Contact Us 1-800-596-4880

Anypoint DataGraph CLI Reference

Anypoint Platform provides a command-line interface (CLI) for DataGraph. The CLI supports both the interactive shell and standard CLI modes.

Use the DataGraph CLI to manage:

Before You Get Started

DataGraph API Sources

Command Description

Adds an API source

Promotes an API source

Updates an API source

Scales API calls made to the unified schema

Downloads the unified schema

Deletes an API source

Gets an API source

Lists all API sources

Returns information about DataGraph

Validates an API source for the unified schema

datagraph sources add

> datagraph sources add <g/a/v>

DataGraph supports only stable state API versions.

This command adds an API source, specified by <g/a/v>, in which g is the group ID, a the asset ID, and v the version ID of the API source. The group ID is optional. If you don’t specify a group ID, the command uses the current organization ID.

In addition to the default --help, -f/--fields, -o/--output, and --verbose options, this command accepts the following options:

Options Description

--auth-none

Use if your API is public.

--auth-basic

Use if you authenticate to your API either by passing the basic authentication header or by passing a username and password.

Required:

  • --credentials <username>:<password>

--auth-oauth

Use if you authenticate to your API by passing OAuth 2.0 client_id, client_secret, and authorization server values.

Required:

  • --credentials <client_id>:<client_secret>

  • --server <authorization server URL>

    Not Required:

  • --scope <server>

--auth-pass-through

Use if you authenticate to your API by passing authorization headers.

Required:

  • --mapping: <comma-separated list of key-value pairs, for example, key1:value1,key2:value2>

--auth-headers

Use if you authenticate to your API by passing custom header parameters and values.

Required for headers:

  • --custom-headers: <comma-separated list of header-value pairs, for example, header1:value1,header2:value2>

    Or

  • --custom-headers-file: <location of the file containing header-value pairs, one per line>

--auth-query-params

Use if you authenticate to your API by passing query parameters and values.

Required for query params:

  • --credentials <client_id:client_secret>

--url <url>

Configures the URL for the backend API.

--discover-url

Automatically discovers the URL of the backend API based on the instances running in the current environment. If more than one API is running, DataGraph uses the first URL.

--ca

Specify a comma-separated list of certificate authority (CA) files to add to the API’s truststore, for example, file.ca,file2.ca.

--cert

Specify the filename of the client certificate to use for mutual transport layer security (mTLS), for example, cert.ca.

--key

Specify the filename of the private key to use for mTLS, for example key.pem.

--key-password

Specify the password to decrypt an encrypted private key.

--ignore-invalid-edits

Use to apply valid edits made in the extensions in the API specification and to ignore any edits that are invalid.

All headers and query params defined in the command line, and all header and query param files, are appended. If there are repeated keys, the values provided in the command line takes precedence.

Example Command

datagraph sources add 18dc11ee-4a09-4aae-9c6c-4371a87eafa8/product-api/1.0.0/  --url http://test.com

Example Output

{
  "apiVersion": "v1",
  "assetId": "product-api",
  "createDate": "2022-05-20T18:05:41",
  "endpoint": "http://test.com",
  "environmentId": "<envID>",
  "groupId": "<groupID>",
  "name": "Product API",
  "organizationId": "<orgID>",
  "securityScheme": "NO_AUTH",
  "sourceId": "deca7be1-c299-4441-bc7b-dba733e3a11f",
  "updateDate": "2022-05-20T18:05:41",
  "version": "1.0.0",
  "origin": "CLI"
}

datagraph sources promote

> datagraph sources promote <sourceId> <target-EnvID>

This command promotes an API source <sourceId> to the target environment <targetEnv>.

In addition to the default --help, -f/--fields, -o/--output, and --verbose options, this command accepts the following options:

Options Description

--auth-none

Use if your API is public.

--auth-basic

Use if you authenticate to your API either by using the basic authentication header or by using a username and password.

Required:

  • --credentials <username>:<password>

--auth-oauth

Use if you authenticate to your API by passing OAuth 2.0 client_id, client_secret, and authorization server values.

Required:

  • --client-credentials <client_id>:<client_secret>

  • --server <authorization server URL>

    Not Required:

  • --scope <server>

--auth-pass-through

Use if you authenticate to your API by passing authorization headers.

Required:

  • --mapping: <comma-separated list of key-value pairs, for example, key1:value1,key2:value2>

--auth-headers

Use if you authenticate to your API by passing custom header parameters and values.

Required for headers:

  • --custom-headers: <comma-separated list of header-value pairs, for example, header1:value1,header2:value2>

    Or

  • --custom-headers-file: <location of the file containing header header-value pairs, one per line>

--auth-query-params

Use if you authenticate to your API by passing query parameters and values.

Required for query params:

  • --credentials <client_id:client_secret>

--url

Configures the URL for the backend API.

--discover-url

Automatically discovers the URL of the backend API based on the instances running in the current environment. If more than one API is running, DataGraph uses the first URL.

--ca

Specify a list of CA files to add to the API’s truststore.

--cert

Specify the client certificate to use for mTLS.

--key

Specify the private key to use for mTLS.

--key-password

Specify the password to decrypt an encrypted private key.

--empty-ca

Deletes all CA certificates.

--empty-mtls

Deletes the client certificate, private key, and private key password information.

All headers and query params defined in the command line, and all header and query param files, are appended. If there are repeated keys, the values provided in the command line takes precedence.

Example Command

In this example, the environmentId is changed after running the promote command.

datagraph sources promote d1d27987-939a-4b41-b3ef-411568ee5bdd e7e8da65-9cf1-569e-c9d2-brd2r0rc7rd6 --auth-none

Example Output

{
  "apiVersion": "1.0",
  "assetId": "order-e2e",
  "createDate": "2022-05-27T18:56:03",
  "endpoint": "http://test.com",
  "environmentId": "e7e8da65-9cf1-569e-c9d2-brd2r0rc7rd6",
  "groupId": "<groupID>",
  "name": "Order E2E",
  "organizationId": "<orgID>",
  "securityScheme": "NO_AUTH",
  "sourceId": "1ff021b3-9296-43fd-9d64-2f9027c25740",
  "updateDate": "2022-05-27T18:56:03",
  "version": "1.0.0",
  "origin": "CLI"
}

datagraph sources update

> datagraph sources update <sourceId>

DataGraph supports only stable state API versions. The update command updates only patch and minor versions of an API source.

This command updates the version of an API source <sourceId>.

In addition to the default --help, -f/--fields, -o/--output, and --verbose options, this command accepts the following options:

Options Description

--auth-none

Use if your API is public.

--auth-basic

Use if you authenticate to your API by passing either the basic authentication header or both a username and password.

Required:

  • --credentials <username>:<password>

--auth-oauth

Use if you authenticate to your API by passing OAuth 2.0 client_id, client_secret, and authorization server values.

Required:

  • --credentials <client_id>:<client_secret>

  • --server <authorization server URL>

    Not Required:

  • --scope <server>

--auth-pass-through

Use if you authenticate to your API by passing authorization headers.

Required:

  • --mapping: <comma-separated list of key-value pairs, for example, key1:value1,key2:value2>

--auth-headers

Use if you authenticate to your API by passing custom header parameters and values.

Required for headers:

  • --custom-headers: <comma-separated list of header-value pairs, for example, header1:value1,header2:value2>

    Or

  • --custom-headers-file: <location of the file containing header-value pairs, one per line>

--auth-query-params

Use if you authenticate to your API by passing query parameters and values.

Required for query params:

  • --credentials <client_id:client_secret>

--url

Configures the URL for the backend API.

--discover-url

Automatically discovers the URL of the backend API based on the instances running in the current environment. If more than one API is running, DataGraph uses the first URL.

--ca

Specify a list of CA files to add to the API’s truststore.

--cert

Specify the client certificate to use for mTLS.

--key

Specify the private key to use for mTLS.

--key-password

Specify the password to decrypt an encrypted private key.

--empty-ca

Deletes all CA certificates.

--empty-mtls

Deletes the client certificate, private key, and private key password information.

--keep-edits

Keeps edits that are present in the current version of the API source instead of extracting those edits from the API specification.

--override-ui-edits

Change the origin of the API source to the CLI. Ff the origin of the API source is the DataGraph UI, use this option to override the UI edits with the edits in the API specification.

--ignore-invalid-edits

Use to apply valid edits made in the extensions in the API specification and to ignore any edits that are invalid.

All headers and query params defined in the command line, and all header and query param files, are appended. If there are repeated keys, the values provided in the command line takes precedence.

Example Command

The following command updates the URL of the source API and changes its authentication from auth-none to auth-basic, adding a client ID and secret.

> datagraph sources update b6cb82a6-51dc-4968-861a-aa04447c3442 --url http://test2.com --version 1.0.0 --auth-basic --credentials client-test:client-secret

Example Output

{
  "apiVersion": "v1",
  "assetId": "product-api",
  "createDate": "2022-05-20T18:56:57Z",
  "endpoint": "http://test2.com",
  "environmentId": "<envID>",
  "groupId": "<groupID>",
  "name": "Product API",
  "organizationId": "<orgID>",
  "securityScheme": "BASIC",
  "sourceId": "b6cb82a6-51dc-4968-861a-aa04447c3442",
  "updateDate": "2022-05-27T18:31:39",
  "version": "1.0.0",
  "origin": "CLI"
}

datagraph scale

> datagraph scale <concurrent-api-calls>

This command enables you to configure the number of concurrent API calls permitted for a unified schema. Increasing or decreasing API calls enables you to process higher workloads and optimize your consumption when needed.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Command

datagraph scale 300

Example Output

{
  "message": "Api calls updated"
}

datagraph schema-download

> datagraph schema-download

This command downloads the unified schema for the current environment.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Output

directive @key(fields: String) on OBJECT

"An Item"
type Item {
  itemId: Int!
  "A Product"
  product: OrderProduct!
  quantity: Int!
}

"An Order"
type Order {
  items: [Item!]!
  orderId: String!
  customerId: String!
}

"A Product"
type OrderProduct {
  productId: String!
  name: String!
}

type Query {
  orders(ordersCount: Int): [Order!]
  ordersByOrderId(orderId: String!): Order
  ordersProductsByOrderId(productsCounts: Int, orderId: String!): [OrderProduct!]
}

datagraph sources delete

> datagraph sources delete <sourceId>

This command deletes the specified API source.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Command

datagraph sources delete d40df394-785d-4c91-8aeb-f07568dd57c

Example Output

{
  "message": "Source deleted successfully",
  "sourceId": "620afe93-b196-42eb-ae77-b68a0a937b6a"
}

datagraph sources get

> datagraph sources get <sourceId>

This command gets the specified API source.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Command

datagraph sources get d1d27987-939a-4b41-b3ef-411568ee5bdd

Example Output

{
  "apiVersion": "1.0",
  "assetId": "order-e2e",
  "createDate": "2022-05-20T16:49:00Z",
  "hasKeystore": false,
  "endpoint": "http://test.com",
  "environmentId": "<envID>",
  "groupId": "<groupID>",
  "name": "Order E2E",
  "organizationId": "<orgID>",
  "hasTruststore": false,
  "securityScheme": "NO_AUTH",
  "sourceId": "d1d27987-939a-4b41-b3ef-411568ee5bdd",
  "updateDate": "2022-05-20T16:49:00Z",
  "version": "1.0.0",
  "origin": "CLI"
}

datagraph sources list

> datagraph sources list

This command lists all API sources for the current environment.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Output

{
    "apiVersion": "1.0",
    "assetId": "order-e2e",
    "createDate": "2022-05-20T16:49:00.000Z",
    "endpoint": "http://test.com",
    "environmentId": "<envID>",
    "groupId": "<groupID>",
    "name": "Order E2E",
    "organizationId": "<orgID>",
    "securityScheme": "NO_AUTH",
    "sourceId": "d1d27987-939a-4b41-b3ef-411568ee5bdd",
    "updateDate": "2022-05-20T16:49:00.000Z",
    "version": "1.0.0",
    "origin": "CLI"
  },
  {
    "apiVersion": "v1",
    "assetId": "product-api",
    "createDate": "2022-05-20T18:05:41.000Z",
    "endpoint": "http://test.com",
    "environmentId": "<envID>",
    "groupId": "<groupID>",
    "name": "Product API",
    "organizationId": "<orgID>",
    "securityScheme": "NO_AUTH",
    "sourceId": "deca7be1-c299-4441-bc7b-dba733e3a11f",
    "updateDate": "2022-05-20T18:05:41.000Z",
    "version": "1.0.0",
    "origin": "CLI"
  }

datagraph describe

> datagraph describe

This command returns the following information about DataGraph:

  • endpoint: Displays the GraphQL endpoint that accepts requests.

  • deploymentError: If a DataGraph deployment fails, this field describes the error; otherwise, it’s empty.

  • deploymentStatus: Shows whether DataGraph is deploying, running, or has errors.

  • logLevels: Displays a list of the configured log levels.

  • envStatus: Displays the status of the current environment.

  • dlbEndpoint: Displays the load balancer endpoint.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Output

{
  "deploymentStatus": "STARTED",
  "dlbEndpoint": "datagraph-example.us-e1.prod.cloudhub.io",
  "endpoint": "datagraph-example.us-e1.prod.cloudhub.io",
  "envStatus": "STARTED"
}

datagraph validate

> datagraph validate asset <g/a/v>

This command validates if it’s possible to add an API source to the unified schema. To do so, the command:

  • Translates the API source into a GraphQL schema.

  • Validates any API extensions applied in the API specification.

  • Runs a conflict check against the unified schema.

If any of these steps generates a conflict or error, the command returns the result. If it finds no conflicts or errors, it returns a success message.

The API source to validate is specified by <g/a/v>, in which g is the group ID, a the asset ID, and v the version ID of the API source. The group ID is optional. If you don’t specify a group ID, the command uses the current organization ID.

This command takes the default --help, -f/--fields, -o/--output, and --verbose options.

Example Command

datagraph validate asset 73b0d8f2-5a2f-4107-884d-fcd80f30bc51/sales-api/1.0.0

Example Output

{
  "code": "success"
}

DataGraph Load Balancers

Command Description

Adds a dedicated load balancer configuration to Anypoint DataGraph

Displays a dedicated load balancer configuration for Anypoint DataGraph

Removes a dedicated load balancer configuration from Anypoint DataGraph

datagraph load-balancer-config add

> datagraph load-balancer-config add <dlbUrl>

This command adds a dedicated load balancer configuration specified by <dlbUrl> to Anypoint DataGraph. The dlbUrl is a valid URL that includes the DLB domain and the mapping rule inputUri.

This command accepts only the default options: --help, -f/--fields and -o/--output.

datagraph load-balancer-config describe

> datagraph load-balancer-config describe [options]

This command displays a dedicated load balancer URL for Anypoint DataGraph.

This command accepts only the default options: --help, -f/--fields and -o/--output.

datagraph load-balancer-config remove

> datagraph load-balancer-config remove [options]

This command removes a dedicated load balancer configuration from Anypoint DataGraph.

This command accepts only the default options: --help, -f/--fields and -o/--output.

DataGraph CLI Command Errors

DataGraph returns these errors when you incorrectly define a command. These errors can be caused by an incorrect option parameter, an ID that cannot be found, or the lack of a required option.

Options are Required

Output:

{
  "error": {
    "errorMessage": "Options are required"
  }
}

Cause:

This error indicates that at least one option is required to run the command.

  • datagraph sources add: Either the --url option or the --discover-url option is required for this command.

  • datagraph sources update/promote: Any available option is required. Define an element to update or promote in the target source.

Not Found

Output:

{
  "errorCode": "dg-xapi-proxy",
  "errorMessage": "Not Found"
}

Cause:

This error indicates that DataGraph didn’t find the asset.

  • datagraph sources add: The asset is not reachable either because the group ID, asset ID, and version ID does not correspond to a valid asset, or you cannot access the asset.

  • datagraph sources update/promote: The UUID you provided does not exist in the current environment or in the target environment to which you’re attempting to promote the asset.

Bad Request

Output:

{
  "error": {
    "code": "400",
    "message": "Bad Request"
  }
}

Cause:

This error indicates that some required parameters in the command are incorrectly formatted.

  • datagraph sources update: The provided source ID is not a valid UUID.

  • datagraph sources promote: The source ID or the target environment ID are not in a valid UUID format.

API Already Exists

Output:

{
  "errorCode": "dg-federation-source-exists",
  "errorMessage": "API already exists"
}

Cause:

This error indicates that the API you are trying to add already exists in the unified schema.

  • datagraph sources add: The asset ID and major version of the API source already exist in the unified schema. To make changes to the source, use the datagraph sources update command.

No API Instances Found

Output:

{
  "errorCode": "dg-xapi-no-api-instances",
  "errorMessage": "No API instances found"
}

Cause:

This error indicates the lack of URL to retrieve for an API instance.

  • datagraph sources add/update/promote: This errors appears when using the `--discover-url option. It occurs when the asset has no valid instances from which the URL can be retrieved that aren’t from a mocking service. In such cases, use the --url option instead.

Must Define URL

Output:

{
  "error": {
    "errorMessage": "Must define url or set --discover-url"
  }
}

Cause:

This error indicates that you must set the URL using either --url or --discover-url.

  • datagraph sources add: Because an URL is a required field in the add command, you must set one of the two options, --url or --discover-url.

Invalid API Calls

Output:

{
  "errorCode": "dg-xapi-invalid-api-calls",
  "errorMessage": "Invalid Api Calls: 1500"
}

Cause:

This error indicates that you requested an invalid number of API calls.

  • datagraph scale: The number of concurrent calls must be a number between 1 and 1200.

Unauthorized

Output:

{
  "error": {
    "code": "401",
    "message": "Unauthorized"
  }
}

Cause:

This error indicates that you lost the session in the CLI when using it in interactive mode. Exit and relaunch the CLI, and then log in again.

API Not Found in Current Environment

Output:

{
  "errorCode": "dg-federation-source-not-in-env",
  "errorMessage": "API not found in current environment"
}

Cause:

This error indicates that the API source you are trying to edit, delete, or update exists, but it is not in the working environment.

  • datagraph sources update/promote: The UUID sent is not in the working environment. Or, if you are using the --version option, the major version is not compatible with the current version.

DataGraph CLI Validation Errors

DataGraph returns these errors when you use the datagraph validate asset command before adding or updating an API source against the unified schema.

Editing Errors

Editing errors are generated when the edits in the particular API source contain a semantic problem. These errors use the code property dg-federation-customization-conflict and have the following structure:

{
  "code": "dg-federation-customization-conflict",
  "detail": [
    {
      "code": "element-not-found-in-spec",
      "editType": "set-primary-key",
      "reason": "field addId was not found in the specification",
      "element": "Address"
    }
  ],
  "message": "Customization conflict found adding Customer API"
}
  • The message field contains a human-readable response of the validation and provides a summary of the error.

  • The detail field contains a list of all the conflicts found in the current asset:

    • The code field identifies the type of error.

    • The editType field identifies the customization that has the conflict.

    • The reason field contains a human-readable description of the issue.

    • the element field contains the problem.

Conflict Errors

Conflict errors occur when you try to add an API schema to the unified schema. These errors use the code property dg-federation-udg-conflict and have the following structure:

{
  "code": "dg-federation-udg-conflict",
  "detail": [
    {
      "element": "Customer",
      "violations": [
        {
          "code": "incompatible-primary-key-set",
          "keys": [
            "customerId"
          ],
          "expectedKeys": [
            "name"
          ],
          "message": "Primary key set have edges with different names"
        }
      ]
    }
  ],
  "message": "Merge conflict found adding CLI - Customer OAS API"
}
  • The message field contains a human-readable response of the validation and provides a summary of the error.

  • The detail field contains a list of all conflicts found when trying to merge the API schema into the unified schema.

    • The element field contains the location of the conflict.

    • The violations field lists the conflicts to fix.

      • The code field identifies the type of the error.

      • The message field contains a human-readable description of the issue, and, depending on the type of error, it can contain additional properties with more details.