API Development

Amplify Central Connected Gateway Custom API Subscription Flow – Hello World Flow Using Integration Builder

Amplify Central Connected Gateway Custom API Subscription Flow

This blog post is the third in a series covering custom API subscription approval flows for Amplify Central connected API gateways using agents. You can read part two here.

In part 2, we described the main features of Amplify Central that enables us to integrate them into our own subscription approval process: Webhooks and platform API calls.

In this blog post, we’ll tie it all together and create a Hello World custom API subscription approval flow using Axway’s Integration Builder. The flow will be triggered from a Webhook in Central, use the clientId and clientSecret to get an access_token and then call the subscription API in order to approve the subscription request. These are the minimum steps required for any subscription approval flow.


  • You should already have your Gateway(s) connect to Amplify Central as described in the online docs: Axway API Manager and/or AWS Gateway
  • You should have APIs in your catalog that API consumers can subscribe to
  • You should have a clientId and clientSecret associated with an Amplify Central Service Account (that we created in the part 2)
  • You should have familiarity with Axway’s Amplify Integration Builder

How It Works

An Integration Builder flow with a manual trigger can be triggered via a POST to /formulas/instances/:id/executions using your flow instance id. Refer to the online docs for details. We’ll also need to add a header with authentication details when we configure our webhook to trigger our flow properly.

As mentioned above, the flow will make Amplify API calls to:

  • Retrieve an access_token
  • Approve the subscription request

The flow is shown below and can be downloaded from here:

Integration Builder Flow


The first step, shouldProcess, is a check to make sure that the event is one that we want to process. It’s a JS Script Step with the following contents:

done((trigger.args.type === 'SubscriptionUpdatedEvent') && (trigger.args.payload.subscription.currentState === 'REQUESTED'));

I only want to process events related subscriptions so I check that they type is SubscriptionUpdatedEvent. Also, I only want to approve requests and don’t want to process other subscription events so I check the currentState is REQUESTED.

Note that you may also want to process UPDATE_REQUESTED states as well, but that is beyond the scope of this post


The next two steps deal with getting an access_token.

prepAxwayTokenRequest is a JS Script Step that prepares the headers and form data for the getAxwayAccessToken step that follows. It contains the following:

  'headers': {
      Authorization: 'Basic ' + CE.b64(config.axwayClientId + ':' + config.axwayClientSecret),
      'Content-Type': 'application/x-www-form-urlencoded'
  form: 'grant_type=client_credentials'

getAxwayAccessToken is an HTTP Request Step as follows. You can see the Headers and Body from the prior step. The URL for token request is: https://login.axway.com/auth/realms/Broker/protocol/openid-connect/token.

getAxwayAccessToken HTTP Request Step


The next two steps deal with approving the subscription request.

prepareUpdateSubscriptionRequest is a JS Script Step that prepares the url, headers and body for the updateSubscriptionRequest step that follows. It contains the following:

const apicentralUrl = config.apiCentralUrl ? config.apiCentralUrl : 'https://apicentral.axway.com';

const url = apicentralUrl + '/api/unifiedCatalog/v1/catalogItems/'+trigger.args.payload.catalogItem.id+'/subscriptions/'+trigger.args.payload.subscription.id+'/states';

const body = {
  "description": "Approved via Custom Subsription Flow",
  "state": "APPROVED"

const apiServerHeaders = {
  'Authorization': `Bearer ${steps.getAxwayAccessToken.response.body.access_token}`,
  'Content-Type': 'application/json'

done({url:url, headers:apiServerHeaders, body:body});

updateSubscriptionRequest is an HTTP Request Step as follows. You can see theURL, Headers and Body from the prior step.

updateSubscriptionRequest HTTP Request Step

Flow Instance

Now that the flow template is complete, we need to create a flow instance.

The flow instance is shown below. You can see that you need to enter your clientId and clientSecret. The apiCentralUrl is an optional variable for supporting Central deployments in different geographical regions as they become available.

Integration Builder Flow Instance

The only thing that remains is to configure out webhook by editing the discovery_agent.yml file as shown below:

    mode: webhook
      url: https://staging.cloud-elements.com/elements/api-v2/formulas/instances/463433/executions
        Header=Authorization,Value=User IPJ.......NW4=, Organization 79......c2a05

      host: email-smtp.us-east-1.amazonaws.com
      port: 587

Alternatively, you accomplish the discovery agent configuration by editing the da_env_vars.env file as shown below:

CENTRAL_SUBSCRIPTIONS_APPROVAL_WEBHOOK_HEADERS=Header=Authorization,Value=User IPJ.......NW4=, Organization 79......c2a05

Refer to your Integration Builder account to get the details for the authorization header as shown below:

Integration Builder Authorization Header

Once this is all configured properly, any API subscription request should trigger your Integration Builder flow to approve it automatically. The subscriber will get an email with authentication details for the API.


In this document, we saw how to create a simple, Hello World, custom API subscription approval flow using Axway’s Integration Builder.

Discover a more robust sample custom API subscription approval flow using Microsoft Flow and Microsoft Teams is provided here.