Secure API Manager allows you to create new REST APIs in the Publisher. This allows you to create and test a prototype REST API without worrying about users accessing and using the REST API before it is ready for production. The Publisher provides components that allow you to test the REST API and rewrite the REST API easily. You must know and understand REST to create a prototype REST API. For more information, see Required Knowledge.
When you create a REST API, you must use an inline script or a valid endpoint to complete the creation of the REST API. Typically, you create REST APIs with inline scripts for testing purposes. You use a REST API prototype for the purpose of early access to the REST API and testing the REST API before deploying it.
You can deploy a new REST API or a new version of an existing REST API as a prototype. This gives subscribers early access to the REST API that they can try out without a subscription or throttling, and provide feedback to improve the REST API. Over a period of time, you can make changes according to the feedback that you receive from the users and then publish the REST API in your production environment.
To design and publish a prototype REST API:
Log in to the Publisher using the account your Secure API Manager administrator gave you.
https://lifecycle-manager-dns-name:9444/publisherTo create a prototype REST API:
Click Design a New REST API, then click Start Creating.
Use the following information to define the general information about the REST API:
Specify a name for the REST API that appears in the Store. No spaces are allowed.
Specify the URI context path of the REST API. It is case-sensitive.
Specify the version of the REST API. This helps you manage the lifecycle of the REST API.
Select whether the REST API is Public or Restricted by Roles. For more information, see Section 4.0, Controlling Access to the APIs through the Access Manager Roles.
Specify a description of the REST API that appears in the Store. The description helps people understand the purpose of the REST API.
Upload an image to represent the REST API in the Store. The maximum dimensions are 100 x 100 pixels.
Define the REST API. You must specify the path to the REST API resource you are creating. You can then either import a file or use the Swagger UI to define the REST API. You must also add the REST calls the API will use. For more information, see the REST API Tutorial
.
To implement the prototyped REST API:
Click Next: Implement.
Select Prototyped API.
Select the implementation method of Inline or Endpoint. If you select Endpoint, you must provide a valid endpoint for the new REST API. If you select Inline, this REST API is for testing purposes only.
(Conditional) If you select Inline, expand the GET call and add your script here.
(Conditional) If your environment requires CORS, select Enable API based CORS Configuration.
CORS allows you to define additional domains that are in your environment. By default, to stop cross-site scripts, Secure API Manager does not allow multiple domain names. For more information, see Cross-origins resource sharing Wiki.
Use the following information to enable CORS:
Select this option to allow all domain names that contain the origin domain name.
Add any additional headers to this section to allow Secure API Manager to use additional domains.
Ensure that the correct REST methods are listed.
Select this option to allow credentials from other domains.
Review the REST API resource information that you have created.
Click Deploy as a Prototype.
Select Go to API Store to open the new REST API in the Store.
Click the API Console tab.
Click GET to expand it, then click Try it out to test the REST API.
You can test the prototype REST API by accessing it and using it in the Store. For more information, see Invoking and Testing the REST APIs.
After you have thoroughly tested the prototype REST API, you can then publish the REST API in your production environment. For more information, see Section 8.0, Managing the Lifecycle of an API. If you have documentation to add to the API, proceed to Section 6.0, Managing Documentation for the APIs.