In this medium, we will be looking on how to expose a legacy web-service / SOAP service as REST APIs using both WSO2 API Manager (2.6.0) and Enterprise Integrator (6.5.0).

Why EI & API Manager? Can’t we do it using either one of them?

Of course we can. It is possible to expose a SOAP service as REST APIs using either API Manager or Enterprise Integrator. But, if you have added additional mediations and performing heavy-duty mediations in API sequences, then using both the API Manager and Enterprise Integrator is a best solution. Which is because, EI is scoped and capable to perform heavy-mediations as well as the API Manager is scoped to perform only API management processes.

For demo purposes, I have implemented a mock Developer Management Web Service using Spring Boot and will be using that to configure our EI and API Manager instances.

Let’s dive into the demo …

Legacy Service

Entities & Services

The Developer Management Web Service contains the following entities and services …

- Add Developer
- Get Developer
- Delete Developer
- Add Repo
- Get Repo

Build & Run

Clone or download the project from GitHub, and execute the following command from the root folder to start the web-service server

mvn spring-boot:run

If you don’t have maven installed, then use the following to start the server

./mvnw spring-boot:run

After a successful startup, navigate to https://localhost:8443/ws/developers.wsdl to access the WSDL definitions of our Developer Management service.

WSO2 Enterprise Integrator

We will be starting from WSO2 Enterprise Integrator instance to expose the provided legacy service as REST service.

Truststore & Certificate

Beforehand, we want to export the self-signed certificate of our Developer Management service to our EI instance for a hassle-free SSL connectivity and HTTPS communication.

Follow the given steps to export and import certificates of our legacy service to the EI’s trust-store.

  • Export or download the self-signed certificate of our legacy service from the browser.

Follow this https://www.shellhacks.com/get-ssl-certificate-from-server-site-url-export-download/ to export and download the self-signed certificate from the browser

  • Execute the following command to import the certificate to our EI instance

Navigate to <EI>/repository/resources/security folder and execute the following command. Enter wso2carbon as the password if it prompts

keytool -importcert -file <path to crt> -keystore client-truststore.jks -alias hydrogen.com

Carbon Artifact

Start the EI instance by navigating to the /bin folder and execute the following command based on your environment …

# linux env
sh integrator.sh
# windows env

Fire up your favorite browser and route to https://localhost:9443/carbon and log in using the following credentials

  • username: admin
  • password: admin

I have implemented and provided a carbon archive with configurations related to SOAP to REST services, endpoints, and sequences. You can use the following artifact and deploy it our EI instance without any configurations hassle.

WSO2 EI: Add Carbon Application

Select Add under Carbon Applications section and upload and deploy the above-provided carbon archive.

Below given is the source code of Developer Management Service API Carbon artifact

Run & Test

Before testing, make sure to verify whether the EI instance is running and deploy the provided Carbon archive

Test the exposed REST API service using the below cURL commands. Given below are a couple of cURL commands to test the exposed REST APIs.

Given below is a .http file, can be used with VS Code with REST Client Extension

WSO2 API Manager

Thereafter, we’ll configure a WSO2 API Manager instance to manage the API lifecycle, traffic, subscriptions, and analytics of our exposed REST service.

Port Offset

In advance, we need to configure a port off-set for our API Manager instance, this done because both our EI and API Manager instances will be running on a single machine.

Navigate to <APIM>/repository/conf/carbon.xml and change the <Offset> value from 0 to 1. And, start the API Manager instance by navigating to <APIM>/bin folder and execute the following command based on your environment …

# linux env
sh wso2server.sh
# windows env

Design & Publish REST API

After a successful startup, route to https://localhost:9444/publisher and login using admin as both the username and password.

Given below is a complete Swagger definition for our Developer Management REST API.

Click on Add New API


Then select I Have an Existing API and upload the provided swagger file.

WSO2 APIM: Swagger Upload

Add the context as /dev-management and click Next: Implement

WSO2 APIM: Context Configuration

Add https://localhost:8243/dev-management as the Production Endpoint and click Next: Manage

WSO2 APIM: Production Endpoint

Select all applicable throttling tiers and click Save & Publish to publish the Developer Management REST API to the Store portal.

WSO2 APIM: Throttling Configurations

Subscribe API

After publishing the REST API from the Publisher portal, navigate to the Store portal by https://localhost:9444/store and log in as admin.

Select our published API and subscribe to the DefaultApplication with Unlimited Tier.

You can create a new application by navigating to the Application section in the Store portal and subscribe to that API with applicable Tier

WSO2 APIM: Store Overview

Select View Subscriptions from the alert box and then navigate to the Production Keys tab and select Generate Keys to generate new consumer keys for our DefaultApplication.

WSO2 APIM: Store Default Application Production Keys

After a successful generation, copy the Access Token value to invoke our defined REST APIs.

Run & Test

Before testing, make sure to verify whether the APIM instance is running and have successfully published the REST API and subscribed

Test the exposed REST APIs using the below cURL commands. Given below are a couple of cURL commands to test the exposed REST APIs. We can also test the REST APIs using the integrated Swagger tool in the Store portal.

You can replace the consumer-key and consumer-secret fields with the generated values or you can replace the {{access-token}} with the copied Access Token value and execute the cURL commands


We have successfully configured both WSO2 API Manager and Enterprise Integrator to expose SOAP Web-Service as REST APIs. Now you can try out something new with API Manager and Enterprise Integrator.

Happy Integration!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Athiththan Kathirgamasegaran

Athiththan Kathirgamasegaran

@athiththan11 | GH:athiththan11 | Site Reliability Engineer@WSO2