With API Management, you can specify whether users can call a private API directly or whether they need to obtain permission. While you define and manage the settings of your APIs in API Management, your customers have access to your APIs via the Developer Portal.
Portal visitors who wish to use a private API must first register for it.If approval is required for the plan, the user wants to subscribe to, he has to wait for an API Management user with approval authorization to answer his request. In this tutorial, we explain the approval process and its options.
As users with different authorizations are required for the approval process, this is not a "do it yourself" tutorial.
During this tutorial you will learn
how to request approval for private APIs via the API Developer Portal
how the approval process works within API Management
how to consume private APIs via the API Developer Portal
All content in a lighter font color refers to the story of the tutorial.
A Short Introduction to API Management Concepts
The main elements of API Management are grouped within an Organization, which is the "container" for all other elements such as Clients, Plans and APIs. APIs represent real backend APIs (Application Programming Interfaces). API Management provides a way to turn unmanaged (raw) back-end APIs intomanagedAPIs by attaching policies to them.
Every managed API can be published aspublicAPI or privateAPI:
Public APIs...
Private APIs...
... reside in an organization.
... can contain policy definitions.
... are accessible to everyone.
... reside in an organization.
... can contain policy definitions.
... can only consumed by a client via a contract and a plan.
Plans and clients can also contain policies.
Policies are rules or units of work applied when the API is accessed.
APIs are created within API Management. They are provided via the API Developer Portal from where consumers of the API have access to them.