Table of contents
- Installing WSO2 API Manager plugin in Ready! API
- Testing APIs exposed via WSO2 API Manager using Ready! API
- Generating access tokens for different grant types
APIs are a valuable component that allow an organization to expose its business capabilities to a wider audience within and outside the organization’s boundaries. Exposing and managing these APIs are only a part of the bigger picture. There should be users who are willing to build applications that would ultimately make use of these APIs that are exposed. API adoption is primarily driven by the need to use APIs, but the ease of use also plays a vital role in determining the success of an API. These factors undoubtedly determine the success of an organization’s initiative to drive business via APIs.
Application developers would want to test an API before it can be embedded within an application. This API testing stage is a crucial step in determining the successful adoption of the API. With this in mind, WSO2 in partnership with SmartBear, has developed a plugin for SmartBear’s Ready! API. This plugin allows seamless integration between the two products, which will allow application developers to work with the Ready! API platform to test APIs exposed via WSO2 API Manager. This tutorial will explain how you could integrate Ready! API with WSO2 API Manager and how to test APIs that are exposed in the API manager. It will also look at how Ready! API can be used to generate OAuth 2.0 tokens with different grant types and the benefits this integration can bring to an application developer.
Installing WSO2 API Manager plugin in Ready! API
First, you need to down and run Ready! API. The Ready! API free trial can be downloaded from the following link1. Once you start the Ready! API you can click on the Plugin Manager button as shown below.
Let’s browse the plugin repository and locate the WSO2 API Manager plugin for Ready! API. You can now install this plugin to Ready! API.
Testing APIs exposed via WSO2 API Manager using Ready! API
If you are using a self-signed certificate with WSO2 API Manager, you need to explicitly configure Ready! API to trust this certificate. This can be done by navigating to File>>Preferences in Ready! API. In the preferences menu, select the ‘Internal Browser’ tab and click on the ‘Trust the self-signed certificate’ tickbox as shown below.
Now let’s test an API exposed via WSO2 API Manager using Ready! API. Let’s start by creating a new project in Ready! API. In the new project popup window, select the option ‘Import from WSO2 API Manager’ from the dropdown menu provided and click on the OK button as shown below.
You will now be prompted to enter the information of the API Store from which API information would need to be extracted. Enter the details of the API Store as shown in the diagram below and hit the OK button. The store URL and port number should point to the store component of the API manager (default store URL is given below) and the user credentials would be the credentials that you use to login to the API Store.
You will now have to select an API from the list of APIs that are available in the API Store. Select one or more APIs that you want to test and click on the ‘OK’ button as shown below. Your project would be created and the required APIs would be imported to Ready! API.
Let’s now test these APIs using Ready! API. Let’s select and API and expand on the API to see all the HTTP verbs associated with the particular API; you can then select the require HTTP verb to test the API.
If you have added query params when creating an API in the API manager, it will also appear here; you can also add your own resource path or query parameters to test the API. This can be added from the top panel of the Ready! API as shown below.
Once you have entered all the required information for the API, you will have to add the API token to invoke the API. This token can be added by clicking on the Auth tab at the bottom of the screen. Inside this tab you can enter the OAuth 2.0 access token for the API. In this case, we will copy the access token from the WSO2 API Store and insert it in the access token text box. Alternatively, you can also generate your access token from Ready! API by providing the client key and client secret (we will discuss this process in the next section).
You can now invoke the API through Ready! API, and you will receive a response from the API manager; if you encounter an error make sure that ‘Endpoint’, ‘Resource’ and ‘Parameters’ text fields contain the correct values.
Generating access tokens for different grant types
Ready! API offers an inbuilt OAuth 2.0 access token generation option that would allow an access token to be generated with different grant types. This feature of Ready! API can be used to test the key generation process of WSO2 API Manager without requiring an application to perform OAuth 2.0 key generation. This can also be used in cases where you want to test access to different HTTP verbs and resource paths using different types of Scope and API Keys.
In order to generate access tokens from the Ready! API click on the Auth tab at the bottom of the application and click on the ‘Get Token’ button.
Enter the following information in the text boxes given above.
Oauth 2 Flow - You can choose from different grant types to generate your token. In this example, we have used Authorization Code Grant type.
Client Identification and Client Secret – These values need to be taken from the API Store. You can find these values in the ‘My Subscriptions’ page of the API manager.
Authorization URI – Provide the URL of the authorization endpoint of the API manager. By default, this URI is https://localhost:9443/oauth2/authorize. If you are using a componentized API manager deployment, the URI should point to the Key Manager component of the deployment.
Access Token URI – Provide the URL of the access token endpoint of the API Manager. By default, this URL is https://localhost:9443/oauth2/token. If you are using a componentized API manager deployment, the URI should point to the Key Manager component of the deployment.
Redirect URI – This URI should match the callback URL that you entered when creating the Application within the API manager. You can view and edit this from the ‘My Applications’ tab in the API manager.
Scope – You can define the scope under which a token should be generated. If you have not defined any scope restrictions when creating the API you can leave this text blank.
Once you have entered all the information mentioned above, you can generate the access token by clicking on the ‘Get Token’ button. This will generate the access token required to test the API.
This tutorial discussed how WSO2 API Manager can be integrated with Ready! API to provide a seamless API testing capability for APIs that are exposed by the API manager. Ready! API’s rich suite of features can be used to test APIs based in different conditions that otherwise needs to be done via a mock application.