APIKit Introduction

APIkit and APIkit for SOAP are toolkits that facilitate REST or SOAP API development: handling error conditions and setting status codes, and generating flows for RESTful calls or SOAP API requests. For RAML-based API simulation, APIkit also sets up the APIkit Console simulator. You develop APIs based on one of the following modeling languages:

  • RESTful API Modeling Language (RAML)

  • Web Service Description Language (WSDL)

You can reference an external RAML or WSDL design, import the design into Studio, or build the RAML or WSDL within Studio using the text editor. After simulating calls to the API, you can build out the framework of the design by adding to the flows generated by APIkit. For example, you can add web services, document, test, and enforce best practices, such as exception handling.

The best practice for API design with APIkit is first to design the RAML or WSDL interface outside Studio. For RAML development, MuleSoft recommends using API Designer. Next, you import the file into a Studio project to construct your main and backend flows. Alternatively, you can design the backend first by adding an API to an existing Studio project.

After designing an API to the RAML specification using APIkit, you can apply policies to the API in Anypoint Platform.


The following limitations apply:

  • APIkit for SOAP works only on Mule EE runtime 3.8.0 or later.

  • APIkit for SOAP does not download protected resources from the web.

    For example, a WSDL file behind a schema model, such as Basic Authentication, is not supported. You need to manually download the WSDL file and all dependencies, such as XSD, and select those files locally.

Security, Protocol, and baseUriParameter Limitations

APIkit 3.8.1 supports RAML 1.0. Mule 3.8.0 runtime limitations related to earlier versions of APIkit are covered in the RAML 1.0 early access document.

In API Gateway Runtime 2.x and earlier, APIkit is designed to work very tightly with RAML interfaces, but does not automatically import the following items from the RAML definition:

The protocol, URI host, and path defined in the RAML file are disregarded in favor of the ones that you define in the APIkit project’s HTTP Connector.

Security Workarounds

In API Gateway Runtime 2.x and earlier, to build out security for an API that matches the securitySchemes defined in the interface, use the following workarounds:

APIkit Console Limitations

APIkit Console does not support the Client Credentials and Resource Owner Password Credentials grant types in the embedded APIkit Console. To use these grant types, access the APIkit Console from a web browser. APIkit Console does not support scopes.

In this topic: