Provision apps

Was this helpful?

Your developers use apps to access the resources in your API products. When you create an app, you select the API product to include, and Apigee generates a key. Each app has a single key that provides access to multiple API products.

Apps allow you to control who can access your resources. You can control who has access to your API products by revoking and refreshing an app's key. And you can also control access to bundles of resources by revoking or deleting access to the products in an app.

You can see all of your organization's apps on the Apps summary page. This page displays performance data for each app, and general information on app keys and user tokens. You can select a specific app from the table to get more detailed information, including the API products that app can access and the resources those products expose. You can also see the key and access token associated with the app. An access token is generated if an app requires login. See End-user tokens for more information.

Back to top

Setting up an app

In general, developers add their own apps through your developer portal. However, in some cases you need to add apps for your internal development teams or on behalf of a developer. See What is a developer portal? for more on developer portals. When you set up an app, you decide which products it will contain. When the app is created, a key is automatically generated to grant access to the selected products. Any additional products you add use the same key.

Adding an app

  1. Click the Publish tab, then Developer Apps.
  2. Click (+) Developer App on the Developer Apps page.
  3. Enter an application name in the Display name field.
  4. Enter the URL for the callback.
    A callback is the location of a resource that belongs to the application. In most cases, this is the location of a login screen where users enter their username and password.
  5. Optionally, add a descriptive note for the app.
  6. Add any custom attributes for the app. For each custom attribute:
    • Click (+) Add Custom Attribute
    • Add the attribute name and value.
  7. Select a developer from the Developer list.
    Your app must have a developer.
  8. Click Save.
    Your app is added to the apps list on the Developer Apps page.

Editing an app

  1. Select an app in the Developer Apps summary table.
  2. Click Edit.
  3. Edit the app's display name and callback URL, as needed.
  4. Add, remove, or change a note, as needed.
  5. Add, remove, or change any custom attributes, as needed.
    Note: Be careful when you edit custom attributes. If you have a system that has dependencies on custom attributes, it might be impacted if you edit the custom attributes using the Management UI.
Back to top

Controlling access to products

You give an app access to your APIs by adding products. If you want to limit an app's access, you can temporarily revoke access to a product, or permanently cut off access to a product by deleting the product from the app.

Adding access to a product

  1. Select an app in the Developer Apps summary table.
  2. In the detail page for the app, select an API Product from the drop-down menu.
  3. Click Add.
    The API product is added to the Product Used list for the App.

You can expand the app's access to your APIs by adding more products.

Revoking access to a product

  1. Select an app in the Developer Apps summary table.
  2. In the API Product Used table, click Revoke in the Actions column for the product.
    You are revoking access to this product and the resources it contains. You can re-enable access at any time.

Deleting a product from an app

  1. Select an app in the Developer Apps summary table.
  2. In the API Products Used table, click Remove in the Actions column for the desired product.
    You are permanently removing the product from this app.
Back to top

Keys

Keys are automatically generated when you create an app. If you specified automatic key approval when you created the API Product, the key is automatically approved for use by the app. Otherwise, you need to approve the key manually before the key can be used by the app to access the product. Each app is assigned a key and secret key. Together, these keys act like a username/password combo. When an application makes a request, Apigee inspects it to verify that the API key matches the resource that the app is requesting, and checks the API product definitions associated with API key to see whether the resource is permitted. If everything lines up, Apigee sends back the requested resource data.

Back to top

End-user tokens

If an app has some type of security applied, such as OAuth, each call requires a valid access token. An end-user token controls a user's access to an app. When the user has access to the app, they have access to all the API products that app contains, which in turn gives them access to all the resources within those API products. End-user tokens are automatically generated when a user logs in to an app for the first time. The token stores the scope. As an API provider, you define a scope when you set up your OAuth policy.

See also

Control API access

Back to top