CLI for DataGraph API Source Management

Command	Description
datagraph sources add	Adds an API source
datagraph sources promote	Promotes an API source
datagraph sources update	Updates an API source
datagraph scale	Scales API calls made to the unified schema
datagraph schema-download	Downloads the unified schema
datagraph sources delete	Deletes an API source
datagraph sources get	Gets an API source
datagraph sources list	Lists all API sources
datagraph describe	Returns information about DataGraph
datagraph validate	Validates an API source for the unified schema

Command

Description

datagraph sources add

Adds an API source

datagraph sources promote

Promotes an API source

datagraph sources update

Updates an API source

datagraph scale

Scales API calls made to the unified schema

datagraph schema-download

Downloads the unified schema

datagraph sources delete

Deletes an API source

datagraph sources get

Gets an API source

datagraph sources list

Lists all API sources

datagraph describe

Returns information about DataGraph

datagraph validate

Validates an API source for the unified schema

datagraph sources add

> datagraph sources add <g/a/v>

DataGraph supports only stable state API versions.

This command adds an API source, specified by <g/a/v>, in which g is the group ID, a the asset ID, and v the version ID of the API source. The group ID is optional. If you don’t specify a group ID, the command uses the current organization ID.

In addition to the default --help, -f/--fields, -o/--output, and --verbose options, this command accepts the following options:

Options Description

Options	Description
`--auth-none`	Use if your API is public.
`--auth-basic`	Use if you authenticate to your API either by passing the basic authentication header or by passing a username and password. Required: `--credentials <username>:<password>`
`--auth-oauth`	Use if you authenticate to your API by passing OAuth 2.0 `client_id`, `client_secret`, and authorization server values. Required: `--credentials <client_id>:<client_secret>` `--server <authorization server URL>` Not Required: `--scope <server>`
`--auth-pass-through`	Use if you authenticate to your API by passing authorization headers. Required: `--mapping: <comma-separated list of key-value pairs, for example, key1:value1,key2:value2>`
`--auth-headers`	Use if you authenticate to your API by passing custom header parameters and values. Required for headers: `--custom-headers: <comma-separated list of header-value pairs, for example, header1:value1,header2:value2>` Or `--custom-headers-file: <location of the file containing header-value pairs, one per line>`
`--auth-query-params`	Use if you authenticate to your API by passing query parameters and values. Required for query params: `--credentials <client_id:client_secret>`
`--url <url>`	Configures the URL for the backend API.
`--discover-url`	Automatically discovers the URL of the backend API based on the instances running in the current environment. If more than one API is running, DataGraph uses the first URL.
`--ca`	Specify a comma-separated list of certificate authority (CA) files to add to the API’s truststore, for example, `file.ca,file2.ca`.
`--cert`	Specify the filename of the client certificate to use for mutual transport layer security (mTLS), for example, `cert.ca`.
`--key`	Specify the filename of the private key to use for mTLS, for example `key.pem`.
`--key-password`	Specify the password to decrypt an encrypted private key.
`--ignore-invalid-edits`	Use to apply valid edits made in the extensions in the API specification and to ignore any edits that are invalid.

--auth-none

Use if your API is public.

--auth-basic

Use if you authenticate to your API either by passing the basic authentication header or by passing a username and password.

Required:

--credentials <username>:<password>

--auth-oauth

Use if you authenticate to your API by passing OAuth 2.0 client_id, client_secret, and authorization server values.

Required:

--credentials <client_id>:<client_secret>
--server <authorization server URL>

Not Required:
--scope <server>

--auth-pass-through

Use if you authenticate to your API by passing authorization headers.

Required:

--mapping: <comma-separated list of key-value pairs, for example, key1:value1,key2:value2>

--auth-headers

Use if you authenticate to your API by passing custom header parameters and values.

Required for headers:

--custom-headers: <comma-separated list of header-value pairs, for example, header1:value1,header2:value2>

Or
--custom-headers-file: <location of the file containing header-value pairs, one per line>

--auth-query-params

Use if you authenticate to your API by passing query parameters and values.

Required for query params:

--credentials <client_id:client_secret>

--url <url>

Configures the URL for the backend API.

--discover-url

Automatically discovers the URL of the backend API based on the instances running in the current environment. If more than one API is running, DataGraph uses the first URL.

--ca

Specify a comma-separated list of certificate authority (CA) files to add to the API’s truststore, for example, file.ca,file2.ca.

--cert

Specify the filename of the client certificate to use for mutual transport layer security (mTLS), for example, cert.ca.

--key

Specify the filename of the private key to use for mTLS, for example key.pem.

--key-password

Specify the password to decrypt an encrypted private key.

--ignore-invalid-edits

Use to apply valid edits made in the extensions in the API specification and to ignore any edits that are invalid.

All headers and query params defined in the command line, and all header and query param files, are appended. If there are repeated keys, the values provided in the command line takes precedence.

Example Command

datagraph sources add 18dc11ee-4a09-4aae-9c6c-4371a87eafa8/product-api/1.0.0/  --url http://test.com

Example Output

{
  "apiVersion": "v1",
  "assetId": "product-api",
  "createDate": "2022-05-20T18:05:41",
  "endpoint": "http://test.com",
  "environmentId": "<envID>",
  "groupId": "<groupID>",
  "name": "Product API",
  "organizationId": "<orgID>",
  "securityScheme": "NO_AUTH",
  "sourceId": "deca7be1-c299-4441-bc7b-dba733e3a11f",
  "updateDate": "2022-05-20T18:05:41",
  "version": "1.0.0",
  "origin": "CLI"
}

datagraph sources promote

> datagraph sources promote <sourceId> <target-EnvID>

This command promotes an API source <sourceId> to the target environment <targetEnv>.

In addition to the default --help, -f/--fields, -o/--output, and --verbose options, this command accepts the following options:

Options Description

Options	Description
`--auth-none`	Use if your API is public.
`--auth-basic`	Use if you authenticate to your API either by using the basic authentication header or by using a username and password. Required: `--credentials <username>:<password>`
`--auth-oauth`	Use if you authenticate to your API by passing OAuth 2.0 `client_id`, `client_secret`, and authorization server values. Required: `--client-credentials <client_id>:<client_secret>` `--server <authorization server URL>` Not Required: `--scope <server>`
`--auth-pass-through`	Use if you authenticate to your API by passing authorization headers. Required: `--mapping: <comma-separated list of key-value pairs, for example, key1:value1,key2:value2>`
`--auth-headers`	Use if you authenticate to your API by passing custom header parameters and values. Required for headers: `--custom-headers: <comma-separated list of header-value pairs, for example, header1:value1,header2:value2>` Or `--custom-headers-file: <location of the file containing header header-value pairs, one per line>`
`--auth-query-params`	Use if you authenticate to your API by passing query parameters and values. Required for query params: `--credentials <client_id:client_secret>`
`--url`	Configures the URL for the backend API.
`--discover-url`	Automatically discovers the URL of the backend API based on the instances running in the current environment. If more than one API is running, DataGraph uses the first URL.
`--ca`	Specify a list of CA files to add to the API’s truststore.
`--cert`	Specify the client certificate to use for mTLS.
`--key`	Specify the private key to use for mTLS.
`--key-password`	Specify the password to decrypt an encrypted private key.
`--empty-ca`	Deletes all CA certificates.
`--empty-mtls`	Deletes the client certificate, private key, and private key password information.

--auth-none

Use if your API is public.

--auth-basic

Use if you authenticate to your API either by using the basic authentication header or by using a username and password.

Required:

--credentials <username>:<password>

--auth-oauth

Use if you authenticate to your API by passing OAuth 2.0 client_id, client_secret, and authorization server values.

Required:

--client-credentials <client_id>:<client_secret>
--server <authorization server URL>

Not Required:
--scope <server>

--auth-pass-through

Use if you authenticate to your API by passing authorization headers.

Required:

--mapping: <comma-separated list of key-value pairs, for example, key1:value1,key2:value2>

--auth-headers

Use if you authenticate to your API by passing custom header parameters and values.

Required for headers:

--custom-headers: <comma-separated list of header-value pairs, for example, header1:value1,header2:value2>

Or
--custom-headers-file: <location of the file containing header header-value pairs, one per line>

--auth-query-params

Use if you authenticate to your API by passing query parameters and values.

Required for query params:

--credentials <client_id:client_secret>

--url

Configures the URL for the backend API.

--discover-url

Automatically discovers the URL of the backend API based on the instances running in the current environment. If more than one API is running, DataGraph uses the first URL.

--ca

Specify a list of CA files to add to the API’s truststore.

--cert

Specify the client certificate to use for mTLS.

--key

Specify the private key to use for mTLS.

--key-password

Specify the password to decrypt an encrypted private key.

--empty-ca

Deletes all CA certificates.

--empty-mtls

Deletes the client certificate, private key, and private key password information.

All headers and query params defined in the command line, and all header and query param files, are appended. If there are repeated keys, the values provided in the command line takes precedence.

Example Command

In this example, the environmentId is changed after running the promote command.

datagraph sources promote d1d27987-939a-4b41-b3ef-411568ee5bdd e7e8da65-9cf1-569e-c9d2-brd2r0rc7rd6 --auth-none

Example Output

{
  "apiVersion": "1.0",
  "assetId": "order-e2e",
  "createDate": "2022-05-27T18:56:03",
  "endpoint": "http://test.com",
  "environmentId": "e7e8da65-9cf1-569e-c9d2-brd2r0rc7rd6",
  "groupId": "<groupID>",
  "name": "Order E2E",
  "organizationId": "<orgID>",
  "securityScheme": "NO_AUTH",
  "sourceId": "1ff021b3-9296-43fd-9d64-2f9027c25740",
  "updateDate": "2022-05-27T18:56:03",
  "version": "1.0.0",
  "origin": "CLI"
}

datagraph sources update

> datagraph sources update <sourceId>

DataGraph supports only stable state API versions. The update command updates only patch and minor versions of an API source.

This command updates the version of an API source <sourceId>.

In addition to the default --help, -f/--fields, -o/--output, and --verbose options, this command accepts the following options:

Options Description

Options	Description
`--auth-none`	Use if your API is public.
`--auth-basic`	Use if you authenticate to your API by passing either the basic authentication header or both a username and password. Required: `--credentials <username>:<password>`
`--auth-oauth`	Use if you authenticate to your API by passing OAuth 2.0 `client_id`, `client_secret`, and authorization server values. Required: `--credentials <client_id>:<client_secret>` `--server <authorization server URL>` Not Required: `--scope <server>`
`--auth-pass-through`	Use if you authenticate to your API by passing authorization headers. Required: `--mapping: <comma-separated list of key-value pairs, for example, key1:value1,key2:value2>`
`--auth-headers`	Use if you authenticate to your API by passing custom header parameters and values. Required for headers: `--custom-headers: <comma-separated list of header-value pairs, for example, header1:value1,header2:value2>` Or `--custom-headers-file: <location of the file containing header-value pairs, one per line>`
`--auth-query-params`	Use if you authenticate to your API by passing query parameters and values. Required for query params: `--credentials <client_id:client_secret>`
`--url`	Configures the URL for the backend API.
`--discover-url`	Automatically discovers the URL of the backend API based on the instances running in the current environment. If more than one API is running, DataGraph uses the first URL.
`--ca`	Specify a list of CA files to add to the API’s truststore.
`--cert`	Specify the client certificate to use for mTLS.
`--key`	Specify the private key to use for mTLS.
`--key-password`	Specify the password to decrypt an encrypted private key.
`--empty-ca`	Deletes all CA certificates.
`--empty-mtls`	Deletes the client certificate, private key, and private key password information.
`--keep-edits`	Keeps edits that are present in the current version of the API source instead of extracting those edits from the API specification.
`--override-ui-edits`	Change the origin of the API source to the CLI. Ff the origin of the API source is the DataGraph UI, use this option to override the UI edits with the edits in the API specification.
`--ignore-invalid-edits`	Use to apply valid edits made in the extensions in the API specification and to ignore any edits that are invalid.

--auth-none

Use if your API is public.

--auth-basic

Use if you authenticate to your API by passing either the basic authentication header or both a username and password.

Required:

--credentials <username>:<password>

--auth-oauth

Use if you authenticate to your API by passing OAuth 2.0 client_id, client_secret, and authorization server values.

Required:

--credentials <client_id>:<client_secret>
--server <authorization server URL>

Not Required:
--scope <server>

--auth-pass-through

Use if you authenticate to your API by passing authorization headers.

Required:

--mapping: <comma-separated list of key-value pairs, for example, key1:value1,key2:value2>

--auth-headers

Use if you authenticate to your API by passing custom header parameters and values.

Required for headers:

--custom-headers: <comma-separated list of header-value pairs, for example, header1:value1,header2:value2>

Or
--custom-headers-file: <location of the file containing header-value pairs, one per line>

--auth-query-params

Use if you authenticate to your API by passing query parameters and values.

Required for query params:

--credentials <client_id:client_secret>

--url

Configures the URL for the backend API.

--discover-url

Automatically discovers the URL of the backend API based on the instances running in the current environment. If more than one API is running, DataGraph uses the first URL.

--ca

Specify a list of CA files to add to the API’s truststore.

--cert

Specify the client certificate to use for mTLS.

--key

Specify the private key to use for mTLS.

--key-password

Specify the password to decrypt an encrypted private key.

--empty-ca

Deletes all CA certificates.

--empty-mtls

Deletes the client certificate, private key, and private key password information.

--keep-edits

Keeps edits that are present in the current version of the API source instead of extracting those edits from the API specification.

--override-ui-edits

Change the origin of the API source to the CLI. Ff the origin of the API source is the DataGraph UI, use this option to override the UI edits with the edits in the API specification.

--ignore-invalid-edits

Use to apply valid edits made in the extensions in the API specification and to ignore any edits that are invalid.

All headers and query params defined in the command line, and all header and query param files, are appended. If there are repeated keys, the values provided in the command line takes precedence.

Example Command

The following command updates the URL of the source API and changes its authentication from auth-none to auth-basic, adding a client ID and secret.

> datagraph sources update b6cb82a6-51dc-4968-861a-aa04447c3442 --url http://test2.com --version 1.0.0 --auth-basic --credentials client-test:client-secret

Example Output

{
  "apiVersion": "v1",
  "assetId": "product-api",
  "createDate": "2022-05-20T18:56:57Z",
  "endpoint": "http://test2.com",
  "environmentId": "<envID>",
  "groupId": "<groupID>",
  "name": "Product API",
  "organizationId": "<orgID>",
  "securityScheme": "BASIC",
  "sourceId": "b6cb82a6-51dc-4968-861a-aa04447c3442",
  "updateDate": "2022-05-27T18:31:39",
  "version": "1.0.0",
  "origin": "CLI"
}

datagraph scale

> datagraph scale <concurrent-api-calls>

This command enables you to configure the number of concurrent API calls permitted for a unified schema. Increasing or decreasing API calls enables you to process higher workloads and optimize your consumption when needed.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Command

datagraph scale 300

Example Output

{
  "message": "Api calls updated"
}

datagraph schema-download

> datagraph schema-download

This command downloads the unified schema for the current environment.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Output

directive @key(fields: String) on OBJECT

"An Item"
type Item {
  itemId: Int!
  "A Product"
  product: OrderProduct!
  quantity: Int!
}

"An Order"
type Order {
  items: [Item!]!
  orderId: String!
  customerId: String!
}

"A Product"
type OrderProduct {
  productId: String!
  name: String!
}

type Query {
  orders(ordersCount: Int): [Order!]
  ordersByOrderId(orderId: String!): Order
  ordersProductsByOrderId(productsCounts: Int, orderId: String!): [OrderProduct!]
}

datagraph sources delete

> datagraph sources delete <sourceId>

This command deletes the specified API source.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Command

datagraph sources delete d40df394-785d-4c91-8aeb-f07568dd57c

Example Output

{
  "message": "Source deleted successfully",
  "sourceId": "620afe93-b196-42eb-ae77-b68a0a937b6a"
}

datagraph sources get

> datagraph sources get <sourceId>

This command gets the specified API source.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Command

datagraph sources get d1d27987-939a-4b41-b3ef-411568ee5bdd

Example Output

{
  "apiVersion": "1.0",
  "assetId": "order-e2e",
  "createDate": "2022-05-20T16:49:00Z",
  "hasKeystore": false,
  "endpoint": "http://test.com",
  "environmentId": "<envID>",
  "groupId": "<groupID>",
  "name": "Order E2E",
  "organizationId": "<orgID>",
  "hasTruststore": false,
  "securityScheme": "NO_AUTH",
  "sourceId": "d1d27987-939a-4b41-b3ef-411568ee5bdd",
  "updateDate": "2022-05-20T16:49:00Z",
  "version": "1.0.0",
  "origin": "CLI"
}

datagraph sources list

> datagraph sources list

This command lists all API sources for the current environment.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Output

{
    "apiVersion": "1.0",
    "assetId": "order-e2e",
    "createDate": "2022-05-20T16:49:00.000Z",
    "endpoint": "http://test.com",
    "environmentId": "<envID>",
    "groupId": "<groupID>",
    "name": "Order E2E",
    "organizationId": "<orgID>",
    "securityScheme": "NO_AUTH",
    "sourceId": "d1d27987-939a-4b41-b3ef-411568ee5bdd",
    "updateDate": "2022-05-20T16:49:00.000Z",
    "version": "1.0.0",
    "origin": "CLI"
  },
  {
    "apiVersion": "v1",
    "assetId": "product-api",
    "createDate": "2022-05-20T18:05:41.000Z",
    "endpoint": "http://test.com",
    "environmentId": "<envID>",
    "groupId": "<groupID>",
    "name": "Product API",
    "organizationId": "<orgID>",
    "securityScheme": "NO_AUTH",
    "sourceId": "deca7be1-c299-4441-bc7b-dba733e3a11f",
    "updateDate": "2022-05-20T18:05:41.000Z",
    "version": "1.0.0",
    "origin": "CLI"
  }

datagraph describe

> datagraph describe

This command returns the following information about DataGraph:

endpoint: Displays the GraphQL endpoint that accepts requests.
deploymentError: If a DataGraph deployment fails, this field describes the error; otherwise, it’s empty.
deploymentStatus: Shows whether DataGraph is deploying, running, or has errors.
logLevels: Displays a list of the configured log levels.
envStatus: Displays the status of the current environment.
dlbEndpoint: Displays the load balancer endpoint.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Output

{
  "deploymentStatus": "STARTED",
  "dlbEndpoint": "datagraph-example.us-e1.prod.cloudhub.io",
  "endpoint": "datagraph-example.us-e1.prod.cloudhub.io",
  "envStatus": "STARTED"
}

datagraph validate

> datagraph validate asset <g/a/v>

This command validates if it’s possible to add an API source to the unified schema. To do so, the command:

Translates the API source into a GraphQL schema.
Validates any API extensions applied in the API specification.
Runs a conflict check against the unified schema.

If any of these steps generates a conflict or error, the command returns the result. If it finds no conflicts or errors, it returns a success message.

The API source to validate is specified by <g/a/v>, in which g is the group ID, a the asset ID, and v the version ID of the API source. The group ID is optional. If you don’t specify a group ID, the command uses the current organization ID.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Command

datagraph validate asset 73b0d8f2-5a2f-4107-884d-fcd80f30bc51/sales-api/1.0.0

Example Output

{
  "code": "success"
}