![[V5.0.2 or later]](../buildfiles/icon_v502.jpg){kind=icon}
API and Product definition template examples
You can use template files when creating API and Product definitions. Template files are
Handlebars templates containing variables of the form {{variable-name}} that are
substituted with values when you create the API or Product definition. This topic provides the
default Handlebar templates used by apic to create Products and APIs as examples
you can use to copy and customize for your own use.
Default API definition template
The following example template is the default template that developer toolkit uses when you create an API
definition. Copy this example template into your own template file (which must have the
.hbs extension), then edit it for your purposes. Template variables are enclosed by
double curly braces, for example {{name}}. For information on template variables,
see Template variables for API and Product definitions. For more information on Handlebars,
see https://handlebarsjs.com/.
swagger: '2.0'
info:
x-ibm-name: {{name}}
title: {{title}}
version: {{version}}
schemes:
{{#if schemes}}
{{#each schemes}}
- {{this}}
{{/each}}
{{else}}
- https
{{/if}}
host: {{hostname}}
basePath: {{basepath}}
consumes:
- application/json
produces:
- application/json
securityDefinitions:
clientIdHeader:
type: apiKey
in: header
name: X-IBM-Client-Id
clientSecretHeader:
in: "header"
name: "X-IBM-Client-Secret"
type: "apiKey"
security:
-
clientIdHeader: []
clientSecretHeader: []
x-ibm-configuration:
testable: true
enforced: true
cors:
enabled: true
catalogs:
apic-dev:
properties:
runtime-url: $(TARGET_URL)
sb:
properties:
runtime-url: 'http://localhost:4001'
assembly:
execute:
- invoke:
{{#if targeturl}}
target-url: {{targeturl}}
{{else}}
target-url: $(runtime-url)$(request.path)
{{/if}}
paths:
/users:
post:
summary: Create a user
description: Create a new user
operationId: userCreate
externalDocs:
description: Blah
url: http://host/docs-about-routes-post
tags:
- Users
responses:
'201':
description: 'Success'
schema:
$ref: '#/definitions/User'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
get:
summary: User list
description: Get a list of users
operationId: userList
externalDocs:
description: Blah
url: http://host/docs-about-routes-post
tags:
- Users
responses:
'200':
description: 'Success'
schema:
$ref: '#/definitions/UserList'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
/users/{user}:
get:
summary: Retrieve the User
description: Retrieve the User
operationId: userGet
tags:
- Users
parameters:
- name: user
in: path
description: User id or name
required: true
type: string
responses:
'200':
description: 'Success'
schema:
$ref: '#/definitions/User'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
patch:
summary: Update User
description: Update User
operationId: userUpdate
tags:
- Users
parameters:
- name: user
in: path
description: User id or name
required: true
type: string
- name: payload
in: body
description: User to update
required: true
schema:
$ref: '#/definitions/UserUpdate'
responses:
'200':
description: 'Success'
schema:
$ref: '#/definitions/User'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
delete:
summary: Delete the User
description: Delete the User
operationId: userDelete
tags:
- Users
parameters:
- name: user
in: path
description: User id or name
required: true
type: string
responses:
'204':
description: 'Successful delete'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
definitions:
User:
type: object
additionalProperties: false
UserUpdate:
type: object
additionalProperties: false
UserList:
type: object
additionalProperties: false
Error:
type: object
additionalProperties: false
properties:
status:
type: integer
message:
type:
- string
- array
tags:
- name: Users
description: Tags on all the user operations
externalDocs:
description: External information about Users
url: http://host/url-of-my-entire-set-of-tag-docs-for-this-tag
- name: Routes
description: Tags on all the route operations
externalDocs:
description: External information about Routes
url: http://host/url-of-my-entire-set-of-tag-docs-for-this-tag
OAuth 2.0 API definition template
The following example template is the default template that developer toolkit uses when you create an OAuth 2.0
API definition with the command apic create --type api --template oauth. Copy this
example template into your own template file (which must have the .hbs extension),
then edit it for your purposes. Template variables are enclosed by double curly braces, for example
{{name}}. For information on template variables, see Template variables for API and Product definitions. For more information on Handlebars, see https://handlebarsjs.com/.
swagger: "2.0"
info:
x-ibm-name: {{name}}
title: {{title}}
version: {{version}}
schemes:
{{#if schemes}}
{{#each schemes}}
- {{this}}
{{/each}}
{{else}}
- https
{{/if}}
host: {{hostname}}
basePath: {{basepath}}
securityDefinitions:
clientID:
description: "application's client_id"
in: "query"
name: "client_id"
type: "apiKey"
security:
- clientID: []
paths:
/oauth2/authorize:
get:
produces:
- text/html
summary: endpoint for Authorization Code and Implicit grants
description: description
parameters:
- name: response_type
in: query
description: request an authorization code or or access token (implicit)
required: true
type: string
enum:
- code
- token
- name: client_id
in: query
description: Application client ID
required: true
type: string
- name: scope
in: query
description: Scope being requested
type: string
required: true
- name: redirect_uri
in: query
type: string
description: URI where user is redirected to after authorization
required: false
- name: state
in: query
type: string
description: This string will be echoed back to application when user is redirected
required: false
responses:
302:
description: |
Redirect to the clients redirect_uri containing one of the following
- **authorization code** for Authorization code grant
- **access token** for Implicity grant
- **error** in case of errors, such as the user has denied the request
200:
description: An HTML form for authentication or authorization of this request.
security:
- clientID: []
post:
consumes:
- application/x-www-form-urlencoded
produces:
- text/html
summary: submit approval to authorization code or access token
description: |
Submit resource owners approval (or rejection) for the OAuth2 Server to issue an
authorization code or access token to the application.
security:
- clientID: []
parameters:
- name: client_id
in: formData
description: application requesting the access code or token
required: true
type: string
- name: scope
in: formData
description: requested scope of this authorization
required: true
type: string
- name: resource-owner
in: formData
description: resource owners user name
required: true
type: string
- name: redirect_uri
in: formData
description: URI the application is requesting this code or token to be redirected to
required: true
type: string
- name: original-url
in: formData
description: URL of the original authorization request
required: true
type: string
- name: dp-state
in: formData
description: state information provided in the authorization form
required: true
type: string
- name: dp-data
in: formData
description: state information provided in the authorization form
required: true
type: string
#- name: response_type
# in: formData
# description:
# required: true
# type: string
responses:
200:
description: Cool
/oauth2/token:
post:
consumes:
- application/x-www-form-urlencoded
produces:
- application/json
summary: Request Access Tokens
description: |
This endpoint allows requesting an access token following one of the flows below:
- Authorization Code (exchange code for access token)
- Client Credentials (2-legged, there isnt resource owner information)
- Resource Owner Password Credentials (2-legged, client provides resource owner name and password)
- Refresh Token (exchange refresh token for a new access code)
The table below indicates the required parameters for each specific grant_type options.
Empty cells indicate a parameter is ignored for that specific grant type.
Client authentication:
- Confidential clients should authenticate using HTTP Basic Authentication. Alternatively, they may post
their client_id and client_secret information as a formData parameter.
- Public clients should send their client_id as formData parameter.
| grant_type | code | client_credentials | password | refresh_token |
|----------------------|------------|--------------------|-------------|---------------|
| client_id | required* | required* | required* | required* |
| client_secret | required* | required* | required* | required* |
| code | required | | | |
| redirect_uri | required | | | |
| username | | | required | |
| password | | | required | |
| scope | | optional | optional | |
| refresh_token | | | | required |
The implicit grant requests, see /oauth2/authorize.
security: []
parameters:
- name: grant_type
in: formData
description: Type of grant
type: string
required: true
enum:
- authorization_code
- password
- client_credentials
- refresh_token
- name: client_id
in: formData
description: Application client ID, can be provided in formData or using HTTP Basic Authentication
required: false
type: string
- name: client_secret
in: formData
description: Application secret, must be provided in formData or using HTTP Basic Authentication
required: false
type: string
- name: code
in: formData
description: Authorization code provided by the /oauth2/authorize endpoint
required: false
type: string
- name: redirect_uri
in: formData
description: required only if the redirect_uri parameter was included in the authorization request /oauth2/authorize; their values MUST be identical.
required: false
type: string
- name: username
in: formData
type: string
description: Resource owner username
required: false
- name: password
in: formData
type: string
description: Resource owner password
required: false
- name: scope
in: formData
type: string
description: Scope being requested
required: false
- name: refresh_token
in: formData
type: string
description: The refresh token that the client wants to exchange for a new access token (refresh_token grant_type)
required: false
responses:
200:
description: json document containing token, etc.
schema:
$ref: "#/definitions/access_token_response"
400:
description: json document that may contain additional details about the failure
x-ibm-configuration:
testable: true
enforced: true
phase: "realized"
oauth2:
client-type: public #or confidential
scopes:
scope1: Description 1
scope2: Description 2
scope3: Description 3
grants:
- application
- password
- accessCode
- implicit
identity-extraction:
type: default-form #If identity extraction is not there use this form.
#type: basic
#type: custom-form #Customer provided form (needs location)
#type: redirect #Redirects user to authenticate somewhere else
#custom-form:
# url: https://example.com/authentication/form
# tls-profile: tls-profile-1
#redirect-url: https://example.com/external/form
authentication:
x-ibm-authentication-url:
url: https://example.com/auth/url
tls-profile: tls-profile-4
#x-ibm-authentication-registry: ldap-1
authorization:
type: authenticated #If the authorization section is missing this is the default
#type: default-form
#type: custom-form
#custom-form:
# url: https://example.com/authorization/form
# tls-profile: tls-profile-2
refresh-token:
count: 2048 # If this section is missing default is 0
revocation:
url: ""
tls-profile: ""
definitions:
access_token_response:
type: object
additionalProperties: false
required:
- token_type
- access_token
- expires_in
properties:
token_type:
enum:
- bearer
access_token:
type: string
expires_in:
type: integer
scope:
type: string
refresh_token:
type: string
Product definition template
The following example template is the default template that developer toolkit uses when you create a Product
definition. Copy this example template into your own template file (which must have the
.hbs extension), then edit it for your purposes. Template variables are enclosed by
double curly braces, for example {{name}}. For information on template variables,
see Template variables for API and Product definitions. For more information on Handlebars,
see https://handlebarsjs.com/.
product: '1.0.0'
info:
name: {{name}}
title: {{title}}
version: {{version}}
{{#isEmpty apis}}
{{else}}
apis:
{{/isEmpty}}
{{#each apis}}
'{{@key}}':
$ref: {{this}}
{{/each}}
visibility:
view:
type: public
subscribe:
type: authenticated
plans:
default:
title: Default Plan
description: Default Plan
approval: false
rate-limit:
value: 100/hour
hard-limit: false