Chapter | Name | Excerpt | Usage |
---|
Policies | api_behind_proxy |
Please disable the TLS check if you are using Scheer PAS 21.1 or a newer version, because all PAS components are running behind a proxy server.
|
|
| |
Policies | api_blacklist_whitelist | | |
Terms & Definitions | api_contracts_and_keys |
Only public APIs can be accessed by any consumer. The only way for a client to consume a private API is by using an API contract. An API contract is a link between a client and an API through a plan offered by that API. API contracts can only be created between clients and published APIs which are offered through at least one plan. An API contract cannot be created between a client and a public API. When an API contract is created, the system generates a unique API Key. This key is unique per client and the same for all contracts of this client. All requests made to the API by a client through the gateway must include this API Key. The API Key is used to create the runtime policy chain from the policies configured on the API, plan and client. You can forward the X-API-Key to the service using the API Key policy. However, you cannot define your own value for the X-API-Key, since the gateway uses the key to identify the clients. |
|
| |
General Notes, Infos, Tips | api_displayed_when_published |
This tab is only visible for published APIs. |
|
| |
General Notes, Infos, Tips | api_displayed_when_registered |
This tab is only visible for registered clients. |
|
| |
Developer Portal | api_doc_and_definition
|
The API Documentation button and a button to download the API definition file are also available here. |
| |
Developer Portal | api_documentation_button
|
The API Documentation button grants access to the Swagger UI where the user can test the API (refer to Testing APIs for further information). |
| |
Policies | api_enable_option |
It is strongly recommended to enable this option.
|
|
| |
General Notes, Infos, Tips | api_link_to_policy_page |
Refer to Policies for an overview of the standard policies supplied with Scheer PAS API Management. Refer to Assigning Policies for detailed explanations on how to configure a policy. |
|
| |
Policies | api_move_policies |
The order of the policies is important. The order in which the policies appear in the user interface determines the order they will be applied at runtime. You can drag a policy up and down the list to change the order: |
| |
General Notes, Infos, Tips | api_my_all_hint |
If you want to edit API Management elements, you need to access them via the My... menu items (refer to "My" API Management items). |
|
| |
Clients | api_registered_client |
Before the client is registered with the runtime gateway, it is not possible to make requests to backend APIs on behalf of that client. |
|
| |
General Notes, Infos, Tips | api_save_when_finished |
Do not forget to click the Save button when you have finished. |
| |
Developer Portal | api_version_label |
If more than one version of the API is available, the latest version will be displayed on top. To see the details of earlier versions, expand the labels below the open details page. |
| |
General Notes, Infos, Tips | api_version_number_note |
You can enter numbers and text in the Version field which allows the use of version numbers (e.g. 1.0, 2.1 ...) as well as version descriptions (e.g. Gold, Super etc.). |
|
| |
APIs | api_visibility
|
- Organization Members (default): All members of the organization. The PAS user must be listed in one of the Identity Management groups API-Management-Users, API-Management-Administrators or API-Management-Developer-Portal-Users.
- API Management Users: Any PAS user listed in Identity Management groups API-Management-Users or API-Management-Administrators.
- API Developer Portal Visitors: Any PAS user listed in Identity Management group API-Management-Developer-Portal-Users and any user who visits the API Developer Portal, whether logged in or not.
For detailed information about the visibility concept, visit page The Concepts of API Management. |
| |
General Notes, Infos, Tips | api_work_with_items |
Click to add a new item to a list, click to show/hide the list of items. |
| |
Developer Portal | approver_confirmation
|
For security reasons, the approver needs to confirm his choice. |
| |
Developer Portal | confirm_deletion |
For security reasons, you need to confirm the deletion. |
| |
Developer Portal | copy_to_clipboard
|
Use icon to copy the key to the clipboard. |
| |
Developer Portal | corresponding_message_in_portal
|
The user gets a corresponding notification in the API Developer Portal. |
| |
Policies | cors_policy_chain |
API Management sets the CORS headers in the following order: - CORS headers from the CORS policy have the highest priority.
- If no CORS policy has been defined, CORS headers from the external API are used.
|
| |
Terms & Definitions | definition_api |
APIs in API Management represent real back-end APIs (Application Programming Interfaces). An API is also known as a service, meaning anything that can be invoked remotely by some sort of client. API Management provides a way to turn unmanaged (raw) back-end APIs into managed APIs by attaching policies to them. Every managed API can be published as Public API or Private API or both: - Public APIs are available to consumers without a key. Only policies defined on the API apply to public APIs.
- Private APIs are only accessible for known consumers, called clients. Every client has an individual key to access the API. Policies defined on the client, the selected plan in the contract and the API apply.
In API Management, users can create new APIs manually or easily import them from the API Catalog. |
| |
Terms & Definitions | definition_client |
The client is the consumer of the API: - The client consumes managed APIs offered through API Management.
- Each client can consume multiple APIs within API Management. The relation between client and API is defined via a contract and a plan.
- As with an API or a plan, you can also add policies to a client. When creating a contract, an API-Key to invoke the API will be assigned.
|
| |
Terms & Definitions | definition_contract |
A contract relates a client to an API, using a plan. |
| |
Terms & Definitions | definition_organization |
Almost everything in the API Management data model exists in the context of an organization: - An organization is a logical unit within API Management. This can be a company, department, etc.
- An organization is a container of other elements: plans, APIs, and clients are defined per organization.
- Every user must be associated with at least one organization to be able to manage elements in the application.
- API Management implements role-based access control for users. You can give organization members different roles to restrict the actions he is able to perform and the elements he can manage within the organization.
- Membership for each organization can be easily managed in the Organization tab.
|
| |
Terms & Definitions | definition_plan |
A plan is a set of policies that defines the level of service API Management provides for an API. - Plans enable users to define multiple different levels of service for their APIs.
- Plans specify the contract between a client and an API.
- It is common to define multiple plans with divergent configuration options for the same API.
Example: An organization offers two plans for the same API: Plan A is more expensive than plan B, but it offers a higher level of API requests in a given (and configurable) period of time.
|
| |
Terms & Definitions | definition_policy |
Policies are at the lowest level of the data model, but they are the most important concept: A policy is a rule or a set of rules API Management uses to manage access to your APIs. - Policies are applied to all API requests and represent a unit of work applied at runtime to the request by API Management.
- You can define a policy chain, a defined order in which the policies will be applied to API requests.
|
| |
Developer Portal | description_api_definition_download |
Downloads the API definition file. |
| |
Developer Portal | description_api_documentation
|
Displays the Open API definition (Swagger) and allows for making test calls if the API is available. |
| |
Developer Portal | details_page_public
|
On the details page of a Public API, users can find further information about the API such as an extended description and the public endpoint. |
| |
Notifications | info_enable_mail_notifications |
The notifications can also be sent by by email. This feature must be enabled during the the setup of your Scheer PAS installation. Ask your Scheer PAS administrator for help. |
|
| |
Plans | locked_plans |
Once a plan is locked, it cannot be revised anymore. However, you can still create a new version of this plan. |
|
| |
Administration | manage_users |
API Management uses the Identity Management to manage its users. This tool can manage users for multiple applications. Data for each application is stored in so called "realms": - Users of Identity Management itself are stored to realm Master.
- Users of API Management and Log Analyzer are stored to realm Apiman.
Thus, you need to have to separate admin accounts: one for Identity Management, and one for API Management. |
| |
Plans | note_on_plan_usage
|
Only locked plans can be used by APIs in the organization. Refer to Locking a Plan for more information. |
|
| |
General Notes, Infos, Tips | note_read_confirmation_dialog |
Please read the confirmation dialog carefully. |
|
| |
Policies | note_require_true
|
Make sure that this option is true if you want to use this policy for authentication. |
|
| |
Policies | proxy_x_real |
In the default setup the gateway runs behind a proxy. In the default scenario there is no need to add the header X-Real-IP in the custom header field IP Address HTTP Header. |
|
| |
Support | support_overview |
- First of all you can consult our complete technical documentation.
The documentation is divided into several guides:
- If you can't solve your problem with help of the documentation, you can file a ticket to our support team at support@scheer-pas.com.
All mails to our support mailbox will open a ticket in our service desk. Optionally, you may use our service desk portal. There, you can manage your tickets and raise new support requests. Using the portal requires you to register your email address, which will not take much time. To help you with your problem, our Support team needs some information on your software and environment. Please refer to Information to Include in a Support Request for more details on this.
|
| |
Policies | swagger_definition_changes
|
Adding or removing policies does not enrich the Open API documentation. You need to adjust your documentation manually. |
|
| |
Clients | swagger_ui |
For more information about the functions of the Swagger UI, go to the Swagger homepage. |
|
| |
Administration | test_gateway_nok |
If the configuration is invalid, an error message will be shown including further information about the error itself: |
| |
Administration | test_gateway_ok |
If the gateway configuration is correct, you will get a success message: |
| |
APIs | testing_api_with_swagger |
Testing of API configurations is only possible with REST APIs that are coming with |
|
| |
Metrics | tipp_elaborated_metrics
|
PAS 22.1 For more elaborated metrics, have a look at the Log Analyzer which offers a default dashboard visualizing API Management insights. |
|
| |
General Notes, Infos, Tips | use_breadcrump
|
Use the breadcrumb menu at the top of the page for guidance. |
|
| |
Organizations | version_note_api_org_creation |
From PAS 22.1 all API Management users can create new organizations. In earlier versions, only users with role Administrator had been able to create organizations. |
|
| |