An API product is a collection of resources or URIs combined with a service plan. They are the central mechanism for authorization, and control access, to your APIs. It can also include metadata specific to your business for monitoring or analytics. You can mix and match resources to create specialized feature sets. These API product bundles can only be accessed by internal developers, or accessed by paying customers.
Apigee API keys are provisioned, not for APIs themselves, but for API products. Apigee enforces an authorization when an app tries to access an API product. It ensures that:
- the requesting app is permitted to access a particular API resource
- the requesting app has not exceeded the permitted quota
- OAuth scopes defined in the API product matches those associated with the access token presented by the app
Download our eBook, "A Checklist for Every API Call" to learn more.