Exposing Designer Services via API Management
For xUML services that have been deployed from the Designer as a container, secured endpoints are created automatically. However, these services are only usable internally and are not exposed to users outside the company. If you want to make them available to others, you can publish them via Scheer PAS API Management and restrict their usage with additional policies.
The following explanations apply to xUML services without user context (forms or role check).
Managing the Designer Service
In the Designer, you have created a REST service that contains neither forms nor a process.
Example: We use a REST service named SupportAPI that handles support cases which are stored to a MongoDB.
Choose the deployment target Container. From the service details page, open the service in the PAS Administration:
In the Administration, you can access the service details, which also contain the information about the service endpoints. Use option Import API to transfer the endpoint to API Management:
You are now redirected to API Management and a wizard will guide you through the creation of the API (refer to Creating an API for a step-by-step guide).
Configuring Your API
You imported the API to API Management, because you want to make it (publicly) available for others to consume. If you want to control the use of your API, differentiate between access groups and benefit from various metrics, we recommend creating a private API (refer to API Types: Public vs. Private for further details).
Example: Our example service handles support cases. The API should be usable by two different access groups:
Users with limited permissions who can only create support tickets.
Support administrators who can create and manage support tickets.
Therefore we choose to create a private API with two different plans.
No matter where you are in the API Management, the Create button is always displayed at the bottom right and opens the creation menu. Open the menu and click Create Plan to add a new plan:
Follow the wizard through some simple steps. You need to...
... select the organization in which the plan should be created.
... enter a name for the plan.
... enter a version for the plan.
You can also enter a description, but this is optional.
Example: We create a plan for our first use case (users with limited permissions).
If you want to create plans for users with limited access, you have to assign appropriate policies. On a newly created plan, you can use the link Click here to attach a new policy in the Overview tab:
You can also switch to tab Policies and add your policies here.
Expert Advice
Refer to Policy Configuration for an overview on all policies supported by Scheer PAS API Management.
The policy wizard supports you during policy configuration. Click on the policy tile to open the policy configuration.
Example: We choose the Ignored Resources policy.
Now, configure the policy according to your requirements.
Example: We configure the ignored resources policy in a way that support case creators cannot receive or delete support requests.
Click Next to see a summary of your configuration. Confirm the summary to attach the policy. The policy is added to the plan, you are now able to lock it:
Only locked plans can be used by APIs in the organization. Refer to Locking a Plan for details.
In the same way, we create a second plan for support case administrators. Administrators don't have any restrictions because they should be able to access all support tickets. Therefore, their plan has no policies assigned:
Now, you need to assign the plans to your API. Go to the API details page, open tab Settings and do the following:
Attach the plans you want to use with drag & drop.
Set Require Approval for the plans that are not to be available to everyone.
Choose the visibility of the plans.
Expert Advice
Read more about the visibility concept on page The Concepts of API Management.
Example:
(1) Attach: We want to use both created plans, so both are attached to the API.
(2) Require Approval: Everyone should be able to use the API for suport ticket creation, but we want to approve the users with admin permission. Therefore, the usage of plan Support Case Admin needs approval.
(3) Visibility: Both plans should be visible to all visitors of the API Developer Portal.
You have completed the necessary steps to configure your API. Now, you can publish it to make it publicly available:
The API is available in the API Developer Portal. Users can now sign up for it: