What is a Plan?
A plan is a set of policies that defines the level of service API Management provides for an API. When an API is consumed, it may be consumed through a plan.
An organization can have multiple plans associated with it. Typically each plan within an organization consists of the same set of policies but with different configuration details.
Example:
| Within the ACME Corp. Organization three differents plans have been created:
|
Once a plan has been fully configured - all desired policies have been added and customized - the plan must be locked. Only locked plans can be used by APIs. This is necessary to prevent that API providers change the details of the plan while the client developers are already using it.
Once a plan is locked, it cannot be revised anymore. However, you can still create a new version of this plan.
API Contracts and API Keys
Only public APIs can be accessed by any consumer. The only way for a client to consume a private API is by using an API contract. An API contract is a link between a client and an API through a plan offered by that API. API contracts can only be created between clients and published APIs which are offered through at least one plan. An API contract cannot be created between a client and a public API. When an API contract is created, the system generates a unique API Key. This key is unique per client and the same for all contracts of this client. All requests made to the API by a client through the gateway must include this API Key. The API Key is used to create the runtime policy chain from the policies configured on the API, plan and client. You can forward the X-API-Key to the service using the API Key policy. However, you cannot define your own value for the X-API-Key, since the gateway uses the key to identify the clients.
On this Page:
Overview
Content Tools