API Discovery in API Connect

API proliferation is a challenge that all sizes of organization face. APIs that are not known cannot be governed or validated and can allow security flaws to be unknowingly exposed. In IBM API Connect v10.0.8 a new feature called API Discovery has been included to help solve the challenge of discovering APIs in your estate.

Demo: Discovering APIs using Istio
Discovering APIs from GitHub

Demo: Discovering APIs using Istio

This demo will show how API Connect discovery can be used with open telemetry data from Istio to identify APIs being used within an application.

Discovering APIs from GitHub

Note: For this part of the Lab, we will make code changes directly in the GitHub UI so that no extra tooling is required other than your web browser.

The goal of this section of the lab is to send an OpenAPI Specification Document from GitHub to the API Discovery Service.

In a browser window, navigate to the GitHub repository for this lab: https://github.com/APIDiscoveryTechExchange2024/apic-discovery-lab
Fork this repo to your own github account

Fork to your account

Navigate to the send-to-discovery.yml file in your fork under the .github/workflows directory, and open the file
In the send-to-discovery.yml file find the api_key field (line 27) and check this is configured to be secrets.apicApikey.
Navigate to the Settings of your repository

Settings tab

Under the Secrets and variables section in the left menu, select the Actions option and then select New repository secret

Settings tab

In a new browser window or tab - Go to your API Connect SaaS Instance and Login.
From the user icon in the top right, select My API Keys

My API Keys )

Create a new API Key by pressing the “Add” button in the top right-hand corner and Copy the API Key
Returning to the GitHub tab/window, add a new Secret with the Name matching the reference for the api_key found previously e.g. apicApikey and the secret value being the API Key you just created. GitHub will save the Secret with the name set as all uppercase characters – this is expected.
Navigate back to the send-to-discovery.yml file in your github repo and press the “ Edit this file ” button (i.e. the Pencil icon in the file header bar).

Edit file

Under the env: property in the file
- Update the API_HOST variable (line 6) to be the Domain name of the API Connect SaaS instance where discovered APIs will be sent. e.g. us-east-a.apiconnect.automation.ibm.com
- Update the PROVIDER_ORG variable (line 7) to the Provider Organization name (or Instance name) of the APIConnect manager. e.g. demo-3
- Update the API_FILES variable (line 9) to be the relative path to the sample API specification within the GitHub repository for this lab e.g. APIfolder/photos.yaml.

Commit the changes to GitHub by pressing the “ Commit changes ” button. Update the commit message with a unique message which you’ll be able to track;
Once committed, navigate to the “Actions” panel. Enable actions on the repository so that the discovery action can run by clicking the I understand my workflows button.
Navigate to the Send discovered API to ApiConnect on the left hand navigation panel.
Select Run workflow dropdown and then click the Run workflow button

run workflow

Refresh the page and then click on the Send Discovered API to ApiConnect tile that has appeared and ensure that it runs successfully and the file has been sent to the API Discovery Service of the API Connect SaaS Instance:

successful run

Followed by

successful detail

Navigate to the UI of your API Connect SaaS Instance and access the “Discover” page by selecting the binoculars icon in the left-hand navigation bar
Observe that the API Specification Document is now visible in the UI under the “ APIs ” section. Select the API and have a look at its details in the API explorer UI.

discovered api

Select the Sources section and observe that there is a new Datasource of Type GitHub with the GitHub repository name.