected) and/or the QoS policy assignments for an app/API contract.

Note: This corresponds to the Revise option in the Community Manager developer portal. This option is only available for a contract when licenses and QoS policies are associated with an API.

Authorization Roles/Permissions: Must be logged in. To complete this operation successfully, a user must be a member of the applicable team (App team member or API Admin).

This topic includes the following sections:

HTTP Method
URL
Sample Request
Request Headers
Request Parameters

Response
Sample Response
Response Headers
Response Body
Error Codes/Messages

HTTP Method

PUT

URL

https://{hostname}/api/contracts/{ContractID}

Sample Request

The example below shows a request to update the policies associated with a contract. Previously there were two policies; this example removes one, so there will be only one policy assigned to the contract.

Sample Request URL

https://{hostname}/api/contracts/70db5aae-9c12-41ff-b809-dd5941db1730.acmepaymentscorp

Sample request headers

Accept: application/json
Content-Type: application/json
AtmoAuthToken_acmepaymentscorp=TokenID%3Dcd36a4bd-e600-4e99-961a-c4ca0cfc93cd%2Cclaimed_id%3Durn%3Aatmosphere%3Auser%3Aacmepaymentscorp%3A14b1902f-3dfc-43e3-b09a-81137f091b96%2CissueTime%3D1614802132363%2CexpirationTime%3D1614803992357%2C...
X-Csrf-Token_acmepaymentscorp: TokenID%3D8ed70a13-8469-11e8-b37a-b155e4eabeb8%2CexpirationTime%3D153...

Sample request body

{
  "ContractID": "70db5aae-9c12-41ff-b809-dd5941db1730.acmepaymentscorp",
  "APIVersionID": "9daf2b49-0b00-45c2-8ccf-db5ef3d478af.acmepaymentscorp",
  "RuntimeID": "wbN3rqWphd4z6LtgwI5oMRbrZoYrwQ4OvKrBn19o.acmepaymentscorp",
  "Environment": "Production",
  "Policies": {
    "Policy": [
      {
        "PolicyKey": "uddi:0e725858-48de-47aa-90a3-10c2cf49aab2",
        "Name": "Throughput Quota QoS policy",
        "Description": "Throughput Quota QoS policy",
        "PolicyType": "Service Level Policy",
        "PolicySubType": "policy.qos.throughputquota"
      }
    ]
  },
  "State": "apicontract.status.approved",
  "ContractScope": {
    "Restricted": false
  },
  "Updated": "2019-09-06T21:22:13Z",
  "UpdatedInMillis": 1567804933000,
  "Status": "com.soa.apicontract.draft"
}

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header	Description
Accept	application/json, application/xml, application/vnd.soa.v71+json, application/vnd.soa.v71+xml, application/vnd.soa.v72+json, application/vnd.soa.v72+xml, application/vnd.soa.v80+json, application/vnd.soa.v80+xml, application/vnd.soa.v81+json, application/vnd.soa.v81+xml
Content-Type	Any one of the following media types is valid for the request Content-Type: application/json or application/xml application/vnd.soa.v71+json or application/vnd.soa.v71+xml application/vnd.soa.v72+json or application/vnd.soa.v72+xml application/vnd.soa.v80+json or application/vnd.soa.v80+xml application/vnd.soa.v81+json or application/vnd.soa.v81+xml
Cookie	AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies.
X-Csrf-Token_{fedmemberID}	The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login.

Request Parameters

Parameter	Parm Type	Data Type	Required	Description
ContractID	Path	string	Required	The unique ID for a specific contract between an app version and an API version.
Contract	Body	Contract	Required	Information about the contract, with the updated values.

Response

If successful, this operation returns HTTP status code 200, with information about the updated contract.

Sample Response

The sample response below shows successful completion of this operation.

Note: the response does not show the policies attached to the contract. In this example, there were previously two policies, and the request removed one of them. To see an updated list of the policies associated with the contract, use the GET /api/c ontracts/{ContractID} operation.

Sample response headers: application/json

Status Code: 200 OK
Content-Type: application/json
Date: Fri, 06 Sep 2019 21:23:58 GMT

Sample response body: application/json

{
  "ContractID": "70db5aae-9c12-41ff-b809-dd5941db1730.acmepaymentscorp",
  "APIVersionID": "9daf2b49-0b00-45c2-8ccf-db5ef3d478af.acmepaymentscorp",
  "RuntimeID": "wbN3rqWphd4z6LtgwI5oMRbrZoYrwQ4OvKrBn19o.acmepaymentscorp",
  "Environment": "Production",
  "State": "apicontract.status.approved",
  "ContractScope": {
    "Restricted": false
  },
  "Updated": "2019-09-06T21:23:59Z",
  "UpdatedInMillis": 1567805039000,
  "Status": "com.soa.apicontract.draft"
}

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header	Description
Content-Type	application/json, application/xml, application/vnd.soa.v71+json, application/vnd.soa.v71+xml, application/vnd.soa.v72+json, application/vnd.soa.v72+xml, application/vnd.soa.v80+json, application/vnd.soa.v80+xml, application/vnd.soa.v81+json, application/vnd.soa.v81+xml

Response Body

Name	Type	Description
Contract	Contract	Contains information about a contract between an app and an API.

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item	Value
400	Bad request: Returned if the client sends a malformed request; for example, invalid parameters or body content.For example, you might get this response if you specified an incorrect content-type value for the request.
401	Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header. You would also get this response for any operation that requires login (almost all) if the login cookie was missing.
500	An error occurred processing the call.

More information about Akana API Platform API error messages.