Using REST APIs [WSO2 API Manager]

DZone 's Guide to

Using REST APIs [WSO2 API Manager]

In this brief article, let's take a look at how easy it is to invoke the REST APIs of WSO2 API Manager.

· Integration Zone ·
Free Resource


The WSO2 API Manager exposes a series of REST APIs and they are quite useful if you are going to create custom tools, solutions, for example, a Maven plugin. In this article, I'm going to explain how to use the APIs and in the next series of the articles, I'm going to show how to make use of the APIs to create a Maven plugin.

Getting Started

Here is the official documentation of the REST APIs. To invoke any API, first, we need to get a pair of clientId & client secret and then use them to get the access token. Here are the necessary steps,

Get ClientID and Client Secret

Method POST

Authorization: Base64(username:password)

Content-Type: application/json



  "callbackUrl": "www.google.com",
  "clientName": "rest_api_publisher",
  "owner": "admin",
  "grantType": "password refresh_token",
  "saasApp": true

    "clientId": "VapXbCr9XKTZJK3t_VNDtK5X2Ksa",
    "clientName": "admin_rest_api_publisher",
    "callBackURL": "www.google.lk",
    "clientSecret": "AA2b35yIOrqKzfxZVCxJ5OZH0Rwa",
    "isSaasApplication": true,
    "appOwner": null,
    "jsonString": "{\"grant_types\":\"password refresh_token\"}",
    "jsonAppAttribute": "{}",
    "tokenType": null

Getting Access Token

Note: Access token must be generated using the correct scope. In the below example, the scope (api_view) is used to generate access token to call an API to list available APIs. To generate access token to invoke an API to create an API, one must use api_create scope.

Method POST
Headers Authorization: Base64(clientId:clientSecret)

Content-Type: application/x-www-form-urlencoded

Request Params

grant_type: password

username: admin

password: admin

scope : apim:api_view

    "access_token": "f6e21049-8f0f-3c05-b337-5f34b5fd4ea0",
    "refresh_token": "a7d60f0b-7360-3b11-92de-e8b4ffb26ea0",
    "scope": "apim:api_create",
    "token_type": "Bearer",
    "expires_in": 3600

Listing APIs

Once you have the access_token in hand, the following API can be called to list available APIs.

Method GET
Headers Authorization: Bearer <<ACCESS_TOKEN>>
  "previous": "",
  "list": [
      "provider": "admin",
      "version": "1.0.0",
      "description": "This sample API provides Account Status Validation",
      "name": "AccountVal",
      "context": "/account",
      "id": "2e81f147-c8a8-4f68-b4f0-69e0e7510b01",
      "status": "PUBLISHED"
      "provider": "admin",
      "version": "1.0.0",
      "description": null,
      "name": "api1",
      "context": "/api1",
      "id": "3e22d2fb-277a-4e9e-8c7e-1c0f7f73960e",
      "status": "PUBLISHED"
  "next": "",
  "count": 2


In this brief article, I have shown how easy it is to invoke the REST APIs of WSO2 API Manager. For more detail, please go through the official documentation of WSO2. In the follow-up article, I'm going to explain how to create a Maven plugin to publish an API using the provided REST APIs.

access token ,api ,api manager ,integration ,rest apis ,tutorial ,wso2 api manager

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}