

Create a REST API

API creation is the process of linking an existing backend API implementation to the API Publisher, so that you can manage and monitor the API's lifecycle, documentation, security, community, and subscriptions. Alternatively, you can provide the API implementation in-line in the API Publisher itself.

Follow the instructions below to create a REST API using the basic flow.

1. Sign in to the WSO2 API Publisher.

   https://<hostname>:9443/publisher

   Example: https://localhost:9443/publisher

   Note

   The CREATE button will only appear for a user who has the creator role permission.

2. Go to CREATE API and Click Design a New REST API.

   

3. Enter API details.

   Field		Sample value
   Name		PizzaShack
   Version		1.0.0
   Context		/pizzashack The API context is used by the Gateway to identify the API. Therefore, the API context must be unique. This context is the API's root context when invoking the API through the Gateway. You can define the API's version as a parameter of its context by adding the {version} into the context. For example, {version}/pizzashack. The API Manager assigns the actual version of the API to the {version} parameter internally. For example, https://localhost:8243/1.0.0/pizzashack. Note that the version appears before the context, allowing you to group your APIs based on the versions.
   Endpoint		https://localhost:9443/am/sample/pizzashack/v1/api/ The endpoint that you add is automatically added as the production and sandbox endpoints.

   Note

   The CREATE & PUBLISH option will only appear when a user who has publisher permission adds the details for the Endpoint and Business plan(s), which are optional fields.

   

4. Click CREATE or CREATE & PUBLISH to create the API.

   The overview page of the newly created API appears.

   

5. Configure the API design configurations.

   

   1. Click Design Configurations.

      Note

      By default, All users who have creator permission are allowed Publisher Access Control and public Developer Portal visibility.

   2. Add a tag and press enter.

      Let's add a tag named pizza.

      Info

      Tags can be used to filter out APIs matching specific search criteria. It is a good practice to add tags that explain the functionality and purpose of the API so that subscribers can search for APIs based on the tags.

   3. Optionally, select Yes as the Make this the Default Version option.

      When an API is the default version -

      • The API will be available in the Gateway without a version specified in the production and sandbox URLs.
      • You to create a new version of this API and set it as the default version. Thereafter, the same resources can be invoked in the client applications without changing the API gateway URL.
      • You can create new versions of an API with changes, while at the same time allowing the existing client applications to be invoked without the client having to change the URLs.

   4. Click Save.

6. Configure the runtime configurations.

   1. Click Runtime Configuration.

      Transport Level Security defines the transport protocol on which the API is exposed.

      

   2. If you wish to limit the API availability to only one transport (e.g., HTTPS), uncheck the Transport Level Security checkbox.

      Both HTTP and HTTPS transports are selected by default.

7. Configure the resources.

   By default, the API will have five resources with /* as the URL pattern.

   1. Click Show More to navigate Resource page.

      

   2. Modify the resources as follows and click SAVE to update the resources.

      1. Click delete, as shown below, to remove all the existing resources.

         

      2. Click (+) to add a new resource.

         

         The newly added resource is displayed as follows.

         

   3. Expand the created GET operation to add Summary and Description and Operation governance.

      1. Turn the Security setting Off if you want to make a certain operation of the API non secured and accessible without passing an access token. To make the whole API non secured, and fully accessible without an access token, turn the security setting off in all the operations of the API.

      2. In addition, you can add the resource Parameters using the Parameters section.

         

         You can define the following parameter types based on the resource parameters that you add.

         Parameter Type	Description
         query	Contains the fields added as part of the invocation URL that contains the data to be used to call the backend service.
         header	Contains the case-sensitive names followed by a colon (:) and then by its value that carries additional information with the request, which defines the operating parameters of the transaction.
         cookie	Operations can also pass parameters in the Cookie header, as Cookie: name=value. Multiple cookie parameters are sent in the same header, separated by a semicolon and space.
         body	An arbitrary amount of data of any type is sent with a POST message.

8. Optionally, view the API definition.

   Click API Definition. The OpenAPI Specification (a.k.a Swagger definition) for the PizzaShack API appears.

   

Now, you have successfully created and configured a REST API. Next, let's Publish your API.

More

Click the following topics to learn more on the concepts that you need to know when creating an API:

• API Visibility
• Endpoints
• Throttling Tiers
• Custom Properties
• API Security
• Life Cycle Management
• API Documentation
• API Monetization

Top