An API product is a mechanism that enables you to innovate at the edge, managing your APIs as products and meeting developers needs, without impacting your backend development teams. A product is a collection of API resources (URIs) combined with a service plan and presented to developers as a bundle. The API product can also include some metadata specific to your business for monitoring or analytics.
You can think of API products as your product line. You can create different products to provide features for different use cases. So instead of just giving developers a list of resources, you can bundle specific resources together to create a product that solves a specific user need. For instance, you can create a product that bundles a number of mapping resources to let developers easily add maps to their applications. API products let you differentiate your API from the crowd, by focusing on providing solutions, not just resources. API products are also a good way to control access to a specific bundle of resources. For example, you can bundle resources that can only be accessed by internal developers, or bundle resources that can only be accessed by paying customers.
The API resources bundled in a product can come from one or more APIs, so you can mix and match resources to create specialized feature sets.
API products are the central mechanism for authorization and access control to your APIs. In Apigee, API keys are provisioned, not for APIs themselves, but instead for API products. In other words, API keys are provisioned for bundles of URIs with an attached service plan. When you provision an API key (automatically or manually) to an app for an API product, OAuth-based authorization is enforced by Apigee at runtime to ensure that:
- The requesting app is permitted to access a particular API resource (URI).
- The requesting app has not exceeded the permitted quota.
- The OAuth scope matches that of the access token presented.