Your developers, both internal and external, as well as your partners, build apps that access your APIs through API products. The API products you define provide access to the resources in your APIs. To control this access, you first add an API in Apigee and then set up an API product. Developers select one or more API products that meet their needs for resources (functionality and data) and performance (service plan).
When a developer registers an app in Apigee, an API key and associated secret are generated for the app. The API key and secret are used at runtime to obtain access to API products. Developers embed this key in their app. Whenever the app makes a call, Apigee checks to make sure the correct key is being used. If the key is valid, the call can access the resources exposed in the API products.
You can configure API products for automatic or manual approval. Automatic approval is commonly used for free API products, while manual approval is used for premium products, or products that provide access to sensitive information.
You can set up a developer portal where your developers can register their apps and get access to app keys and your API products.
When you add an API in Apigee, you're creating an API that acts as a proxy for an existing API. So instead of calling your existing API, your developers call the new API in Apigee. This lets you provide a stable front end to your developers as you update and innovate the services you want to provide. You can add your own APIs or third-party APIs to your organization, and you can add resources for each API.
To add APIs
- On the API tab, click the (+) icon.
- Enter a descriptive name for your API as the API Display Name.
You can use your brand name so developers can easily identify your organization as the API provider. It's also a good idea to add a version to your API, such as V1.
- Select the checkbox for HTTP or HTTPS to set the transfer protocol you want to use.
- Enter the network address as the Root API URL.
This is where apps direct requests. An example is apigee-demo-prod.apigee.net/v3/services. You can use your own domain by configuring DNS for your Apigee account (contact Apigee Support to set this up).
- Enter the network address where Apigee directs app requests as the Server URL.
An example is www.example.com.
- Optionally, add any other resources.
You don't have to add any resources to an API, and you can also add them later.
- Click Finish.
Your new API is added to the default API product and appears in the summary list. As you direct traffic to the root URL, the system automatically generates the basic API metrics, such as throughput and response time.
- Add APIs for a detailed discussion.
In Apigee, an API product is a group of API resources bundled together. The API product includes some metadata and a service limit that can be accessed by your developers using a key. Think of API products as your product line. You can create different products to provide features for different use cases. So instead of just giving developers a list of resources, you can bundle specific resources together to create a product that solves a specific user need. For instance, you can create a product that bundles a number of mapping resources to let developers easily add maps to their applications. API products let you differentiate your API from the crowd, by providing solutions and not just resources.
To add API products
- Click Products in the main menu, and click the add (+) button.
- On the Add Products screen, enter a name and description for the product.
- Select the test environment for internal-facing products or the production environment for public-facing products.
- Enable an access level option. These options determine who can access the product. You can use these levels to control access at different stages of development. For example, you can set a product to Internal Only while it's in development and then change access to Public when it's ready to release.
- Enter a service limit number and select a time period (week, hour, minute, second). This sets up a quota for your product that limits the number of calls the product accepts in a given time period.
- Enter a scope for the product. The scope should match one of the scopes you defined in your security policy. If they don't match your API may not be secure.
- In the API section, click the API menu and select one of the APIs in you org.
- If you want to add the entire API to the product, choose All Resource Paths from the next menu, otherwise choose Selected Resource Paths.
- If you chose Selected Resources Paths, you can choose which resources you want to add to the product.
- Click Add API. The new product appears in the All Products table.
Developers access your APIs through apps that contain keys, which in turn provide access to your API products. Keys are generated when you set up an app and add API products to the app. However, you can't create an app without a developer, so you need to have developers registered in your organization. If you have a public API product that developers can sign up for via a portal, developers register themselves because they want to access your APIs. However, in some cases you'll need to add a developer manually. For example, if you need to add internal developers or create a developer on behalf of a customer.
The Developer tab provides information on the number of apps developers have created, the keys they're using, the number of users accessing their apps, and the tokens generated for those users. Tokens are only generated for a user if the app has security, like an OAuth policy.
To add a developer
- Click Developers in the main menu.
- Click Add Developer.
- Enter a username.
- Enter the full name for your developer.
- Enter the developer's email.
This is the email address that you use to send keys and notifications to this developer.
- Enter a password.
- Add the apps the developer has created.
Apps are how your developers access the resources in your API products. When you create an app, you select the API products to include, and Apigee generates a key. By default, a single key provides access to multiple API products—newly approved API products are added to the existing API key by the system.
When the application makes a request, Apigee inspects the request to verify that the API key matches the resource that the app is requesting. It checks any API product definitions associated with API key to see whether the resource is permitted. If everything lines up, Apigee sends back the requested resource data.
To add an app
- Click Apps in the main menu and click the + App button.
- Enter a name for the app.
- Enter the URL for the callback. A callback is the location of a resource that belongs to the applications. In most cases, this is the location of a login screen where app end users enter their username and password.
- Select a developer from the Developer list. Your app must have a developer.
- Select the API product you want to add to the app, and click Save. Your new app appears in the apps table on All Apps screen.
Provision apps for more on apps and keys.
After you add and configure your APIs, you need to provide a way for outside developers and partners to access them. You can set up a developer portal as an entry point where users can browse your API, read your API documentation, and, most importantly, get keys to access the API products you have to offer. Apigee provides a portal template you can use to showcase your APIs and develop a community with features like blogs and forums. The default setup lets you create and manage API documentation, forums, and a blog. From within the portal, your users can trace API calls in real time using the built-in test console. In addition to content management, the portal provides community management features, such as manual/automatic user registration and moderating user comments.
To access your developer portal
- Click the Developers tab and click the Dev Portal button at the top of the page. The button is grey if you haven't added at least one API and API product.
- Fill out the questionare and click Save. Apigee, will create a new portal for your organization.