Managing a Private API - Step by Step
This tutorial explains step by step how to create all necessary elements of API Management to be able to manage a private API. Private APIs are APIs that are only accessible for known consumers (clients).
All content in a lighter font color refers to the story of the tutorial.
Follow Our Example User Story
ACME Corp. uses Scheer PAS API Management to provide customers with access to the ACME APIs. For example, ACME Corp. is running the test service RESTAPI_Echo_Example which implements a very basic REST service that is perfect for testing. Now David Stringer of ACME Corp. wants to enable the developers of customer Spring Corp. to use this service. So David is going to setup private API access to the service RESTAPI_Echo_Example.
You are going to help him with that task.
During this tutorial you will build up the following: Organization STRINGER containing the PrivateEchoAPI, which will be consumed by client Spring Corp. via plan Gold which contains the Rate Limiting Policy.
Please make sure that the name of the created elements such as organizations, APIs, clients etc. is unique. You can use your own name as pre- or suffix, e.g. PublicEchoAPI_David.
During this tutorial you will learn
how to create an organization
how to create a plan
how to import the API of an xUML service from the PAS Administration to API Management
how to create a client
how to add a contract
how to apply policies to plans and APIs
how to restrict the visibility of an API
how to test API access in API Management
how to consume a private API via the API Developer Portal
A Short Introduction to API Management Concepts
The main elements of API Management are grouped within an Organization, which is the "container" for all other elements such as Clients, Plans and APIs. APIs represent real backend APIs (Application Programming Interfaces). API Management provides a way to turn unmanaged (raw) back-end APIs into managed APIs by attaching policies to them.
Every managed API can be published as public API or private API:
Public APIs... | Private APIs... |
---|---|
|
|
|
APIs are created within API Management. They are provided via the API Developer Portal from where consumers of the API have access to them.
For more information on the concepts of API Management, refer to The Concepts of API Management.
Prerequisites
The following elements must be present or installed in order to be able to go through the step-by-step tutorials:
You need an up-and-running installation of Scheer PAS and access to the components API Management and Administration.
The RESTAPI_Echo_Example must be deployed in the administration component. You can download the repository here to deploy it: RESTAPI_Echo_Example.rep
How to Deploy the Example
Deploy the service via the deployment wizard within the PAS Administration. To access the deployment wizard, open the Administration:
Your user needs the profile xuml_container_admin to use the deployment wizard and to manage xUML services in the Administration.
Use option + Service in the navigation bar to open the deployment wizard:
The wizard opens in a separate pop-up window. As soon as you have selected the .rep file of the service, the wizard guides you through the necessary steps to deploy the xUML service:
In step 2 of the deployment wizard, please adjust the service name so that it matches your user, e.g. restapi-echo-example-stringer.
Refer to Working With the Deployment Wizard in the Administration Guide for detailed step-by-step instructions.
Related Documentation: