As an API provider, you need to do is create an API product. The API product is the mechanism through which your APIs are bundled and published so that developers can consume them.
An API product is a collection of API resources (URIs) combined with a service plan and presented to developers as a bundle. The API product can also include some metadata specific to your business for monitoring or analytics. See Understanding APIs and API proxies for more.
You can think of API products as your product line. You can create different products to provide features for different use cases. So instead of just giving developers a list of resources, you can bundle specific resources together to create a product that solves a specific user need. For instance, you can create a product that bundles a number of mapping resources to let developers easily add maps to their applications. API products are also a good way to control access to a specific bundle of resources. For example, you can bundle resources that can only be accessed by internal developers, or bundle resources that can only be accessed by paying customers.
The API resources bundled in a product can come from one or more APIs, so you can mix and match resources to create specialized feature sets.
You can set different properties on each API product. For example, you might make available one API product with a low access limit, such as 1000 requests per day, for a bargain price. You then release another API product that provides access to the same resources, but with a much higher access limit, for a higher price. Or, you might create a free API product that allows read-only access to resources, and then sell an API product to the same resources that allows read/write access.
API products are the central mechanism for authorization and access control to your APIs. In Apigee, API keys are provisioned, not for APIs themselves, but for API products. In other words, API keys are provisioned for bundles of URIs with an attached service plan. When you provision an API key (automatically or manually) to an app for an API product, authorization is enforced by Apigee at runtime to ensure that:
- The requesting app is permitted to access a particular API resource (URI).
- The requesting app has not exceeded the permitted quota.
- The OAuth scope matches that of the access token presented.
To learn how to create API products, see Creating API products
Apps are how your developers access your API products. When a developer registers an app, they select the API products to associate with the app, and Apigee generates an API key. By default, a single key provides access to all API products associated with the app. When the app makes a request, Apigee verifies that the API key matches the resource that the app is requesting.
To learn how to create apps, see Creating apps to surface your API
Developers access your APIs through apps that contain API keys, which in turn provide access to your API products. Keys are generated when you register an app and associate API products with the app. However, you can't register an app without a registered developer, so you need to have developers registered in your organization.
To learn how to register developers, see Adding developers to your API product.