Exposing a SOAP API and GraphQL API to Applications

Edit online

About this task

The API Provider can restrict the exposure of specific operations of a SOAP API and GraphQL API to other applications.

Consider you have a native SOAP API or GraphQL API created in API Gateway with operations - Operation A, Operation B, and Operation C. You might want to expose the Operation A and Operation C, and restrict the visibility of Operation B to other applications. You can use the Expose to consumers button to switch on the visibility of Operation A and Operation C and switch off the visibility of Operation B, as required.

If an application attempts to invoke the Operation B in the SOAP API or GraphQL API, API Gateway returns a HTTP response code 404 for SOAP API and response code 400 for GraphQL API.

By default, the Expose to consumers action is switched on for all operations of the SOAP API and GraphQL API. Once the API is activated, exposed operations are available for use in the registered applications. If you do not want a particular set of operations to be hidden for registered applications, switch off Expose to consumers in the SOAP API or GraphQL API definition.

Note: API Gateway will not allow you to activate a SOAP API or GraphQL API if none of the operations in the API are selected for exposure to other applications. You must select at least one operation of the SOAP API or GraphQL API to enforce runtime invocations.

To expose a set of operations of the SOAP API or GraphQL API

Procedure

  1. Click APIs in the title navigation bar.
    This displays a list of APIs available in API Gateway.
  2. Click the name of the required API.
    This opens the API details page.
  3. Click Edit.
    If the API is active, API Gateway displays a warning message to let you know that the API is active.
  4. Click Operations.
    This displays a list of operations available in the API.

    To select an operation, switch on the Expose to consumers action next to the operation URI. You can select one or more operations to expose to other applications.

  5. Click Save to save the updated API.
    Activate the API, if it is not active, to put it into effect.