Developer portal FAQ
This document lists the answers to commonly asked questions about the Developer Services portal.
Apigee uses Pantheon, a website management service, for hosting cloud-based versions of the Developer Services portal. Pantheon is designed to work with Drupal to let you develop, test, and publish your portal in a secure environment. For more, see Working with Pantheon.
See Supported software.
One way to prevent SPAM on the portal is to add CAPTCHA to the login page and other pages by enabling the Drupal CAPTCHA and reCAPTCHA modules. See Add and manage user accounts for more.
The developer portal requires that you configure an SMTP server to send email messages. After you configure the SMTP server, all emails sent by the developer portal use the SMTP server. These emails include emails sent to new developers, emails sent to developers who lose their password, and emails sent to developers with blocked accounts. For more, see Configuring email.
Drupal rules let you define actions by the portal in response to certain events. One common use of rules is to generate emails in response to an event. The portal has built in support for generating emails for predefined events, such as when a new developer registers an account. However, you can you can add your own rules to generate emails. For example, you can generate an email when the developer adds, removes, or modifies an app. For more, see Configuring email.
You can configure various email notifications that are sent in response to particular activities such as registering, deleting, blocking, and unblocking developer accounts. For more, see Configuring email.
When the user registers for an account on the portal, the portal displays the default registration page with fields for First Name, Last Name, Username, Email address, and Password. As an API provider, you might want to modify this form to prompt the user to provide additional information such as a company name, mailing address, or other information. For more, see Add and manage user accounts.
Select Reports in the Drupal menu to see a list of logs and other reports. For example, select Reports > Recent log messages to see a table of recent log messages.
Drupal also has many security features that you should be familiar with as you build your portal. See Securing your portal for more.
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a web client, such as a browser or app. An encrypted link ensures that all data passing between the web server and the client remains private. For information on configuring SSL with the portal, see Using SSL on the portal.
For an Apigee Edge for Private Cloud installation of the Developer Services portal, you might get a notification that a new version of Drupal is available. A new version can mean a Drupal feature release, patch, security update, or other type of Drupal update. In the case of a security update, you want to upgrade your installation of Drupal as soon as possible to ensure that your site remains secure. For more, see Upgrading the Drupal version of a Private Cloud installation.
For customers using a cloud deployment of the portal, Apigee will automatically apply all Drupal security updates.
Register for updates from both Drupal and Apigee:
- Registered for Drupal security advisories and announcements from this page: https://www.drupal.org/security.
- Registered for Apigee updates and security advisories from: http://status.apigee.com/.
Federated log in is the process where you use credentials from one identity management system, called the system of record, to log in to another system. For example, you use your Google or Twitter credentials to log in to the Apigee developer portal. The portal supports federated login using credentials from several common providers, including: GitHub, Google, OpenID, and Twitter. For more, see Using federated credentials on the developer portal.