There are two types of remote web services: REST APIs and SOAP APIs. DreamFactory is a secure, self-hosted enterprise data access platform that provides governed API access to any data source, connecting enterprise applications and on-prem LLMs with role-based access and identity passthrough. If you want to wrap a SOAP API and make it easier to work with through the use of REST endpoints, this simple tutorial will enable you to achieve that goal.
If you want to wrap a SOAP API and make it easier to work with through the use of REST endpoints, this simple tutorial will enable you to achieve that goal.
With this process, you'll be able to make a request with JSON to the API and receive a response in JSON instead of a long-winded XML format. In turn, your team will save time and cut out delays and frustration thanks to the simple and effective process that will result from this simple change.
The use case here is a team that has a SOAP API and wants to wrap that API in REST so that you can call it with ease.
There are many applications where you're likely to find this useful and, in fact, just about every team out there that works with such APIs will probably benefit from going through this simple process.
The steps are truly very simple to follow.
Begin by locating the API that you want to work with.
If starting from scratch, go to Create and select SOAP Service then fill in all the information. Give it a name, label, and a short description before making it active.
We're going to use an example named temp with the label Temperature and a short description explaining that it's a SOAP service capable of doing a temperature conversion.
At the base level, all you really need to do is provide a WSDL URI in the Config tab for the service you are attempting to work with.
For our example, we'll use:
https://www.w3schools.com/xml/tempconvert.asmx?WSDLThis is a simple public one that you could use. It will give you a working web service wrapped with REST and live documented with Swagger.
Once you save your URI in DreamFactory, it will create live API docs in Swagger that are completely REST-based.
Scroll down the list and locate the API you're working with. When you click on it, some endpoints will appear. The number of endpoints you have available to you will depend on the specific API that you are working with.
Our example happens to have two endpoints, both of which we can use with ease directly in the DreamFactory dashboard.
With our example, we can do a quick Get request to see what's available. This will show us things like the calls we can make with our API.
In our example, we have two options. First, we can convert a given temperature with a Celsius to Fahrenheit conversion. The other option is to convert a temperature with a Fahrenheit to Celsius conversion.
Therefore, this option gives us two Post request options (Celsius to Fahrenheit or Fahrenheit to Celsius). Selecting one of these Post requests will populate the body post and enable us to get the information we need.
There are several reasons your team might choose this method. The most impactful are simplicity, security, and governed access for modern workloads including AI agents and enterprise applications.
These are benefits that every use case will see upon implementing this method into their workflow.
These are benefits that every single use case will see upon implementing this method into their workflow.
As you can see from our example, using this method makes things extremely simple. Not only are requests suddenly quick and easy, your APIs will be quickly locatable through the DreamFactory dashboard and so much simpler to manage for you and your team.
Overall, implementing this method to use with your APIs will make workflows so much faster for everyone who has to work with them regularly. This method negates the need for long-winded XML requests and makes managing your databases much more convenient and efficient overall.
Beyond simplicity, another major benefit is security and governance. DreamFactory enforces role-based access control, identity passthrough, and full audit logging on every wrapped endpoint.
Once you have wrapped your SOAP API, you can assign users to roles that control exactly which services, endpoints, and HTTP methods they can access. Identity passthrough ensures that every request carries the actual user's identity rather than a shared service account, which keeps audit trails accurate and supports compliance requirements.
To configure this, head to Roles and select one from the list. Under the Access tab for a specific role, you can assign services to the role by pressing the + icon. Select the service from the drop-down list and define which methods (GET, POST, PUT, DELETE) that role is allowed to use.
This gives you governed, auditable access when wrapping SOAP APIs in REST endpoints, whether the consumer is a developer, an internal application, or an AI agent querying enterprise data.
Transforming data between SOAP and REST formats is a common requirement when integrating legacy systems with modern web applications. DreamFactory provides robust scripting capabilities that enable developers to manipulate and transform data easily. By leveraging DreamFactory’s scripting options, such as Node.js, PHP, and Python, you can create custom logic to handle the complexities of SOAP to REST conversions efficiently.
SOAP and REST APIs often have different data formats and structures. SOAP uses XML for its message format, while REST typically uses JSON. To ensure seamless communication between these two API types, data must be transformed from one format to another. This transformation ensures compatibility and allows modern applications to interact with legacy SOAP services without issues.
DreamFactory supports server-side scripting in multiple languages, including Node.js, PHP, and Python. These scripts can be executed at various points in the API request/response lifecycle, allowing for flexible and powerful data transformations.
With this setup, you provide a WSDL URL and DreamFactory auto-generates governed REST endpoints with OpenAPI documentation. Your applications, internal tools, and AI agents can then call those REST APIs with role-based access control and identity passthrough enforced on every request.
DreamFactory makes the process straightforward. This tutorial should enable you to get everything set up and functioning correctly without delays. The steps are easy to follow so long as you do everything in the right order.
In addition to wrapping SOAP APIs, DreamFactory automatically generates governed REST APIs for databases, warehouses, file stores, SaaS apps, and legacy systems including SQL Server, Postgres, MySQL, MongoDB, Oracle, Snowflake, and more.
Using REST endpoints offers simplicity and security. It simplifies API requests, making them quick and easy to manage. Additionally, security benefits can be achieved through role access functions, allowing control over user access to specific services.
How does DreamFactory enhance API management?
DreamFactory simplifies API management by automatically generating governed REST APIs from any data source, including SOAP services, databases, and file stores. It enforces role-based access control, identity passthrough, and audit logging on every endpoint. The platform provides OpenAPI documentation, rate limiting, and field-level security, giving teams a single governed layer for enterprise applications and AI workloads.
When you wrap a SOAP API in REST endpoints with DreamFactory, you get role-based access control, identity passthrough, and full audit logging on every request. This means you can assign granular roles that control access down to specific services, endpoints, and fields. Identity passthrough ensures audit trails reflect the actual user behind each request, not a shared service account. This is critical for compliance in regulated environments and for governing access from AI agents and enterprise applications.
The advantages include faster workflows, simplified API requests, governed security with role-based access and identity passthrough, and centralized API management with full audit logging. This method removes the complexity of XML requests and gives teams a single governed layer that serves developers, enterprise applications, and AI agents accessing legacy data.