Page History
To view all APIs your user is allowed to see, go to tab My APIs in the navigation bar.
| The APIs are listed by organizations.
| ||||||||
| You can also view the list of existing APIs for an organization by navigating to the APIs tab of the organization's details page. Click on an API tile to open the API's details page. Use the details page to modify the configuration. |
Basic Settings
The Overview tab displays the most important information about an API and also offers various functionalities:
| UI Element | Name | Description | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Basic Settings (available in all tabs) | ||||||||||
| 1 | Image | Click the API logo to upload your own image for this API. The image will be displayed in the API tile in API Management as well as in the API Developer Portal.
| ||||||||
| 2 | Name / Description |
| ||||||||
| 3 | Version | In this field, the current version of the API is displayed. Use the drop-down to switch between versions.
| ||||||||
| 4 | Delete | Click Delete
| ||||||||
| 5 | Status | In this field, the current status of the API is displayed. Use the drop-down to change the status. An API can have the following states: | ||||||||
| 6 | Navigation Bar | Use the navigation bar to access the various tabs of the API's details page (details of all tabs see below). | ||||||||
| Overview Tab Settings (available only in tab Overview) | ||||||||||
| 7 | API Endpoint | Displays the endpoint of this API in read-only mode. Click Copy to clipcoard | ||||||||
| 8 | Attached Policies | Displays a read-only overview on all policies assigned to this API. You can click on the name of a policy. This opens tab Policies where you can adapt the policies of this API. | ||||||||
| 9 | API Type | This section displays the API type and associated settings:
Click on the type labels | ||||||||
| 10 | Useful Information | The displayed labels show some additional information about the API. The labels are interactive: Click on an entry to switch to the corresponding tab.
| ||||||||
API Details
In the navigation bar of the details page, you will find several tabs where you can manage the various settings of the API. Refer to Configuring an API for more information about the necessary configuration steps.
Settings
Open tab Settings to provide the details about the backend API implementation:
The following settings are available in this tab:
| UI Element | Name | Description | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Implementation | The URL that the API Management will use to proxy a request made for this API. | |||||||||
| 2 | API Developer Portal | Enable option Feature this API if you want to display the API on the landing page of the API Developer Portal.
| |||||||||
| 3 | Advanced Settings | Expand this section to display advanced options. | |||||||||
| API Type | Choose between the options REST, SOAP and UI. | ||||||||||
| API Content Type | You can select JSON or XML. This information is primarily used to respond with a policy failure or error in the appropriate format. | ||||||||||
| Gateway | Use the drop-down list to switch between different gateways.
| ||||||||||
| API Security | Choose between the options None, Basic Auth and MTLS/Two-Way-SSL.
Endpoint Level Security Policy security alone does not secure an API’s unmanaged endpoint. Endpoint security also secures the APIs from attempts to bypass the gateway. Scheer PAS API Management supports two endpoint security options: Basic Auth and MTLS (Two-Way-SSL). With Mutual TLS, a two-way trust pattern is created. The gateway trusts the APIs and the APIs trust the gateway. The APIs, however, do not trust the clients. The use of enpoint security prevents that a client can bypass the gateway and access the APIs directly.
| ||||||||||
| Enable Stateful Request Payload Inspection | If this feature is enabled, the gateway will parse the request body into an object prior to applying the policies. This allows policies to make decisions based on the content of the request payload. | ||||||||||
| Disable Request Key Stripping | If this feature is enabled, the gateway will not strip the X-API-KEY and apikey query parameter from the request. This allows the gateway to send the keys to the backend endpoint (see also APIKEY policy). | ||||||||||
| 4 | API Type Visibility Plans |
| |||||||||
Defining the Visibility
If you have enabled the option Public API, you can define the desired visibility for your API below. This affects the view in the API Management itself as well as in the API Developer Portal.
Click on the option you want to apply:
- All members of the organization.
- The PAS user must be listed in one of the Identity Management groups API-Management-Users, API-Management-Administrators or API-Management-Developer-Portal-Users .
- Any PAS user listed in Identity Management groups API-Management-Users or API-Management-Administrators .
- Any PAS user listed in Identity Management group API-Management-Developer-Portal-Users and any user who visits the API Developer Portal, whether logged in or not.
Refer to Configuring an API for details. | |||
| 5 | Plan and Visibility Management |
Refer to Configuring an API for details. | |
| Multiexcerpt include | ||||||
|---|---|---|---|---|---|---|
|
Attaching Plans
If option Public API is disabled, you need to attach at least one plan to the API.
All available plans are displayed below.
| Multiexcerpt include | ||||||
|---|---|---|---|---|---|---|
|
To attach a plan, drag them from section Available Plans to section Attached Plans.
Once a plan is attached, you can configure the following options:
Click one of the options to define the desired visibility for this plan. This affects the view in the API Management itself as well as in the API Developer Portal. See Defining the Visibility for an overview on the available visibility options.
Documentation
In the Documentation tab you can manage the API definition and the description of the API.
API Definition
An API definition file allows consumers to better understand how to use your API. If you want to test your API directly from API Management, it is necessary to have an API definition.
The following options are available in the API Definiton tab:
| UI Element | Setting | Description | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | API Definition Type | Use the drop-down menu API Definition Type to select the type of your definition file:
| ||||||||
| 2 | API Definition URL | If you want to load the API definition from a URL source, you can enter the URL in this field. | ||||||||
| 3 | Import API Definition | Once you have provided a URL in field API Definition URL, use this button to import the API definition. | ||||||||
| 4 | Get API Definition | This button offers two options once an API definition has been provided:
| ||||||||
| 5 | Definition Validity | The icon indicates whether the content of the definition editor is valid | ||||||||
| 6 | Definition Editor | The editor allows you to adapt the displayed definition. Manual changes are automatically saved, but using Import API Definition again overrides the manual changes.
| ||||||||
| 76 | Definition Content | In this section, the definition is displayed in a formatted, read-only version. |
If you have imported the API from the PAS Administration, the API definition is populated automatically. Alternatively, you can load a definition from a URL, or add a definition manually:
Instructions
Adding a Definition Manually
If no definition has been imported, you can add a definition manually:
- Select a definition type from the dropdown box.
- Paste, or drag and drop the definition to the empty definition box.
Loading a Definition from a URL
If no definition has been imported or if you need to update an existing definition, you can import a definition from a URL:
- Select a definition type from the dropdown box.
- Add the URL to a Swagger or WSDL file containing the definition.
- Click Import API Definition.
. Refer to Configuring an API for details.
| Multiexcerpt include | ||||||
|---|---|---|---|---|---|---|
|
Updating a Definition
If the definition of an imported API needs to be updated, you have to do this manually as there is no automatic re-import:
Markdown Description
In tab Markdown Description you can provide a description of your API to help developers understand how to use your API. To enable others to easily use your APIs, it is important to provide them with extensive API documentation. You can provide your description by either using the markdown or a text editor:
Policies
The Policies tab allows you to manage the policies that should be applied whenever a request is made to this API. The order of the policies is important: The order in which the policies appear in the user interface determines the order they will be applied at runtime (refer to Policies > Policy Chain for details).
To add another policy to this plan, click one of the Plus buttons . You will be redirected to page Add Policy, where you can choose a policy and customize it (refer to Attaching Policies for details). If you want to adapt an attached policy, click Edit
to open the policy configuration. If you want to delete a policy from this API, click Delete
.
Multiexcerpt include SpaceWithExcerpt INTERNAL MultiExcerptName tip_infos_about_policies PageWithExcerpt INTERNAL:_api_excerpts
Contracts
Use tab Contracts to display a list of all contracts between all clients and this API. The list shows all clients that can consume this API and also clients that are waiting for their request to be approved (refer to Handling Approval Requests for details):
Metrics
Navigate to tab Metrics in the APIs section of API Management to display basic metric information about the API. Once an API has been used, you can use the Metrics tab to view basic analytics information and to figure out, how often the API has been used and when.
| Multiexcerpt include | ||||||
|---|---|---|---|---|---|---|
|
Change Log
Navigate to the Change Log tab if you want to see an overview of changes made for this API. All configuration changes made by API Management users associated with this API are listed here:
| Panel |
|---|
| Otp | ||||
|---|---|---|---|---|
|
| ||
|
| Panel | ||
|---|---|---|
| ||
| Panel | ||
|---|---|---|
| ||
Overview
Content Tools