IBM builds and maintains these Open-source solutions for the API developer community:

  • LoopBack: Implement your REST API.
  • API Microgateway: Protect, enrich, and control access to API services.
  • OpenAPI-to-GraphQL: Create a fully functional GraphQL wrapper for existing REST(-like) APIs, described by an Open API Specification (OAS) or Swagger.

We also support these key technologies for API development:

  • Node.js - Get projects done quickly, leverage the broad knowledge of JavaScript, and scale to the massive concurrency needed for mobile, IoT and next-generation web APIs.
  • OpenAPI Spec - Open standard for defining and describing your API.


LoopBack is a highly-extensible, open-source Node.js framework that enables you to:
  • Create dynamic end-to-end REST APIs with little or no coding.
  • Access data from major relational databases, MongoDB, SOAP, and REST APIs.
  • Incorporate model relationships and access controls for complex APIs.
  • Use separable components for file storage, third-party login, and OAuth 2.0.

Getting Started

Assuming you have already installed Node, install the LoopBack CLI tool:

$ npm install -g @loopback/cli

To keep going, see Getting started on


The Microgateway is a developer-focused, extensible gateway framework written in Node.js for enforcing access to Microservices and APIs. It supports the following core features:

  • Secure and control access to APIs using Swagger (OpenAPI) Specification.
  • Collection of pre-built gateway policies for API Key validation, OAuth 2.0, rate limiting, and JavaScript.
  • Create gateway policies (security, routing, integration, etc... ) using Swagger extensions (API Assembly).
  • Simple interfaces for creating your own gateway policies.

The role of a Gateway in an API architecture is to protect, enrich and control access to API services. These sets of capabilities are often related to security and rate limiting, but it also includes the ability to do deeper message inspection.

Getting Started

Ready to install and run a stand alone microgateway:

Step 1: Clone the microgateway repository

git clone 

Step 2: Populate all of the necessary dependencies for the project

cd microgateway
npm install 

To complete the setup and learn more, see the GitHub repository.


OpenAPI-to-GraphQL allows you to take any OpenAPI Specification (OAS) and create a GraphQL interface.
  • Nested data. Schemas and links defined in the OAS are used to compose data definitions. Furthermore, hierarchical path structures can be used to nest data via the addSubOperation option.
  • API Sanitation. GraphQL-incompatible identifiers of your API are sanitized. For example, API parameters or data definitions with unsupported characters (e.g., -, ., ,, :, ;...) are removed.
  • Authentication. OpenAPI-to-GraphQL provides viewers to support passing API keys or basic auth credentials. OAuth 2.0 integration can be handled by the hosting application.

Getting Started

Are you ready to translate from REST to GraphQL? Let's get you started!

Before you install OpenAPI-to-GraphQL, make sure to download and install Node.js (version 8.9.x or higher), a JavaScript runtime.

OpenAPI-to-GraphQL can be used either as a library, or via its Command Line Interface (CLI). To install OASGraph, clone the repository and link the library (for the CLI commands to work) using the indicated steps.

To keep going, visit the OpenAPI-to-GraphQL page.


Maintained by the Node Foundation, Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. As the Foundation describes, "As an asynchronous event driven JavaScript runtime, Node is designed to build scalable network applications."

For more information, see Node.js

Open API

The Open API Initiative (OAI) was created by a consortium of forward-looking industry experts who recognize the immense value of standardizing on how REST APIs are described. As an open governance structure under the Linux Foundation, the OAI is focused on creating, evolving and promoting a vendor neutral description format. SmartBear Software has donated the Swagger Specification directly to the OAI as the basis of this Open Specification. The current version of the OpenAPI specification is OpenAPI Specification 3.0.1.

APIs form the connecting glue between modern applications. Nearly every application uses APIs to connect with corporate data sources, third party data services or other applications. Creating an open description format for API services that is vendor neutral, portable and open is critical to accelerating the vision of a truly connected world.

For more information, see