1On the API Console page, click the Managed APIs tab.
2Click the Actions menu on the row of the managed API and select Test Managed API.
To test an operation of an API, click the API to expand the list of operations for the API, and then click Test Operation. You can test an operation of a managed API only when the API is in the Active state.
3Click API Policies > Security.
4In the Authentication panel, click Generate New Token.
The Generate New Token option is be enabled only if the API-level JSON web token is selected.
Optionally, edit the expiration date and time. You can choose a maximum of 180 days for the expiration date.
For more information about using an API-level authentication policy, see API Policies.
5Click Operations and select an operation.
6On the Test tab, click Authorize.
If the managed API requires authentication, the Available authorizations dialog box appears.
7Enter the JSON web token value to authenticate the managed API, and click Authorize.
8To view the API request body and response code, click anywhere on the Swagger endpoint.
9To test the API, in the request body panel, perform the following steps:
- aClick Try it out.
- bEnter the parameter values if required.
Edit the request body and replace the example values of request fields with any value of your choice.
- cTo test the managed API, click Execute.
The server response panel displays the response body and response headers.
To clear the server response, click Clear.
To exit the edit mode of the request body, click Cancel. The changes done to the request body are retained.
To reset the changes made to the request body, click Reset.
To change the request body again, click Try it Out.
Note: When you run a managed API endpoint that has response caching configured, the response caching doesn't work if the upstream API response is in compressed format. The Accept-Encoding request header typically contains a comma-separated list of encoding formats, such as gzip, br, and deflate. The Accept-Encoding request header is added by default in Postman or web browser. To resolve the issue of honoring the response caching, use Postman to disable the Accept-Encoding header in your request, and then invoke the API. However, if you invoke the API from a web browser, Accept-Encoding is added automatically. As a result, the response caching policy might not be honored.