API and Product definition template examples
You can use template files when creating API and Product definitions. Template files are
Handlebars templates containing variables of the form {{variable-name}}
that are
substituted with values when you create the API or Product definition. This topic provides the
default Handlebar templates used by apic
to create Products and APIs as examples
you can use to copy and customize for your own use.
Default API definition template (OpenAPI 2.0)
The following example template, which is for an OpenAPI 2.0 API definition, is the default
template that developer toolkit uses
when you create an API definition. Copy this example template into your own template file (which
must have the .hbs
extension), then edit it for your purposes. Template variables
are enclosed by double curly braces, for example {{name}}
. For information on
template variables, see Template variables for API and Product definitions. For more
information on Handlebars, see https://handlebarsjs.com/.
swagger: '2.0'
info:
x-ibm-name: {{name}}
title: {{title}}
version: {{version}}
schemes:
{{#if schemes}}
{{#each schemes}}
- {{this}}
{{/each}}
{{else}}
- https
{{/if}}
host: {{hostname}}
basePath: {{basepath}}
consumes:
- application/json
produces:
- application/json
securityDefinitions:
clientIdHeader:
type: apiKey
in: header
name: X-IBM-Client-Id
clientSecretHeader:
in: "header"
name: "X-IBM-Client-Secret"
type: "apiKey"
security:
-
clientIdHeader: []
clientSecretHeader: []
x-ibm-configuration:
testable: true
enforced: true
gateway: datapower-gateway
cors:
enabled: true
catalogs:
apic-dev:
properties:
runtime-url: $(TARGET_URL)
sb:
properties:
runtime-url: 'http://localhost:4001'
assembly:
execute:
- invoke:
{{#if targeturl}}
target-url: {{targeturl}}
{{else}}
target-url: $(runtime-url)$(request.path)
{{/if}}
paths:
/users:
post:
summary: Create a user
description: Create a new user
operationId: userCreate
externalDocs:
description: Blah
url: http://host/docs-about-routes-post
tags:
- Users
responses:
'201':
description: 'Success'
schema:
$ref: '#/definitions/User'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
get:
summary: User list
description: Get a list of users
operationId: userList
externalDocs:
description: Blah
url: http://host/docs-about-routes-post
tags:
- Users
responses:
'200':
description: 'Success'
schema:
$ref: '#/definitions/UserList'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
/users/{user}:
get:
summary: Retrieve the User
description: Retrieve the User
operationId: userGet
tags:
- Users
parameters:
- name: user
in: path
description: User id or name
required: true
type: string
responses:
'200':
description: 'Success'
schema:
$ref: '#/definitions/User'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
patch:
summary: Update User
description: Update User
operationId: userUpdate
tags:
- Users
parameters:
- name: user
in: path
description: User id or name
required: true
type: string
- name: payload
in: body
description: User to update
required: true
schema:
$ref: '#/definitions/UserUpdate'
responses:
'200':
description: 'Success'
schema:
$ref: '#/definitions/User'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
delete:
summary: Delete the User
description: Delete the User
operationId: userDelete
tags:
- Users
parameters:
- name: user
in: path
description: User id or name
required: true
type: string
responses:
'204':
description: 'Successful delete'
default:
description: 'Unexpected error'
schema:
$ref: '#/definitions/Error'
definitions:
User:
type: object
additionalProperties: false
UserUpdate:
type: object
additionalProperties: false
UserList:
type: object
additionalProperties: false
Error:
type: object
additionalProperties: false
properties:
status:
type: integer
message:
type:
- string
- array
tags:
- name: Users
description: Tags on all the user operations
externalDocs:
description: External information about Users
url: http://host/url-of-my-entire-set-of-tag-docs-for-this-tag
- name: Routes
description: Tags on all the route operations
externalDocs:
description: External information about Routes
url: http://host/url-of-my-entire-set-of-tag-docs-for-this-tag
OpenAPI 3.0 API definition template
The following example template is for an OpenAPI 3.0 API definition. Copy this example template
into your own template file (which must have the .hbs
extension), then edit it for
your purposes. Template variables are enclosed by double curly braces, for example
{{name}}
. For information on template variables, see Template variables for API and Product definitions. For more information on Handlebars, see https://handlebarsjs.com/.
openapi: '3.0.3'
info:
x-ibm-name: {{name}}
version: {{version}}
title: {{title}}
x-ibm-configuration:
assembly:
execute:
- invoke:
title: invoke
version: 2.0.0
target-url: 'http://apicsrv01.dp.rtp.raleigh.ibm.com/sample.json'
cors:
enabled: true
enforced: true
phase: realized
testable: true
gateway: datapower-api-gateway
servers:
- url: "/oauth-supported-flows"
paths:
"/getData":
get:
summary: Operation Get Branches
operationId: basicImplicit
responses:
default:
description: Default response
security:
- Oauth:
- scopePub
components:
securitySchemes:
clientIdHeader:
type: apiKey
in: header
name: clientHeader
clientSecretHeader:
type: apiKey
in: header
name: X-IBM-Client-Secret
client_id:
type: apiKey
in: query
name: client_id
client_secret:
type: apiKey
in: query
name: client_secret
OAuth 2.0 API definition template
The following example template is the default template that developer toolkit uses when you create
an OAuth 2.0 API definition with the command apic create:api --template oauth
. Copy
this example template into your own template file (which must have the .hbs
extension), then edit it for your purposes. Template variables are enclosed by double curly braces,
for example {{name}}
. For information on template variables, see Template variables for API and Product definitions. For more information on Handlebars, see https://handlebarsjs.com/.
swagger: "2.0"
info:
x-ibm-name: {{name}}
title: {{title}}
version: {{version}}
schemes:
{{#if schemes}}
{{#each schemes}}
- {{this}}
{{/each}}
{{else}}
- https
{{/if}}
host: {{hostname}}
basePath: {{basepath}}
securityDefinitions:
clientID:
description: "application's client_id"
in: "query"
name: "client_id"
type: "apiKey"
security:
- clientID: []
paths:
/oauth2/authorize:
get:
produces:
- text/html
summary: endpoint for Authorization Code and Implicit grants
description: description
parameters:
- name: response_type
in: query
description: request an authorization code or or access token (implicit)
required: true
type: string
enum:
- code
- token
- name: client_id
in: query
description: Application client ID
required: true
type: string
- name: scope
in: query
description: Scope being requested
type: string
required: true
- name: redirect_uri
in: query
type: string
description: URI where user is redirected to after authorization
required: false
- name: state
in: query
type: string
description: This string will be echoed back to application when user is redirected
required: false
responses:
302:
description: |
Redirect to the clients redirect_uri containing one of the following
- **authorization code** for Authorization code grant
- **access token** for Implicity grant
- **error** in case of errors, such as the user has denied the request
200:
description: An HTML form for authentication or authorization of this request.
security:
- clientID: []
post:
consumes:
- application/x-www-form-urlencoded
produces:
- text/html
summary: submit approval to authorization code or access token
description: |
Submit resource owners approval (or rejection) for the OAuth2 Server to issue an
authorization code or access token to the application.
security:
- clientID: []
parameters:
- name: client_id
in: formData
description: application requesting the access code or token
required: true
type: string
- name: scope
in: formData
description: requested scope of this authorization
required: true
type: string
- name: resource-owner
in: formData
description: resource owners user name
required: true
type: string
- name: redirect_uri
in: formData
description: URI the application is requesting this code or token to be redirected to
required: true
type: string
- name: original-url
in: formData
description: URL of the original authorization request
required: true
type: string
- name: dp-state
in: formData
description: state information provided in the authorization form
required: true
type: string
- name: dp-data
in: formData
description: state information provided in the authorization form
required: true
type: string
#- name: response_type
# in: formData
# description:
# required: true
# type: string
responses:
200:
description: Cool
/oauth2/token:
post:
consumes:
- application/x-www-form-urlencoded
produces:
- application/json
summary: Request Access Tokens
description: |
This endpoint allows requesting an access token following one of the flows below:
- Authorization Code (exchange code for access token)
- Client Credentials (2-legged, there isnt resource owner information)
- Resource Owner Password Credentials (2-legged, client provides resource owner name and password)
- Refresh Token (exchange refresh token for a new access code)
The table below indicates the required parameters for each specific grant_type options.
Empty cells indicate a parameter is ignored for that specific grant type.
Client authentication:
- Confidential clients should authenticate using HTTP Basic Authentication. Alternatively, they may post
their client_id and client_secret information as a formData parameter.
- Public clients should send their client_id as formData parameter.
| grant_type | code | client_credentials | password | refresh_token |
|----------------------|------------|--------------------|-------------|---------------|
| client_id | required* | required* | required* | required* |
| client_secret | required* | required* | required* | required* |
| code | required | | | |
| redirect_uri | required | | | |
| username | | | required | |
| password | | | required | |
| scope | | optional | optional | |
| refresh_token | | | | required |
The implicit grant requests, see /oauth2/authorize.
security: []
parameters:
- name: grant_type
in: formData
description: Type of grant
type: string
required: true
enum:
- authorization_code
- password
- client_credentials
- refresh_token
- name: client_id
in: formData
description: Application client ID, can be provided in formData or using HTTP Basic Authentication
required: false
type: string
- name: client_secret
in: formData
description: Application secret, must be provided in formData or using HTTP Basic Authentication
required: false
type: string
- name: code
in: formData
description: Authorization code provided by the /oauth2/authorize endpoint
required: false
type: string
- name: redirect_uri
in: formData
description: required only if the redirect_uri parameter was included in the authorization request /oauth2/authorize; their values MUST be identical.
required: false
type: string
- name: username
in: formData
type: string
description: Resource owner username
required: false
- name: password
in: formData
type: string
description: Resource owner password
required: false
- name: scope
in: formData
type: string
description: Scope being requested
required: false
- name: refresh_token
in: formData
type: string
description: The refresh token that the client wants to exchange for a new access token (refresh_token grant_type)
required: false
responses:
200:
description: json document containing token, etc.
schema:
$ref: "#/definitions/access_token_response"
400:
description: json document that may contain additional details about the failure
x-ibm-configuration:
testable: true
enforced: true
phase: "realized"
oauth2:
client-type: public #or confidential
scopes:
scope1: Description 1
scope2: Description 2
scope3: Description 3
grants:
- application
- password
- accessCode
- implicit
identity-extraction:
type: default-form #If identity extraction is not there use this form.
#type: basic
#type: custom-form #Customer provided form (needs location)
#type: redirect #Redirects user to authenticate somewhere else
#custom-form:
# url: https://example.com/authentication/form
# tls-profile: tls-profile-1
#redirect-url: https://example.com/external/form
authentication:
x-ibm-authentication-url:
url: https://example.com/auth/url
tls-profile: tls-profile-4
#x-ibm-authentication-registry: ldap-1
authorization:
type: authenticated #If the authorization section is missing this is the default
#type: default-form
#type: custom-form
#custom-form:
# url: https://example.com/authorization/form
# tls-profile: tls-profile-2
refresh-token:
count: 2048 # If this section is missing default is 0
revocation:
url: ""
tls-profile: ""
definitions:
access_token_response:
type: object
additionalProperties: false
required:
- token_type
- access_token
- expires_in
properties:
token_type:
enum:
- bearer
access_token:
type: string
expires_in:
type: integer
scope:
type: string
refresh_token:
type: string
Product definition template
The following example template is the default template that developer toolkit uses when you create a Product
definition. Copy this example template into your own template file (which must have the
.hbs
extension), then edit it for your purposes. Template variables are enclosed by
double curly braces, for example {{name}}
. For information on template variables,
see Template variables for API and Product definitions. For more information on Handlebars,
see https://handlebarsjs.com/.
product: '1.0.0'
info:
name: {{name}}
title: {{title}}
version: {{version}}
{{#isEmpty apis}}
{{else}}
apis:
{{/isEmpty}}
{{#each apis}}
'{{@key}}':
$ref: {{this}}
{{/each}}
visibility:
view:
type: public
subscribe:
type: authenticated
plans:
default:
title: Default Plan
description: Default Plan
approval: false
rate-limit:
value: 100/hour
hard-limit: false