### Enable Client Hashing via Start Command Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/hash-client-credentials.adoc Enable client hashing by starting the Mule server with the `anypoint.platform.hash_clients` property set to `true`. ```bash $MULE_HOME/bin/mule start -M-Danypoint.platform.hash_clients=true ``` -------------------------------- ### Access Token Response Example Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/analytics-event-api.adoc This is an example of the JSON response received after a successful authentication request, containing the access token, token type, and a redirect URL. ```json { "access_token": "54545454-5454-5454-5454-545454545454", "token_type": "Bearer", "redirectUrl": "/accounts/#/cs/profile/home" } ``` -------------------------------- ### Example curl Request with Query Parameter Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/oauth-dance-about.adoc Use this command to send a request to a protected resource with an access token included as a query parameter. Replace `` with a valid token. ```console curl "http://localhost:8081/simple/?access_token=" -vvv ``` -------------------------------- ### Example curl Request with Authorization Header Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/oauth-dance-about.adoc Use this command to send a request to a protected resource with an access token included in the Authorization header. Replace `` with a valid token. ```console curl -H "Authorization:Bearer " "http://localhost:8081/simple" -vvv ``` -------------------------------- ### Example CSV Output from Analytics Events Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/analytics-event-api.adoc This is an example of the CSV output format for analytics events, showing fields like 'Application Name', 'Client IP', 'Resource Path', and 'Timestamp'. ```text "Application Name","Client IP","Resource Path",Timestamp,"API ID","API Version ID","API Name","API Version Name" "Las Vegas T-Shirt serviceLas Vegas T-Shirt serviceLas Vegas",83.178.96.0,/,2016-10-03T04:27:02.072Z,61460,63811,"test api contracts",1 "Las Vegas T-Shirt serviceLas Vegas T-Shirt serviceLas Vegas",83.178.96.0,/,2016-10-03T05:03:38.774Z,61460,63811,"test api contracts",1 ... ``` -------------------------------- ### Get List of Unclassified APIs using Curl Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/classify-api-task.adoc Retrieve a list of all API instances that are not yet classified into an environment by making a GET request to the repository API. ```bash curl --location 'https://anypoint.mulesoft.com/apiplatform/repository/v2/organizations/00000000-0000-0000-0000-00000000000/apis' \ --header 'Authorization: bearer ' ``` -------------------------------- ### XML Truststore Configuration with Secure Properties Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/building-https-proxy.adoc Example of how secure properties are used within the API Proxy's XML configuration for truststore settings. ```xml ``` -------------------------------- ### Authenticate and Query Analytics Events Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/analytics-event-api.adoc This example first retrieves an access token using `curl` and then uses it to query analytics events. It specifies a date range and desired fields for the report. The `jq` tool is used to parse the JSON response for the token. ```bash TOKEN=$(curl -s https://anypoint.mule s oft.com/accounts/login -d "username=myusername&password=mypassword" | jq -r .access_token) curl -H "Authorization: Bearer $TOKEN" "https://anypoint.mulesoft.com/analytics/1.0/42424242-4242-4242-4242-424242424242/events?format=csv&startDate=2016-01-01&endDate=2016-11-10&fields=Application%20Name.Client%20IP.Resource%20Path" echo;echo ``` -------------------------------- ### Get API Contracts Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/classify-api-task.adoc Retrieve a list of contracts for a given application to obtain the `contractId` needed for revocation. This GET request requires the organization ID, application ID, and environment details. ```bash GET `/apiplatform/repository/v2/organizations/{organizationId}/applications/{applicationId}/contracts` ``` -------------------------------- ### Querying Analytics Events for Organizations with Environments Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/analytics-event-api.adoc This example demonstrates how to query the Analytics Events API for organizations that have environments configured. It retrieves events in CSV format for a specified API ID and duration. ```APIDOC ## GET /analytics/1.0//environments//events ### Description Retrieves analytics events for a specific organization and environment. This endpoint allows filtering by API IDs and duration, and supports CSV output format. ### Method GET ### Endpoint `https://anypoint.mulesoft.com/analytics/1.0//environments//events` ### Query Parameters - **format** (string) - Required - Determines the serialization format of the returned data. Either `csv` or `json`. - **apiIds** (string) - Optional - Comma-delimited list of API IDs to include in a query. Omit or specify `all` or `*` to include all APIs. - **duration** (string) - Optional - The duration over which the report should return data. Consists of an integer number denoting quantity and a single-letter suffix denoting units (d, h, m, s). - **startDate** (date) - Optional - Starting date and time in ISO Date Time format. - **endDate** (date) - Optional - Ending date and time in ISO Date Time format. - **fields** (string) - Optional - Fields to include in the report. Required for CSV output and optional for JSON output. The list of fields can be comma- or period-delimited. Use `%20` for spaces. - **maxResults** (integer) - Optional - Maximum number of events to return. Default value is `20000`. - **apiVersionIds** (string) - Optional - Comma-delimited list of API version IDs to query. Ignored if no value was specified for API IDs. ### Request Example ```bash curl -H "Authorization: Bearer $TOKEN" "https://anypoint.mulesoft.com:443/analytics/1.0//environments//events?format=csv&apiIds=&duration=30d" ``` ### Response #### Success Response (200) - **data** (string) - The analytics data in the specified format (e.g., CSV). ``` -------------------------------- ### Requesting Events with Specific Fields and Date Range Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/analytics-event-api.adoc This example shows how to retrieve analytics data for a specific date range and include only selected fields in the output. It also demonstrates how to obtain an access token using `curl`. ```APIDOC ## GET /analytics/1.0//events ### Description Retrieves analytics events for a specific organization, allowing for detailed filtering by date range and specific fields. This example also includes a preliminary step to obtain an authentication token. ### Method GET ### Endpoint `https://anypoint.mulesoft.com/analytics/1.0//events` ### Query Parameters - **format** (string) - Required - Determines the serialization format of the returned data. Either `csv` or `json`. - **startDate** (date) - Required - Starting date and time in ISO Date Time format. - **endDate** (date) - Required - Ending date and time in ISO Date Time format. - **fields** (string) - Optional - Fields to include in the report. Required for CSV output and optional for JSON output. The list of fields can be comma- or period-delimited. Use `%20` for spaces. ### Request Example ```bash TOKEN=$(curl -s https://anypoint.mulesoft.com/accounts/login -d "username=myusername&password=mypassword" | jq -r .access_token) curl -H "Authorization: Bearer $TOKEN" "https://anypoint.mulesoft.com/analytics/1.0/42424242-4242-4242-4242-424242424242/events?format=csv&startDate=2016-01-01&endDate=2016-11-10&fields=Application%20Name.Client%20IP.Resource%20Path" ``` ### Response #### Success Response (200) - **data** (string) - The analytics data in CSV format, including only the specified fields. ``` -------------------------------- ### Configure REST Validator with Deserializing Strategies Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/rest-validator-extension.adoc Example of configuring the REST validator extension with custom array header delimiter using deserializing strategies. ```XML ``` -------------------------------- ### Get Access Token with Curl Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/analytics-event-api.adoc This command retrieves an access token from Anypoint Platform authentication servers. It requires your Anypoint Platform username and password. The access token is stored in the $TOKEN variable for subsequent API requests. ```bash TOKEN=$(curl -s https://anypoint.mulesoft.com/accounts/login -d "username=&password=" | jq -r .access_token) ``` -------------------------------- ### Add Import for External XSD Namespace Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/building-soap-proxy.adoc Example of how to add an 'import' tag within the 'types' element of a WSDL file to resolve missing import errors for external XSDs. ```xml ``` -------------------------------- ### Standalone Server Secure Property Arguments Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/building-https-proxy.adoc When deploying to a standalone server, provide keystore and key passphrases as -D arguments, including the API Proxy's instance ID. ```bash ./bin/mule \ -M-Dinbound.keystore.keyPassword_15464957=pass123 \ -M-Dinbound.keystore.password_15464957=pass123 \ -M-Dinbound.truststore.password_15464957=pass123 \ -M-Doutbound.keystore.keyPassword_15464957=pass123 \ -M-Doutbound.keystore.password_15464957=pass123 \ ``` -------------------------------- ### Migrate Client App for Anypoint Platform Client Provider Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/migrate-client-apps.adoc Use this command to migrate a client application when the API is associated with an Anypoint Platform client provider. Replace placeholders with your organization ID, client ID, client secret, and application name. ```text curl --location --request POST 'https://anypoint.mulesoft.com/exchange/api/v1/organizations/:orgId/applications' \ --header 'Authorization: Bearer ' \ --header 'Content-Type: application/json' \ --data-raw '{ "clientId": , "clientSecret": , "grantTypes": [], "name": , "redirectUri": [] }' ``` -------------------------------- ### Get Contracts Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/classify-api-task.adoc Retrieves a list of contracts for a given application. This can be used to obtain a `contractId` for revoking contracts. ```APIDOC ## Get Contracts ### Description Retrieves a list of contracts for a specified application. This is useful for obtaining contract IDs needed for operations like revoking contracts. ### Method GET ### Endpoint `/apiplatform/repository/v2/organizations/{organizationId}/applications/{applicationId}/contracts` ### Parameters #### Path Parameters - **organizationId** (string) - Required - The ID of the organization. - **applicationId** (string) - Required - The ID of the application. ### Response #### Success Response (200) - **contracts** (array) - A list of contract objects associated with the application. ``` -------------------------------- ### Import Client Application via Public API Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/import-client-applications.adoc Use this POST request to import an existing client application from an external provider into API Manager. Ensure you have a connected app with the `manage:client_application` scope. ```bash curl --location --request POST 'https://anypoint.mulesoft.com/apimanager/api/v1/organizations/:orgId/applications' \ --header 'Authorization: Bearer ' \ --header 'Content-Type: application/json' \ --data-raw '{ "clientId": "", "providerId": "", "description": "", "url": "" }' ``` -------------------------------- ### Use REST Validator Operation Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/rest-validator-extension.adoc This is the basic usage example for the `validate-request` operation, referencing a pre-configured validator. ```XML ``` -------------------------------- ### Enable Client Hashing in wrapper.conf Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/hash-client-credentials.adoc Configure client hashing by adding the `wrapper.java.additional.=-Danypoint.platform.hash_clients=true` property to the `wrapper.conf` file. Ensure `` is a consecutive number for correct parsing. ```properties wrapper.java.additional.=-Danypoint.platform.hash_clients=true ``` -------------------------------- ### Defining Default Scopes in Mule OAuth 2.0 Provider Configuration Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/mule-oauth-provider-landing-page.adoc Example of defining default scopes in the `oauth2-provider:config` element. ```APIDOC ## Default Scopes Configuration ### Description Defines the universal set of all possible scopes for the OAuth 2.0 provider. ### Code Example ```xml ... ``` ``` -------------------------------- ### Authorization Code Grant Type JSON Response Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/oauth-grant-types-about.adoc Example JSON response when requesting an access token using the Authorization Code grant type. ```json { "expires_in":86400, "token_type":"bearer", "refresh_token":"", "access_token":"" } ``` -------------------------------- ### Migrate Client App for External Client Provider Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/migrate-client-apps.adoc Use this command to migrate a client application for APIs with external client providers, associating it directly with an API instance. Replace placeholders with your organization ID, API instance ID, client ID, client secret, and application name. Ensure grant types are correctly specified. ```text curl --location --request POST 'https://anypoint.mulesoft.com/exchange/api/v1/organizations/:orgId/applications?apiInstanceId=:myApiInstanceId' \ --header 'Authorization: Bearer ' \ --header 'Content-Type: application/json' \ --data-raw '{ "clientId": , "clientSecret": , "grantTypes": [ ], "name": , "redirectUri": [ "https://anypoint.mulesoft.com/apiplatform/:orgId/authentication/oauth2.html", "https://anypoint.mulesoft.com/apiplatform/:orgId/admin/authentication/oauth2.html", ] }' ``` -------------------------------- ### Enforcing Scopes in Mule 4.2.x or later Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/mule-oauth-provider-landing-page.adoc Example demonstrating how to configure scopes within the Mule OAuth 2.0 Access Token Enforcement policy. ```APIDOC ## Scopes Enforcement in Mule 4.2.x or later ### Description This example shows how to configure the `oauth2-provider:config` with security providers and how scopes can be enforced. ### Code Example ```xml ... ", "providerId": "", "description": "", "url": "" } ``` ``` -------------------------------- ### Create a Client Application using API Manager API Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/manage-client-apps-connected-apps-concept.adoc Execute this cURL command to create a client application. Ensure you replace placeholders with your organization ID, instance ID, and the obtained authorization token. The request body includes parameters for the new client application. ```ssh curl --X POST 'https://anypoint.mulesoft.com/apiplatform/repository/v2/organizations//applications?apiVersionId=' \ --header 'Authorization: bearer ' \ --header 'Content-Type: application/json' \ --data '{ "redirectUri": ["http://example.com/"], "apiEndpoints": false, "name": "Sample Client Apps Name", "description": "Create this App for Sample Client Apps via API 1", "url": "https://www.example.com/app-test1" } ' ``` -------------------------------- ### Resource Owner Password Credentials Grant JSON Response Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/oauth-grant-types-about.adoc Example JSON response when requesting a token using the Resource Owner Password Credentials grant type. ```json { "expires_in":86400, "token_type":"bearer", "refresh_token":"", "access_token":"" } ``` -------------------------------- ### Login to Anypoint Platform API using Curl Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/classify-api-task.adoc Use this curl command to authenticate with the Anypoint Platform and retrieve a bearer token for subsequent API calls. ```bash curl --location 'https://anypoint.mulesoft.com/accounts/login' \ -H 'Content-Type: application/json' \ --data-raw '{"username":"myusername","password":"mypassword"}' ``` -------------------------------- ### API Gateway Domain Maven Coordinates Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/proxy-domain-support.adoc Example of Maven coordinates for an API gateway domain. Ensure the groupId, artifactId, version, and packaging match your domain artifact. ```xml com.mulesoft.anypoint gateway-proxy-domain 1.0.0 mule-domain ``` -------------------------------- ### Configure API Gateway Proxy Properties Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/proxy-domain-support.adoc Define dynamic settings for your API gateway proxy, such as port, protocol, and TLS keystore details, in the `config.properties` file. This avoids recompiling the domain. ```properties proxy.port=8081 implementation.protocol=HTTP inbound.keystore.path=path inbound.keystore.keyPassword=changeit inbound.keystore.password=changeit inbound.keystore.algorithm= inbound.keystore.type=JKS inbound.keystore.alias=alias ``` -------------------------------- ### Add Owner to Imported Client Application via Public API Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/import-client-applications.adoc After importing a client application, use this POST request to assign an owner. This is necessary for the application to request access to API instances. ```bash curl --location --request POST 'https://anypoint.mulesoft.com/apiplatform/repository/v2/organizations/:orgId/applications/:applicationId/owners' \ --header 'Authorization: Bearer ' \ --header 'Content-Type: application/json' \ --data-raw '{ "entityType": "user", "id": "" }' ``` -------------------------------- ### Troubleshoot Missing XSD Imports in WSDL Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/building-soap-proxy.adoc Example of a SAXParseException indicating missing imports in XSD files referenced by a WSDL. This often occurs when an element's definition is in an external XSD with a different namespace. ```text org.xml.sax.SAXParseException; systemId: http://localhost:8080/?wsdl304785538; lineNumber: 2; columnNumber: 52; src-resolve.4.2: Error resolving component 'myNamespace:myElement’. It was detected that 'myNamespace:myElement' is in namespace 'http://my.namespace.url', but components from this namespace are not referenceable from schema document 'http://localhost:8080/?wsdl304785538'. If this is the incorrect namespace, perhaps the prefix of 'myNamespace:myElement' needs to be changed. If this is the correct namespace, then an appropriate 'import' tag should be added to 'http://localhost:8080/?wsdl304785538'. ``` -------------------------------- ### Query Analytics Events for Organizations Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/analytics-event-api.adoc Use this command to query analytics events for organizations with environments. Replace placeholders with your actual values. The output is saved to `output.csv`. ```bash curl -H "Authorization: Bearer $TOKEN" "https://anypoint.mulesoft.com:443/analytics/1.0//environments//events?format=csv&apiIds=&duration=30d" > output.csv ``` -------------------------------- ### Login to Anypoint Platform API Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/classify-api-task.adoc Obtain an authentication token by sending a POST request to the login endpoint with username and password. ```json {"username":"myusername","password":"mypassword"} ``` -------------------------------- ### OAuth 2.0 Provider Configuration with Security Providers Source: https://github.com/mulesoft/docs-api-manager/blob/v2.x/modules/ROOT/pages/mule-oauth-provider-landing-page.adoc Example of configuring the Mule OAuth 2.0 provider in Mule 4.2.x or later, specifying resource owner and client security providers. This XML snippet is part of a larger configuration. ```xml