Skip to main content
Skip table of contents

API Settings

To view all APIs your user is allowed to see, go to tab My APIs in the navigation bar. The APIs are listed by organizations.

For detailed information about navigating and filtering the list refer to Working With the API Management.

You can also view the list of existing APIs for an organization by navigating to the APIs tab of the organization's details page. Click on an API tile to open the API's details page. Use the details page to modify the configuration:

apis_tab.png

Basic Settings

The Overview tab displays the most important information about an API and also offers various functionalities:

UI Element

Name

Description

Basic Settings (available in all tabs)

(1)

Image

Click the API logo to upload your own image for this API. The image will be displayed in the API tile in API Management as well as in the API Developer Portal. 

This setting is valid for all versions of the API.

(2)

Name / Description

  • Name: The name of the API is displayed in read-only mode.

  • Description: The description of the API is changeable. Click in the field and start writing if you want to alter the displayed text. Your changes are saved automatically.

This setting is valid for all versions of the API.

(3)

Version

In this field, the current version of the API is displayed. Use the drop-down to switch between versions.To create a new version, click New Version (refer to The Concepts of API Management for detailed information).

(4)

Delete

Click Delete to remove the API. You will need to confirm the deletion in a separate pop-up window.This setting is valid for all versions of the API.

(5)

Status

In this field, the current status of the API is displayed. Use the drop-down to change the status. An API can have the following states:

status_created.png
status_unpublished_changes.png
status_published.png
status_retired.png

(6)

Navigation Bar

Use the navigation bar to access the various tabs of the API's details page (details of all tabs API Details).

Overview Tab Settings (available only in tab Overview)

(7)

API Endpoint

Displays the endpoint of this API in read-only mode. Use option Copy to clipcoard to copy the endpoint. Use option Try! to open the test UI for this API (refer to API Details for more information).

(8)

Attached Policies

Displays a read-only overview on all policies assigned to this API. You can click on the name of a policy. This opens tab Policies where you can adapt the policies of this API.

(9)

API Type

public_api.png
private_api.png

This section displays the API type and associated settings:

  • Public API: For public APIs, no further information is shown, because the public endpoint is displayed directly in the API Developer Portal.

  • Private API: For private APIs, the assigned plans and their visibility are displayed, as well as information on whether approval is required when a contract is created in the Developer Portal.

Click on the type labels to open tab Settings where you can adapt the API's implementation.

(10)

Useful Information

The displayed labels show some additional information about the API. The labels are interactive: Click on an entry to switch to the corresponding tab.

  • Pending Approvals: Shows the number of open approval requests. Clicking the label will open tab Contracts.

  • Active Contracts: Shows the number of contracts associated with this API. Clicking the label will open tab Contracts.

  • Markdown: Indicates if documentation has been entered or not. Clicking the label will open tab Documentation.

  • API Definition: Indicates if an API definition has been saved or not. Clicking the label will open tab Documentation.

API Details

In the navigation bar of the details page, you will find several tabs where you can manage the various settings of the API. Refer to Configuring an API for more information about the necessary configuration steps.

Settings

Open tab Settings to provide the details about the backend API implementation:

The following settings are available in this tab:

UI Element

Name

Description

(1)

Implementation

The URL that the API Management will use to proxy a request made for this API.

(2)

API Developer Portal

Enable option Feature this API if you want to display the API on the landing page of the API Developer Portal.

This setting is valid for all versions of the API.

(3)

Advanced Settings

Expand this section to display advanced options.

API Type

Choose between the options REST, SOAP and UI.

API Content Type

You can select JSON or XML. This information is primarily used to respond with a policy failure or error in the appropriate format.

Gateway

Use the drop-down list to switch between different gateways.

Only one gateway is supported in the current version of API Management.

API Security

Choose between the options None, Basic Auth and MTLS/Two-Way-SSL.

Please note that BASIC Authentication is not ideal. It is especially insecure if not using SSL/HTTPS to connect to the backend API.

Endpoint Level Security

Policy security alone does not secure an API’s unmanaged endpoint. Endpoint security also secures the APIs from attempts to bypass the gateway. Scheer PAS API Management supports two endpoint security options: Basic Auth and MTLS (Two-Way-SSL). With Mutual TLS, a two-way trust pattern is created. The gateway trusts the APIs and the APIs trust the gateway. The APIs, however, do not trust the clients. The use of enpoint security prevents that a client can bypass the gateway and access the APIs directly.

The endpoint level of security applies to all requests made to the APIs, regardless of the policies configured.

Enable Stateful Request Payload Inspection

If this feature is enabled, the gateway will parse the request body into an object prior to applying the policies. This allows policies to make decisions based on the content of the request payload.

Disable Request Key Stripping

If this feature is enabled, the gateway will not strip the X-API-KEY and apikey query parameter from the request. This allows the gateway to send the keys to the backend endpoint (see also API Key policy).

(4)

API Type

  • If the option is enabled, the API is accessible publicly and you can define the Visibility in this section.

  • If the option is disabled, the API is not accessible publicly and you can attach the Available Plans in this section.

Refer to Configuring an API for details.

(5)

Plan and Visibility Management

  • Colum Available Plans displays all plans that are available in the corresponding organization.

  • Drag the plans you want to use with this API to column Attached Plans.

  • Attached plans contain a visibility section where you can define the user group that should be able to see the API in the API Developer Portal (refer to The Concepts of API Management > Visibility for details).

Refer to Configuring an API for details.

Documentation

In the Documentation tab you can manage the API definition and the description of the API.

API Definition

An API definition file allows consumers to better understand how to use your API. If you want to test your API directly from API Management, it is necessary to have an API definition. If you have imported the API from the PAS Administration, the API definition is populated automatically. Alternatively, you can load a definition from a URL, or upload a definition file. Refer to Configuring an API for details.

The OpenAPI definition is adapted, when the API is published:

  • The API's name, version number and markdown description are taken over in the code displayed in the definition editor.

  • Adding or removing policies enriches the OpenAPI definition.
    (This also applies to the whole policy chain, even if the definition editor in the API details will only show API-related policy code.)

The following options are available in the API Definiton tab:

UI Element

Setting

Description

(1)

Download OpenAPI

This button offers three options once an API definition has been provided:

  • Click the button to download the YAML file containg the OpenAPI definition.

  • Click the arrow to access additional options:

    • Select Copy URL to copy the URL of the OpenAPI definition.

    • Select Copy Content to copy the content of the OpenAPI definition.

(2)

Update URL

This button offers two options:

  • Click Update URL if you want to change API definition URL source.

  • Click the arrow to access the additional option Upload File. You can then select the definition file you want to upload.
    Supported formats are

    • OpenAPI & Swagger v2/v3 (JSON)

    • OpenAPI & Swagger v2/v3 (YAML)

    • WSDL

(3)

Definition Validity

The label indicates whether the content of the OpenAPI definition is valid or not. The validity label is only displayed when option is Show Definition Editor enabled.

(4)

Show Definition Editor

Enable this option to display the definition editor. The editor contains the OpenAPI definition.

The definition editor allows you to adapt some content of the displayed definition, but changes on the policy logic will be overwritten during reload of the editor or publication of the API:

Please note that the autosave in the editor is not triggered after the upload of an invalid file.
If the definition content shows the message Unable to render this definition, your changes are not saved but discarded if you leave the page.

(5)

OpenAPI Definition

In this section, the definition is displayed in a formatted, read-only version.

Markdown Description

In tab Markdown Description you can provide a description of your API to help developers understand how to use your API. To enable others to easily use your APIs, it is important to provide them with extensive API documentation. You can provide your description by either using the markdown or a text editor. The entered content is automatically saved and included in the OpenAPI definition, refer to API Definition):

Policies

The Policies tab allows you to manage the policies that should be applied whenever a request is made to this API:

api_tab_policies.png

The order of the policies is important: The order in which the policies appear in the user interface determines the order they will be applied at runtime (refer to Policies > Policy Chain for details).

Option

Icon

Description

Add

add_policy_icon.png

To add another policy to this API, click one of the Plus buttons.
You will be redirected to page Add Policy, where you can choose a policy and customize it (refer to Attaching Policies for details).

Reorder

drag_policy_icon.png

Drag the policy and drop it on the desired new place in the hierarchy.

Edit

edit_policy_icon.png

If you want to adapt an attached policy, click Edit to open the policy configuration.

Reorder

delete_policy_icon.png

If you want to delete a policy from this API, click Delete

Refer to chapter Policies for an overview of the standard policies supplied with Scheer PAS API Management. Page Attaching Policies explains how to attach and configure a policy.

Contracts

Use tab Contracts to display a list of all contracts between all clients and this API. The list shows all clients that can consume this API and also clients that are waiting for their request to be approved (refer to Handling Approval Requests for details):

Metrics

Navigate to tab Metrics in the APIs section of API Management to display basic metric information about the API. Once an API has been used, you can use the Metrics tab to view basic analytics information and to figure out, how often the API has been used and when.

apis_tab_metrics.png

Refer to Metrics for detailed information about the available options.

Change Log

Navigate to the Change Log tab if you want to see an overview of changes made for this API. All configuration changes made by API Management users associated with this API are listed here:

api_tab_changelog.png

Related Documentation:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.