What is an API product?
See Creating API products to get started if you're already familiar with API products.
As an API provider, you need to create an API product. The API product is the mechanism through which your APIs are bundled and published so that developers can consume them.
An API product is a collection of API resources (URIs) combined with a service plan and presented to developers as a bundle. The API product can also include some metadata specific to your business for monitoring or analytics. See Understanding APIs and API proxies for more.
You can think of API products as your product line. You can create different products to provide features for different use cases. So instead of just giving developers a list of resources, you can bundle specific resources together to create a product that solves a specific user need. For instance, you can create a product that bundles a number of mapping resources to let developers easily add maps to their applications.
API products are also a good way to control access to a specific bundle of resources. For example, you can bundle resources that can only be accessed by internal developers, or bundle resources that can only be accessed by paying customers.The API resources bundled in a product can come from one or more APIs, so you can mix and match resources to create specialized feature sets.
You can set different properties on each API product. For example, you might make available one API product with a low access limit, such as 1000 requests per day, for a bargain price. You then release another API product that provides access to the same resources, but with a much higher access limit, for a higher price. Or, you might create a free API product that allows read-only access to resources, and then sell an API product to the same resources that allows read/write access.
API products are the central mechanism for authorization and access control to your APIs. In Apigee, API keys are provisioned, not for APIs themselves, but for API products. In other words, API keys are provisioned for bundles of resources with an attached service plan. When an app attempts to access an API product, authorization is enforced by Apigee at runtime to ensure that:
- The requesting app is permitted to access a particular API resource.
- The requesting app has not exceeded the permitted quota.
- If defined, the OAuth scopes defined in the API product matches those associated with the access token presented by the app.
To learn how to create API products, see Creating API products
Apps are how developers access your API products. When a developer registers an app, they select the API products to associate with the app, and Apigee generates an API key for the app. By default, a single key provides access to all API products associated with the app. When the app makes a request, Apigee first verifies that the API key is valid and fails the request if not.
To learn how to create apps, see Registering apps
Developers build the apps that access your APIs. However, a developer must first be registered in your organization before they can register an app.
To learn how to register developers, see Adding developers to your organization.