Using declarative APIs

A declarative API is a custom resource that allows you to create API Connect APIs using a YAML file. Learn how to create and configure this resource type.

Create a secret with your API manager credentials

Create a secret containing the credentials for the API manager you want the declarative API to use.

You can have multiple secrets in the same namespace, and also have APIs that reference different secrets.

Begin by creating the secret:

cat <<EOF | oc apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: apim-credentials
type: Opaque
stringData:
  base_url: https://<api-connect-base-url>
  username: <username>
  password: <password>
  trusted_cert: |-
    <certificate>
EOF

To get the values the you need to use within the secret, run the following command in the namespace where the API manager is installed, replacing <instance-name> with the name of the API manager instance:
```
oc get ManagementCluster <instance-name>-mgmt -o json | jq -r '.status.endpoints[] | select(.name=="platformApi")'
```
This returns a JSON object with the following structure, where <api-secret-name>, and <api-connect-base-url>, are values that change depending on the name of your APIC manager instance.
```
{
  "name": "platformApi",
  "type": "API",
  "secretName: "<api-secret-name>",
  "uri": "<api-connect-base-url>"
}
```
Replace the values in the secret that you created in the first step with the previously returned values, as follows:
- Replace <api-connect-base-url> with the values that were generated in the previous command.
- Replace <certificate> with the certificate content for a cert that the API manager trusts. On OpenShift, get this content by running the following command in the namespace where the API manager is installed, replacing <api-secret-name>, with the value that was generated in the previous step:
```
oc get secret <api-secret-name> -o json | jq -r '.data["ca.crt"]' | base64 --decode
```
- Replace <username> with the username you want to use.
- Replace <password> with the password for that username.

Create an API with the CLI

Log into your cluster, using your OpenShift user credentials:
```
oc login
```
Create a API YAML file. For example, you could create a file called api.yaml with the following example configuration. Update the values as indicated:
- For metadata.namespace, enter your project (namespace) name.
- For spec.definition, specify either an external, configMap or integrationRuntime object:
  - For spec.definition.configMap, specify the name of the configMap that contains the API document. The document can be compressed data in gzip, bzip2 and zip format to help avoid 1MB limit.
  - For spec.definition.external, specify an external endpoint containing the API definition to be fetched via a REST GET call.
  - For spec.definition.integrationRuntime, specify which REST API document to retrieve from a running IntegrationRuntime in the same namespace as this API. For details on how to configure the spec.definition section, refer to the "Custom resource values" section in this page.
- Define a spec.share.apim section only if you want this API to be created as a draft in an API manager instance:
  - For credentialsSecret, specify the name created in the Create a secret with your API manager credentials section.
  - For providerOrg, specify the provider organization in which the draft will be created.
- Set any other configuration values as required.
```
apiVersion: apiconnect.ibm.com/v1beta1
kind: API
metadata:
  name: example-api
  namespace: <namespace>
spec:
  definition:
    configMap: example-configmap
  share:
    apim:
      credentialsSecret: apim-credentials
      providerOrg: main-demo
```
Apply the YAML file to the cluster:
```
oc apply -f api.yaml
```
Check the status of the declarative API by running the following command in the project (namespace) where it was deployed:
```
oc get api
```

Custom resource values

The following table lists the configurable parameters and default values for the custom resource.

Parameter	Description	Default
`apiVersion`	The API version that identifies which schema is used for this declarative api
`kind`	Resource type	`API`
`metadata.name`	Unique short name by which the declarative api can be identified
`metadata.namespace`	Namespace (project) in which the declarative api is installed
`spec.share`	If share is specified then the API is added to API Connect as a draft API.
`spec.definition`	Defines the API.
`spec.definition.configMap`	The name of a configMap that contains the document. The document can be compressed data in gzip, bzip2 and zip format to help avoid 1MB limit.
`spec.definition.external`	Defines an external endpoint containing the definition to be fetched via a REST GET call.
`spec.definition.external.credentialsSecret`	Optional if auth is required. The name of a secret that contains the username and password keys for the external endpoint.
`spec.definition.external.disableTrust`	Optional, defaults to false if omitted. If trust is disabled then the TLS certificates are not verified even when connecting via https.	`false`
`spec.definition.external.trustedCert`	Optional, needed for https with self-signed certs. Name of a secret containing a `ca.crt`.
`spec.definition.external.url`	URL of the external endpoint. Only supported protocols are http and https.
`spec.definition.integrationRuntime`	Defines which REST API document to retrieve from a running IntegrationRuntime in the same namespace as this API.
`spec.definition.integrationRuntime.name`	The name of the IntegrationRuntime custom resource.
`spec.definition.integrationRuntime.restApi`	If defined the choose which of the REST APIs to use from the IntegrationRuntime. Can be omitted if the IntegrationRuntime only has 1 REST API.
`spec.definition.integrationRuntime.restApi.name`	The name of the REST API to use.
`status.conditions`	Returns information on the current condition of the declarative API
`status.metadata`	Returns metadata for declarative API