Creating a REST proxy API from a target service

If you have an existing REST service that you want to expose through an IBM® API Connect API definition, you can create a proxy API and specify the target endpoint by using the API Designer.

To compose a proxy API from a target service, complete the following steps.

1. In the navigation pane, click Develop, select the APIs tab, then click Add > API (from REST, GraphQL or SOAP).
   The Select API type screen is displayed.
2. Select OpenAPI 2.0 or OpenAPI 3.0 according to which version of the OpenAPI specification your API is to be based on.
3. Select From target service.
4. Click Next. Specify the API summary in the Info section. You can fine-tune the API after it is created.
   • The Title can include special characters but should be kept short so that it can be easily displayed in the user interface.
   • The Name is entered automatically. The value in the Name field is a single string that is used to identify the API in developer toolkit CLI commands. To view the CLI commands to manage draft APIs, see the toolkit CLI reference documentation.
   • The Version corresponds to the value of the info.version property of the API's OpenAPI definition. The version.release.modification version numbering scheme is recommended; for example 1.0.0.
   • The Base path is the URL segment of the API and does not include the host name or any additional segments for paths or operations. The base path cannot include special characters and must begin with a / character even if it is otherwise empty.
   • The optional Description helps to identify the API.
5. Specify the existing REST API endpoint that you want to call in the Target Service URL field.
6. Click Next. In the Secure section, configure the API security that you require.
   • Secure using Client ID - Select this option to require an Application to provide a Client ID (API Key). This causes the X-IBM-Client-Id parameter to be included in the request header for the API. If selected, you can then select whether to limit the API calls on a per key (per Client ID) basis:
     • Limit API calls on a per key basis - If selected, you must configure the rate limit that you require. Rate limits control the maximum number of calls allowed within a time period (hour, minute, month or day). For example, 100 calls per hour.
     For information about security options in IBM API Connect, see Configuring API security.
   • CORS - Select this option to enable cross-origin resource sharing (CORS) support for your API. This allows your API to be accessed from another domain.
     Note:

     • CORS support is available only on the DataPower® API Gateway.
     • When CORS is enabled, the API Gateway runs the cors preflow policy to handle all CORS requests that are made to the API.
     • When CORS is enabled and a preflight request is received, only the following API actions are performed:
       • The cors preflow policy configures the appropriate response headers.
       • The response headers are set.
     • When a preflight request is received, the request.attributes.isCORSPreflight flag is set to true.
     • For all preflight requests, the security and client-identification preflow policies are always skipped, whether CORS is enabled or not enabled.
7. Click Next to create your API definition.

   The Summary panel displays messages as the definition is created, and the selected security options and rate limits are enforced.

8. Select one of the following options:
   • To further configure your API, click Edit API. For details, see Editing an API definition.
   • If you do not want to configure your API further at this time, click the Develop link in the breadcrumb trail to return to the welcome page; you can then move on immediately to another task. For details on how to configure your API later, see Editing an API definition.