Creating a REST proxy API from an existing OpenAPI service
If you have an existing OpenAPI described target service that you want to expose through an IBM® API Connect API definition, you can create a proxy API and specify the target endpoint.
About this task
You can complete this task either by using the API Designer UI application, or by using the browser based API Manager UI.
To complete this task,
you must be assigned a role that has the
App:View permissions. The pre-supplied Developer role has these permissions by default;
if you are assigned a custom role it must have these permissions.
For more information, see Creating custom
Create proxy REST APIs in minutes by using the API Manager tool to create an API from existing OpenAPI service. This procedure creates a REST proxy that routes all traffic to a target REST API or service endpoint.
To compose a proxy API from an existing OpenAPI service, complete the following steps.
In the navigation pane, click
Develop, select the APIs tab, then click . The Select API type screen is displayed.
- Select OpenAPI 2.0 or OpenAPI 3.0 according to which version of the OpenAPI specification your API is to be based on.
- Select From existing OpenAPI service, and click Next.
To upload the service information from an OpenAPI file, you can either drag and drop your file,
or browse and select the file that you want to use. Valid file types are YAML, YML, etc.
After you upload the file, the OpenAPI specification is evaluated and a message displays whether it is valid.
- Click Browse and browse for the OpenAPI file.
- Drag and drop the file into the active area.
Click Next. Specify the API summary in the Info
section. You can fine-tune the API after it is created.
- The Title can include special characters but should be kept short so that it can be easily displayed in the user interface.
- The Name is entered automatically. The value in the Name field is a single string that is used to identify the API in developer toolkit CLI commands. To view the CLI commands to manage draft APIs, see apic draft-apis.
- The Version corresponds to the value of the
info.versionproperty of the API's OpenAPI definition. The
version.release.modificationversion numbering scheme is recommended; for example 1.0.0.
- The Base path is the URL segment of the API and does not include the host
name or any additional segments for paths or operations. The base path cannot include special
characters and must begin with a
/character even if it is otherwise empty.
- The optional Description helps to identify the API.
Click Next. In the Secure section, configure the
API security that you require.
- Secure using Client ID - Select this option to
require an Application to provide a Client ID (API Key). This causes the
X-IBM-Client-Idparameter to be included in the request header for the API. If selected, you can then select whether to limit the API calls on a per key (per Client ID) basis:
- Limit API calls on a per key basis - If selected, you must configure the rate limit that you require. Rate limits control the maximum number of calls allowed within a time period (hour, minute, month or day). For example, 100 calls per hour.
- CORS - Select this option to
enable cross-origin resource sharing (CORS) support for your API. This allows your API to be
accessed from another domain.Note:
- When CORS is enabled, the API Gateway runs the
corspreflow policy to handle all CORS requests that are made to the API.
- When CORS is enabled and a preflight request is received, only the following API actions are performed:
corspreflow policy configures the appropriate response headers.
- The response headers are set.
- When a preflight request is received, the
request.attributes.isCORSPreflightflag is set to
- For all preflight requests, the
client-identificationpreflow policies are always skipped, whether CORS is enabled or not enabled.
- When CORS is enabled, the API Gateway runs the
- Secure using Client ID - Select this option to require an Application to provide a Client ID (API Key). This causes the
API if you
want to immediately use the API for further development and testing.
- When you select the Activate
API option, API Connect automatically completes the
- Creates a draft Product, adds the API to the Product, and publishes the Product to the Sandbox Catalog so that the API is available to be called. The Product has the title api_title auto product. This Product is not visible in the Develop view and you cannot delete it directly. However, if you delete the API the draft Product is deleted together with the API; see Deleting an API definition. The Product is visible in any Catalogs to which it is published. If you want to remove the Product from a Catalog, you must do this separately; see Removing a Product from a Catalog
- Subscribes the Sandbox test application to the Product so that you can immediately test the API in the test environment. For information on testing an API, see Testing an API.
- You cannot use the Activate API option if lifecycle approval is enabled in the Sandbox Catalog for the Stage, Publish, or Replace actions. If any such lifecycle approvals are enabled, then to be able to use the Activate API option they must be disabled; for information on lifecycle approval settings, see Creating and configuring Catalogs.
- To use the Activate
API option, you must be assigned a
role that has the
Subscription:Managepermissions. The pre-supplied Developer role has these permissions by default; if you are assigned a custom role it must have these permissions. For more information, see Creating custom roles.
- When you select the Activate API option, API Connect automatically completes the following actions:
Click Next to create your API definition.
The Summary panel displays messages as the definition is created, and the selected security options and rate limits are enforced.
If you selected Activate API, the wizard populates an API Endpoint URL that you can use in testing. If you have also selected Secure using Client ID, the wizard displays a Client ID and Client Secret you can use.
Select one of the following options:
- To further configure your API, click Edit API. For details, see Editing an API definition.
- If you do not want to configure your API further at this time, click the Develop link in the breadcrumb trail to return to the welcome page; you can then move on immediately to another task. For details on how to configure your API later, see Editing an API definition.
What to do next
APIs are made available to application developers by including them in a Product, and then publishing that Product to a Catalog. For more information, see Working with Products and Working with Catalogs.