This page applies to Apigee and Apigee hybrid.
View Apigee Edge documentation.
Understand and manage resources, as described in the following sections.
About resources
Many policy types rely on resources. Resources are the files that implement the code or configuration to be executed by a policy when attached to an API proxy. In some cases, as with JavaScript and JavaCallout, a policy simply defines an attachment point in an API proxy where some code should execute. The JavaScript or JavaCallout policy is a pointer to a resource.
Resource types
The following table summarizes the resource types:
Resource type | Description |
---|---|
GraphQL (graphql) |
GraphQL schema file referenced by GraphQL policies. |
JAR (java) |
Java classes in a JAR file referenced by JavaCallout policies. |
JavaScript (js) |
JavaScript referenced by JavaScript policies. |
JavaScript (jsc) |
Compiled JavaScript referenced by JavaScript policies. |
OpenAPI Specification (oas) |
OpenAPI Specification used to validate request and response messages of type JSON or YAML. |
Property Set (properties) |
Collection of key/value pairs that can be referenced an API proxy property sets. |
Python (py) |
Python scripts referenced by PythonScript policies. Resources must be implemented in "pure Python" (in the Python language only). |
Security policy (securityPolicy) |
Custom security policy referenced by JavaCallout policies. |
WSDL (wsdl) |
WSDL files referenced by SOAPMessageValidation policies. |
XSD (xsd) |
XML schemas referenced by SOAPMessageValidation policies. |
XSL Transformations (xsl) |
XSLT transformations referenced by XSLTransform policies. |
Where resources are stored
You can store resources to the following locations. You can't store resource files in an organization.
- API proxy revision: Resources are available only to the API proxy revisions in which the resources are included. For example, you might include a JavaScript resource with revision 1 of an API proxy, then change the implementation to use a Python script in revision 2 of the proxy. revision 1 has access to only the JavaScript resource, and revision 2 has access to only the Python resource.
- Environment: When stored in an environment (for example,
test
orprod
), resources are available to any API proxy deployed in the same environment.
The environment repository is available at the following URI, as described by the
List
resource files API and later in Manage resources using the API:
/organizations/$ORG/environments/$ENV/resourcefiles
The following table shows the methods you can use to create, update, and delete resources for each repository:
Repository | Create | View | Update | Delete | ||||
---|---|---|---|---|---|---|---|---|
API | UI | API | UI | API | UI | API | UI | |
API proxy revision | ||||||||
Environment |
For example, all JavaScript files available to the test
environment are stored in
the following repository and are available to any API proxy
running in the test
environment:
/organizations/$ORG/environments/test/resourcefiles/jsc
Resource name resolution
Resolve resource names from the most specific to the most general scope. Resource names are resolved "up the chain", from the API proxy revision level, to the environment level.
Let's say that you have populated the same resource in two different repositories — the
API proxy revision and the prod
environment.
Consider the API proxy that is configured with the following policy:
<Javascript name='PathSetterPolicy' timeLimit='200'> <ResourceURL>jsc://pathSetter.js</ResourceURL> </Javascript>
The policy reference cannot explicitly resolve to a repository. The first resource at the most granular scope whose name matches the resource name in the policy is resolved.
So, when the API proxy is deployed in the environment prod
, the policy will
resolve to the environment-scoped pathSetter.js
resource.
When deployed in the environment test
, the Policy will resolve to the
API proxy revision-scoped resource, because the environment-scoped resource is in the prod
environment, not the test
environment.
Java resource guidelines
You can add compiled Java resources as JAR files using multiple options in curl, such as
-T
, --data-binary
, or -F
option (not the -d
option). For example:
curl "http://apigee.googleapis.com/v1/organizations/$ORG/environments/$ENV/resourcefiles?name={jar_file}&type=java" \ -X POST \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/octet-stream" \ --data-binary @{jar_file}
curl "http://apigee.googleapis.com/v1/organizations/$ORG/environments/$ENV/resourcefiles?name={jar_file}&type=java" \ -X POST \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/octet-stream" \ -T "{jar_file}"
curl "http://apigee.googleapis.com/v1/organizations/$ORG/environments/$ENV/resourcefiles?name={jar_file}&type=java" \ -X POST \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/octet-stream" \ -F "file=@{jar_file}"
See also:
- Java best practices: Best practices for API proxy design and development
- Java cookbook example: XSL Transform policy
Manage resources using the UI
Manage resources scoped to an API proxy revision using the UI, as described in the following sections.
View resources using the UI
New Proxy Editor
To view resources using the new Proxy Editor:
If you are using the Apigee UI in Cloud console: Select Proxy development > API Proxies.
If you are using the classic Apigee UI: Select Develop > API Proxies and in the Proxies pane, select the environment for the proxy whose resources you want to view.
Select the API proxy whose resources you want to view. This displays the Proxy Editor Overview view.
- Click the Develop tab.
- In the left-hand pane, scroll down to Resources. The current resources are displayed below that.
Classic Proxy Editor
To view the resources scoped to an API proxy revision using the classic Proxy Editor:
- Sign in to the Apigee UI.
- Select Develop > API Proxies in the left navigation bar.
- Select an API proxy in the list for which you want to create a resource.
The API proxy editor opens and the Overview tab is displayed, by default. - Click the Develop tab.
- Select the revision in the Revision drop-down, if required.
The resources scoped to the API proxy revision are listed in the Resources section in the Navigator view.
Create a resource using the UI
New Proxy Editor
To create a resource using the new Proxy Editor:
If you are using the Apigee UI in Cloud console: Select Proxy development > API Proxies.
If you are using the classic Apigee UI: Select Develop > API Proxies and in the Proxies pane, select the environment for the proxy whose resources you want to view.
Select the API proxy whose resources you want to view. This displays the Proxy Editor Overview view.
- Click the Develop tab.
- In the left-hand pane, scroll down to Resources and click the + button to its right.
- In the Add resource dialog, enter the following:
- Resource type: Select the type of file for the resource.
- Under Source, select either Create a new file or Import file. If you choose Import file, also select a file to import in the File field.
- Resource name: Enter a name for the resource.
- Click Add.
Classic Apigee
To create resources scoped to an API proxy revision using the classic Apigee UI:
- View the resources scoped to the API proxy revision.
- Click + in the Resources section in the Navigator view to open the New Resource dialog.
- Enter the following:
Field Description Source Select to create a new file or import a file. File Type Select a resource type from the drop-down list. File Name Name of the file. The filename extension must be valid for the selected file type.
Update a resource using the UI
Update a resource scoped to an API proxy revision only if the revision has not been deployed. After an API proxy revision is deployed, it is immutable.
To update a resource scoped to an API proxy revision using the UI:
- View the resources scoped to the API proxy revision.
- In the Navigator view under Resources, click the resource that you want to update.
Note: For JAR files, position your cursor over the resource that you want to edit and click . - Update the resource, as required.
Note: After uploading a new JAR file, click Update.
Delete a resource using the UI
Delete a resource scoped to an API proxy revision only if the revision has not been deployed. After an API proxy revision is deployed, it is immutable.
To delete a resource scoped to an API proxy revision using the UI:
- View the resources scoped to the API proxy revision.
- In the Navigator view under Resources, position your cursor over the resource that you want to delete to display the actions menu.
- Click .
- Click Delete to confirm the action.
Manage resources using the API
Manage resources using the API, as described in the following sections.
Create resources using the API
Create resources that are scoped to an API proxy revision or environment, as described in the following sections.
Create resources scoped to an API proxy revision using the API
Create resources that are scoped to an API proxy revision using the API, as described in the following sections.To create a resource that is scoped to an API proxy revision using the API:
- Create the resource file.
- Add the resource file to an API proxy configuration bundle.
- Upload the bundle using one of the following APIs:
Create resources scoped to an environment using the API
Create resources that are scoped to an environment using the API by issuing a POST
request to the following resource:
/organizations/$ORG/environments/$ENV/resourcefiles
Pass the following information with your request:
- Set the
name
query parameter to the name of the resource - Set the
type
query parameter to the required resource type - Pass the contents of the resource file as
application/octet-stream
ormultipart/form-data
)
The following example shows how to create a JavaScript resource by passing its contents in the request body.
curl -X POST https://apigee.googleapis.com/v1/organizations/myorg/environments/test/resourcefiles?name=pathSetter.js&type=jsc
-H "Authorization: Bearer $TOKEN" \
-H "Content-type:application/octet-stream" \
-d 'request.headers["RequestPath"] = context.getVariable("proxy.basepath");'
Where $TOKEN
is set to your OAuth 2.0 access token, as described in
Obtaining an OAuth 2.0 access token. For information about the curl
options used in this example, see
Using curl. For a description of the environment variables used,
see Setting environment variables for Apigee API requests.
The following example shows how to upload the resource as a file from your local machine. It's important to
use -F
for the binary upload in curl in order for the environment- or
organization-scoped JavaScript files to be accessible by the JavaScript policy.
curl -X POST https://apigee.googleapis.com/v1/organizations/myorg/environments/test/resourcefiles?name=pathSetter.js&type=jsc
-H "Authorization: Bearer $TOKEN" \
-H "Content-type:multipart/form-data" \
-F file=@pathSetter.js
The following provides an example of the response:
{ "name" : "pathSetter.js", "type" : "jsc" }
View resources using the API
The following sections describe how to view resources using the API.
View all resources using the API
View all resources scoped to an environment using the API, as described in the following sections.
Using the API you can view resources scoped to an environment only.
To view all resources in an environment using the API, issue a GET
request to the following resource:
https://apigee.googleapis.com/v1/organizations/$ORG/environments/$ENV/resourcefiles
The following example lists all resources in the test
environment:
curl -X GET https://apigee.googleapis.com/v1/organizations/myorg/environments/test/resourcefiles
-H "Authorization: Bearer $TOKEN"
Where $TOKEN
is set to your OAuth 2.0 access token, as described in
Obtaining an OAuth 2.0 access token. For information about the curl
options used in this example, see
Using curl. For a description of the environment variables used,
see Setting environment variables for Apigee API requests.
For more information, see List environment resource files API.
The following provides an example of the response.
{
"resourceFile": [
{
"name" : "pathSetter.js",
"type" : "jsc"
}
]
}
View the contents of a resource using the API
To view the contents of a resource in an environment using the API, issue a GET
request to the following resource:
/organizations/$ORG/environments/$ENV/resourcefiles/$TYPE/$NAME
The following example lists the contents of the pathSetter.js
JavaScript (jsc
) file in the test
environment:
curl -X GET https://apigee.googleapis.com/v1/organizations/myorg/environments/test/resourcefiles/jsc/pathSetter.js
-H "Authorization: Bearer $TOKEN"
Where $TOKEN
is set to your OAuth 2.0 access token, as described in
Obtaining an OAuth 2.0 access token. For information about the curl
options used in this example, see
Using curl. For a description of the environment variables used,
see Setting environment variables for Apigee API requests.
The following provides an example of the response:
request.headers["RequestPath"] = context.getVariable("proxy.basepath");
Update resources using the API
Update resources that are scoped to an API proxy revision or environment, as described in the following sections.
Update resources scoped to an API proxy revision using the API
To update a resource that is scoped to an API proxy revision using the API:
- Download the API proxy configuration bundle using the Get API proxy revision API with the following options:
- Set the
format
query parameter tobundle
- Set the
Accept
header toapplication/zip
- Set the
- Update the resource file in the API proxy configuration bundle.
- Upload the API proxy configuration bundle using the Update API proxy revision API.
Update resources scoped to an environment using the API
Update a resource that is scoped to to an environment using the API by issuing a PUT
request to the following resource:
/organizations/$ORG/environments/$ENV/resourcefiles/$TYPE/$NAME
Pass the contents of the resource file as application/octet-stream
or multipart/form-data
.
The following example shows how to update a JavaScript resource by passing its contents in the request body.
curl -X PUT https://apigee.googleapis.com/v1/organizations/myorg/environments/test/resourcefiles/jsc/pathSetter.js
-H "Authorization: Bearer $TOKEN" \
-H "Content-type:application/octet-stream" \
-d 'request.headers["RequestPath"] = context.getVariable("proxy.basepath");'
Where $TOKEN
is set to your OAuth 2.0 access token, as described in
Obtaining an OAuth 2.0 access token. For information about the curl
options used in this example, see
Using curl. For a description of the environment variables used,
see Setting environment variables for Apigee API requests.
The following example shows how to update the resource file using a file from your local machine. It's important to
use -F
for the binary upload in curl in order for the environment- or
organization-scoped JavaScript files to be accessible by the JavaScript policy.
curl -X PUT https://apigee.googleapis.com/v1/organizations/myorg/environments/test/resourcefiles/jsc/pathSetter.js
-H "Authorization: Bearer $TOKEN" \
-H "Content-type:multipart/form-data" \
-F file=@pathSetter.js
The following provides an example of the response:
{ "name" : "pathSetter.js", "type" : "jsc" }
Delete resources using the API
Delete resource scoped to an API proxy revision or environment, as described in the following sections.
Delete resources scoped to an API proxy revision using the API
With hybrid, to delete a resource that is scoped to an API proxy using the API:
- Download the API proxy configuration bundle using the Get API proxy revision API with the following options:
- Set the
format
query parameter tobundle
- Set the
Accept
header toapplication/zip
- Set the
- Delete the resource file from the API proxy configuration bundle.
- Upload the API proxy configuration bundle using the Update API proxy revision API.
Delete a resource scoped to an environment using the API
Delete a resource scoped to an environment using the API, as described in the following sections.
To delete a resource scoped to an environment using the API, issue a DELETE
request to the following resource:
https://apigee.googleapis.com/v1/organizations/$ORG/environments/$ENV/resourcefiles/$TYPE/$NAME
The following example deletes the pathSetter.js
JavaScript resource file from the test
environment:
curl -X DELETE https://apigee.googleapis.com/v1/organizations/my-organization/environments/test/resourcefiles/jsc/pathSetter.js \ -H "Authorization: Bearer $TOKEN"
Where $TOKEN
is set to your OAuth 2.0 access token, as described in
Obtaining an OAuth 2.0 access token. For information about the curl
options used in this example, see
Using curl. For a description of the environment variables used,
see Setting environment variables for Apigee API requests.
For more information, see Delete resource file API.
The following provides an example of the response.
{
"name" : "pathSetter.js",
"type" : "jsc"
}
Access the resource
How you access the resource depends on the resource type. For more information, refer to the Policy reference overview.
The examples in this section demonstrate how to create and manage a JavaScript resource named pathSetter.js
to allow it to be referenced by
policies of type JavaScript.
To attach the JavaScript to the Request PostFlow, create a policy called
PathSetterPolicy.xml
that references the file pathSetter.js
:
<Javascript name='PathSetterPolicy' timeLimit='200'> <ResourceURL>jsc://pathSetter.js</ResourceURL> </Javascript>
Then, reference the policy in the Endpoint configuration:
<PostFlow> <Request> <Step><Name>PathSetterPolicy</Name></Step> </Request> <PostFlow>
For more information, see JavaScript policy.