Portal API (PAPI)

You can programmatically access key
API Management SaaS
entities that are exposed as RESTful resources using the Portal API. You can call the Portal API from your external client application, or you can try it out using the API Explorer in
API Management SaaS
You can programmatically access key
API Management SaaS
entities that are exposed as RESTful resources using the Portal API (PAPI). You can call the PAPI from your external client application, or you can try it out using the API Explorer or Swagger UI in
API Management SaaS
. For more information about how to test with API Explorer or Swagger UI, see Test and Explore APIs.
Introducing a new set of endpoints labeled as
. You can access these endpoints only through PAPI. See the latest PAPI swagger file to learn more.
API Explorer is only accessible through the
API Management SaaS
/Ingress tenant. If you are using an external tenant, test and explore APIs using the Swagger UI instead.
In this article:
Swagger File
You can view and download the Swagger file describing the current PAPI:
The following resources are available:
  • AccountPlans
    Use this resource to manage account plans. API publishers can use account plans to restrict cumulative usage for specific organizations.
    The AccountPlans POST method requires the
    value. You can add an autogenerated UUID while creating your users using:
    "Uuid": "{{GENERATED_GUID}}"
    This method does not require values for
    . You can leave them as null.
  • ApiDeployments
    Use this resource to manage the API deployment details for a specific proxy. Proxies represent specific runtime environments and define the backed Gateways. Proxies are where APIs, applications, and account plans are deployed.
  • ApiEulas
    Use this resource to manage the End User License Agreements (EULAs). EULAs are sets of legal restrictions that you can apply toward the usage of APIs managed in
    API Management SaaS
  • ApiGroups
    Use this resource to manage the API groups.
  • ApiPlans
    Use this resource to manage API plans. Publishers use API plans to limit quota and rate limit for specific APIs.
  • Apis
    Use this resource to manage APIs, retrieve the Swagger definition for a specific API, and retrieve relevant Gateway policy templates (using
  • Api Key Deployments
    Use this resource to manage API key deployments to proxies.
  • Applications
    Use this resource to manage applications. Applications are constructs that use one or more APIs.
  • CustomFields
    Use this resource to manage custom fields. A custom field describes extra metadata that API Gateway administrators can use in their policies.
  • Documents
    Use this resource to manage API documents and other custom content in API Hub such as Home page markdown content, Application Overview and Wiki documents. API documents supplement API discovery and are in addition to the Swagger API documentation. For example, an API document can include performance metrics, functional specs, best practices, and use cases. You can add markdown content to your API as documents. Wiki documents are generic documents that can be added for your API program.
  • Gateway Bundle
    Use this resource to export any code, configuration, or environment from the API Gateway through the Gateway Policy Plugin. After the Gateway bundle is uploaded, you can manage and deploy the bundles to enrolled proxies.
  • Organizations
    Use this resource to manage organizations. Organizations are groups of one or more developers, typically representing a team or department within a business organization.
  • Proxies
    Use this resource to manage the proxies that are associated with
    API Management SaaS
  • Requests
    Use this resource to manage requests. Requests are requests from developers for acceptance or rejection by Portal Admins or API Owners.
  • Search
    Use this resource to search for
    API Management SaaS
    entities by keyword.
  • Settings
    Use this resource to retrieve or update an
    API Management SaaS
    setting that corresponds to a specific functionality (such as Google Analytics tracking for
    API Management SaaS
    pages and integrations).
  • Tags
    Use this resource to manage
    API Management SaaS
    tags for APIs and Organizations.
  • Themes
    Use this resource to manage
    API Management SaaS
    themes. Themes define the look of your
    API Management SaaS
  • Users
    Use this resource to manage
    API Management SaaS
    user accounts. You can look up supported languages for the user interface using
    . Each user must have a specific developer or publisher role within an organization. You can look up available roles using
    , respectively.
Requests and responses are in JSON format.
For more information about JSON format, see the JSON.org website.
Access the Portal API
  1. Log in to
    API Management SaaS
    as a Portal Admin for the intended tenant.
  2. From the menu bar, select
    Portal API
    Another browser tab opens from which you can access the PAPI.
  3. Select the
    Portal API
    option from the
    drop-down list.
The API Explorer appears in the right pane, showing the PAPI.
PAPI calls require a valid OAuth token.
For more information about OAuth tokens, see the OAuth Community Site.
For CA API Management OAuth Toolkit users, request the access token by posting using the
Search and Filter API Entities
You can search for or filter API entities by adding relevant strings and values to your API call. You can also cutomize how results are shown by adding paging and sorting strings.
The following table lists supported filter options:
Strings and values are case-sensitive. Use HTML URL encoding in place of spaces and other characters. See the following table for examples.
Example Call
Filters by name where the provided string is matched as a wild card.
Filters by description where the provided string is matched as a wild card.
Filters by service type where provided value must be one of REST or SOAP.
Filters by the access status of the API where provided value must be one of Public or Private.
For filtering purposes, "Restricted" APIs are categorized as Private. For more information on API visibility, see Create and Set Permissions for APIs.
Filters by the status of the API where provided values must be one of Enabled, Disabled, Deprecated, or Incomplete.
Single UUID of Organization to filter by.
List of valid UUIDs of APIs that the caller has access to.
Single UUID of API Plan to filter by.
The following table lists supported paging and sorting options:
Specifies the page to return.
Specifies the size of the page to return.
Specifies the value to sort the results, followed by either ascending (ASC) or descending (DESC).
Audit Logs
Portal Admins can see the history of actions performed on APIs within
API Management SaaS
by accessing audit data that are captured for APIs.
For more information about how to access audit data through a UI, see Audit Logs.