Secure API Manager supports both REST and SOAP APIs. It allows you to create APIs using an existing SOAP endpoint. You must understand SOAP to create a SOAP API. This assumes that you understand and know how SOAP works. For more information, see Required Knowledge.
You must use valid WSDL endpoints when you create a SOAP API or the Publisher does not create a working SOAP API. The Publisher validates the WDSL endpoints. If the Publisher cannot not validate the WSDL endpoints, it displays an error Failed to process the WSDL when you click Next: Implement. Ensure that you have valid WSDL endpoints before you try to create a SOAP API.
To create a SOAP API:
Log in to the Publisher using the account your Secure API Manager administrator gave you.
https://dns-name-lifecycle-manager:9444/publisher
To design a SOAP API:
Click Add New API.
Select I Have a SOAP Endpoint.
Specify the SOAP endpoint.
Select Pass Through, then click Start Creating.
or
Select Generate REST API if you want to convert the SOAP endpoint into a REST API, then proceed to Step 2.d.
Use the following information to create the SOAP API:
Specify a name for the SOAP API that appears in the Store. No spaces are allowed.
Specify the URI context path of the SOAP API. It is case sensitive.
Specify the version of the SOAP API. This helps you manage the lifecycle of the API.
Select whether the SOAP API is Public or Restricted by Roles. For more information, see Section 4.0, Controlling Access to the APIs through the Access Manager Roles.
Specify a description of the SOAP API that appears in the Store. The description helps people understand the purpose of the SOAP API.
Upload an image to represent the SOAP API in the Store. The maximum dimensions are 100 x 100 pixels.
Displays the SOAP endpoint you entered on the prior page. Click Test URI to validate that this is a valid SOAP endpoint.
To implement the SOAP API:
Click Next: Implement.
Select Managed API.
Add the production endpoints of the REST API.
Select the endpoint type of HTTP/SOAP Endpoint. Only use the REST endpoint if you used REST to create the API.
Specify the production back-end URL for the SOAP API. If you require additional configuration options, click Advanced Options and make the appropriate changes.
Specify a test back-end URL for the SOAP API to use when testing the API. If you require additional configuration options, click Advanced Options and make the appropriate changes.
(Conditional) If the SOAP API requires it, add the credentials of the back-end service.
Select whether to enable a message mediation policy.
The message mediation policy allows you to convert the input or output of the SOAP API from XML to JSON or from JSON to XML. For more information, see Converting JSON to XML.
(Conditional) If your environment requires CORS, select Enable API based CORS Configuration.
CORS allows you to define additional domains that are in your environment. By default, to stop cross-site scripts, Secure API Manager does not allow multiple domain names. For more information, see Cross-origins resource sharing Wiki
.
Use the following information to enable CORS.
Select this option to allow all domain names that contain the origin domain name.
Add any additional headers to this section to allow Secure API Manager to use additional domains.
Ensure that the correct REST methods are listed.
Select this option to allow credentials from other domains.
Click Next: Manage API.
Configure the API as follows:
Select this option to make the version of the published SOAP API the default version so that when you access the SOAP API though a URL you do not have to enter a specific version. For example, if the API version is 2.5 and the URL is https://my.company.com/timesheet/2.5, users just have to enter https://my.company.com/timesheet/.
Select whether you want to use HTTPS or HTTP. HTTPS is the secure transport type.
Select whether you want to cache the response from the SOAP API. Caching is disabled by default. Enabling this option speeds up the response of the SOAP API because Secure API Manager caches the response. If you enable this option, ensure that you define a cache timeout period.
Specify a value that Secure API Manager uses as a custom authorization header to send the access token in a request to consume the SOAP. If you leave this field blank, Secure API Manager uses the default authorization header.
Configure the throttling options for the API as follows:
This option limits the number of calls Secure API Manager allows to the back-end. If you select Specify, you must specify the number of transactions per second (TPS) for the production environment and the sandbox environment.
Select the appropriate tier that allows the correct number of requests per second. When users subscribe to the SOAP APIs, the subscription tiers controls the request to the SOAP API.
Select whether you want the throttling policy applied at the SOAP API level. If you select the SOAP API level, Secure API Manager ignores the other policies and does not apply them.
Select whether the SOAP API is used in a production environment, sandbox environment, or both types of environments.
Define the business information about the SOAP API. For example, specify the business owner of the SOAP API and the technical owner of the SOAP API.
(Conditional) If required, add additional properties for the SOAP API. You must specify a name and value for each property that you add.
Add scopes to limit who has access to the REST API. For more information, see Section 3.0, Creating and Publishing APIs.
Click Save & Publish, then decide whether to continue editing the SOAP API, access the Store, or view an overview of the SOAP API.
You can access and test the SOAP API in the Store to ensure that it works. For more information, see Invoking and Testing the SOAP APIs. If you have documentation to add to the SOAP API, proceed to Section 6.0, Managing Documentation for the APIs.