API Connect

View Only

Some advice about using the API Connect v10 apic Toolkit and REST-APIs

By Nick Cawood posted Wed February 22, 2023 06:27 AM

Hi,

Recently I have been made aware of people asking advice about using the API Connect v10 REST-APIs and the API Connect v10 apic/apic-slim Toolkit, so I thought I would try to help inexperienced users with some accelerator tips...

1. First, for the API Connect v10 Toolkit

Obviously getting started with the Toolkit is detailed here: https://www.ibm.com/docs/en/api-connect/10.0.1.x?topic=applications-working-toolkit

One good tip I saw from @Chris Dudley recently was:

use `--format json` or `--format yaml` on all CLI commands as you will get far more content back, both when commands are successful and when errors occur

Secondly, when using the Toolkit commands if you want to see the REST call(s) that the Toolkit uses to carry out the tasks add --debug to the end of the Toolkit call and the REST call will be in the output, and then you can use that REST call without using the Toolkit.
And finally for the Toolkit here is a resource for commands that you might need to use: https://github.com/ibm-apiconnect/example-toolkit-scripts

2. Now, to make REST API calls instead you need to do the following:

Set a client_id and a client_secret (one-off task)
Which realm do you need to use? (decide for each API call)
Generate a Bearer_token using realm, username, password, client_id and client_secret (token lasts 8 hours by default)
Use the generated Bearer_token to call a REST API

Going through each of these in turn:

How do you set a client_id and a client_secret?

Create an App to set these: https://apic-api.apiconnect.ibmcloud.com/v10/#/documentation/authentication/auth_clientid_secret
Also this is a useful supplemental guide too: https://chrisphillips-cminion.github.io/apiconnect/2019/09/20/RegistringAppsToUseTheAPICCLI.html
(NB: you can also use REST calls to create the App.)

How do you select which realm do you need to use?

Provider Org / Catalog / Space level calls need access from the provider realm.
Cloud level calls need the admin realm access.
You can see how to list the realms for your system here: https://apic-api.apiconnect.ibmcloud.com/v10/#/documentation/authentication/auth_bearertoken

Generating a Bearer_token using realm, username, password, client_id and client_secret:

This is explained here: https://apic-api.apiconnect.ibmcloud.com/v10/#/documentation/authentication/auth_bearertoken

Now you are ready to use the Bearer_token to call the REST APIs:

Provider APIs: https://apic-api.apiconnect.ibmcloud.com/v10/#/IBMAPIConnectPlatformProviderAPI_200/overview
Cloud APIs: https://apic-api.apiconnect.ibmcloud.com/v10/#/IBMAPIConnectPlatformCloudManagementAPI_200/overview
Analytics APIs: https://apic-api.apiconnect.ibmcloud.com/v10/#/IBMAPIConnectAnalyticsAPI_200/overview

And also some tips that might help you:

Tip for selecting REST calls?

See Toolkit section regarding using --debug to extract the REST call from a Toolkit command

Next tip for REST calls: still struggling to decide which call you need to use?

You can use the API Manager UI or Cloud Manager UI to extract the REST call for a task by setting your Browser to use Developer Tools - Network (F12) and so by carrying out a task in the UI you can see the call being used in the output.

Then you can go back to https://apic-api.apiconnect.ibmcloud.com/v10 and find the call being used and see all the parameters etc. available for that call to fine tune it to your specific needs.

I hope you find this useful!

-------------------------------------------------
Nick Cawood
API Connect Consultant
IBM Hybrid Cloud Integration Expert Labs
IBM UK Ltd

https://www.linkedin.com/in/nickcawood/
-------------------------------------------------

#APIConnect

5 comments

93 views

Permalink

Comments

Nick Cawood

Wed February 21, 2024 09:45 AM

@Riva Fathima

see my response here: https://community.ibm.com/community/user/integration/discussion/accessing-platform-rest-apis-for-ibm-api-connect-v10-when-system-has-oidc-enabled?ReplyInline=aa64c2d5-71b0-46d3-be08-35d056145c52

Riya Fathima

Tue February 20, 2024 10:23 AM

Hi @Nick Cawood ,

I am getting 401 unauthorized error when fetching token for using toolkit. Could you please check and assist what has went wrong here.

I am trying to authenticate with the API Connect Platform REST APIs, have generated API key referring generate an API Key and then running below command for an access token to use when calling the APIs.

client id, secret - recievd from API Manager GUI bu downloading toolkit credentials

curl -v -k -X POST -d '{"api_key": "****", "client_id": "client-id", "client_secret": "client-secret", "grant_type": "api_key"}' -H 'Content-Type: application/json' -H 'Accept: application/json' https://platform-api.{{region}}.apiconnect.automation.ibm.com/api/token

Stefen Salvatore

Tue June 13, 2023 01:23 AM

HI @Nick Cawood
getting issue with these two REST calls

API Explorer (ibmcloud.com)

used the valid token for this and passed everything shown in the documentation but got an error as 401 unauthorized. please help me with this.

2. API Explorer (ibmcloud.com)

for the first time when I used the bearer token got response code 204 but in the portal, it's signed in only. And when the same token is used again to invoke API, it throws a 401 unauthorized error.

If anyone knows about this please guide me where I am missing regarding this.

Thanks in advance!!

Nick Cawood

Fri June 09, 2023 08:39 AM

@Stefen Salvatore

Hi, I am not aware of any - our API calls are often seamlessly used by customer teams with existing CI/CD pipeline skills

If you need more assistance maybe create a new Discussion item in the APIC Community.

Stefen Salvatore

Fri June 09, 2023 06:41 AM

Hi @Nick Cawood
are there any references for doing automation using these REST APIs via Git or anything?

Thanks