Manage Applications

Mostly organization administrators and developers work with applications in the . However, administrators and API owners can manage applications to test their APIs and the aan.
Mostly organization administrators and developers work with applications in the
API Developer Portal
. However, administrators and API owners can manage applications to test their APIs and the
API Portal
.
You can also manage your applications by way of the Portal API or use this API in your scripts for managing applications.
For more information about the Portal API, see Portal API (PAPI).
In this article:
Add Applications
All users
except developers
 can add applications to the
API Portal
. After you add an application, the API proxy generates a unique API key and shared secret for the application. The developer must add the API key to the application so that the application can use the APIs. If the application uses OAuth, the developer must also add the shared secret to the application.
For more information about how developers work with applications, including adding the API key and shared secret to the application, see Work with Applications.
Follow these steps:
  1. Select the
    Services
    icon.
  2. Select
    Publish
    .
  3. Select 
    Apps
     from the menu bar at the top of the page.
    The
    Applications
    page opens.
  4. Select 
    Add Application
    .
    The
    Add Application
    page appears.
  5. (Administrators or API Owners only) On the
    Organization
    tab, next to the organization for which you are adding your application, select 
    Select
    , and then select 
    Next
    .
  6. On the
    Information
    tab, enter a name and description for your application, and then select 
    Next
    .
  7. On the
    API Management
    tab, complete the following steps:
    1. To add one or more APIs to your application, on the
      APIs
      tab, accept the terms and conditions of the end-user license agreement (EULA), and save your changes.
      Prerequisite:
       The API is enabled. (If the API is enabled but private.) You have access to the API or the API belongs to your organization.
      For more information about the effects of API lifecycles and states on your ability to add and remove APIs and API groups to and from your application, see Manage API Lifecycles and States.
    2. To add one or more API groups to your application, on the
      API Management
      tab, on the
      API Groups
      tab, accept the terms and conditions of the end-user license agreement (EULA), and then save your changes.
      Prerequisite: 
      The APIs that are contained within the API group are enabled and public. If the APIs that are contained within the API group are enabled but private, then the APIs belong to your organization and were added to the account plan that your organization is using.
  8. On the
    Auth
    tab, if any of the application APIs use OAuth, complete the following fields:
    Callback/Redirect URL(s)
    Defines the callback/redirect URLs for your application, separated using a comma.
    Example:
    https://{yourportalurl}/admin/oauthCallback
    Scope
    (If your application uses Oauth-protected APIs) Defines the scope parameters that specify the privileges that this application requires from those APIs. Separate parameters using a space.
    Type
    Defines the grant type for the OAuth-protected APIs that the application consumes.
    Values:
      • Public:
         Defines that the OAuth-protected APIs that this application consumes use the Implicit grant type.
      • Confidential:
         Defines that the OAuth-protected APIs that this application consumes use the Confidential grant type.
    Default
    : None
  9. (Optional) On the
    Auth
      tab, if Mobile Single Sign-On (MSSO) is enabled in the 
    API Portal
    , you can enable MSSO for the application.
  10. Select 
    Create
    .
The application is added to the 
API Portal
.
Locate your Applications
You can find and examine your applications from the Applications page. This page shows the organization and state (enabled or disabled) of each application.
Edit Applications
All users can edit applications. You make the following changes to your application:
  • Change the state of the application to disabled or enabled.
  • Edit the name and description of the application.
  • Add or remove APIs and API groups to and from the application.
  • Change the OAuth callback URL, scope value, and type.
  • Request a new shared secret.
  • Enable or disable MSSO.
Follow these steps:
  1. From the Applications page, on the Actions menu next to the application you want to edit, select
    Edit
    .
    The Edit Application page appears.
    On the
    Information
    tab, you can edit the application state, name, and description. When you are done, select 
    Next
    .
  2. On the 
    API Management
     tab, make the following changes, and then select 
    Next
    :
    • To add an API to your application, on the 
      APIs
      tab, next to the API that you want to add, select 
      Add
      , and then accept the terms and conditions of the API.
    • To add an API group to your application, on the 
      API Groups
       tab, next to the API or API group you want to add, select 
      Add
      , and then accept the terms and conditions of the API.
    • To remove an API from your application, on the 
      API
       tab, next to the API that you want to remove, select 
      Remove
      .
    • To remove an API group from your application, on the 
      API Groups
       tab, next to the API group that you want to remove, select 
      Remove
      .
  3. On the 
    Auth
     tab, make the following changes, and then select 
    Next
    :
    • View the application API key.
    • View the shared secret or request a new shared secret (for example, if the shared secret is compromised).
      When you request a shared secret, the API Proxy no longer accepts queries that use the old secret. The developer must update the shared section in the application before the application can access the APIs.
    • Edit the following fields:
      Callback/Redirect URL(s)
      Defines the callback/redirect URLs for your application
      Example:
      https://{yourportalurl}/admin/oauthCallback
      Scope
      (If your application uses Oauth-protected APIs) Defines the scope parameters that specify the privileges that this application requires from those APIs.
      Type
      Defines the grant type for the OAuth-protected APIs that the application consumes.
      Values:
        • Public:
           Defines that the OAuth-protected APIs that this application consumes use the Implicit grant type.
        • Confidential:
           Defines that the OAuth-protected APIs that this application consumes use the Confidential grant type.
      Default
      : None
    • (If mobile single sign-on is enabled on your
      API Portal
      ) View the application MSSO master key. You can enable or disable MSSO. MSSO must be enabled for the application to allow device registration by unauthenticated users or by users using social login credentials.
  4. Select 
    Save
    .
Your changes are saved.
Delete Applications
All users
except developers
can delete applications. While logged in to the
API Portal
, from the Applications page, on the Actions menu next to the application you want to delete, select
Delete
. The application is deleted.
Application Requests
Administrators can control which applications use specific APIs. If the add application request workflow is enabled, then, when an organization administrator completes the Add Application form, an administrator reviews and approves or rejects the application.
By default, the add application request workflow is enabled and the edit application request workflow is disabled.
  • If approved, the API proxy assigns a unique API key to the application and the 
    API Portal
    sends an email notification to the organization administrator.
  • If rejected, the administrator writes a message to explain the reason. Then the 
    API Portal
    sends the message in an email notification to the organization administrator.
By default, approval is required to add applications but not to edit applications. Administrators can also configure whether organization administrators and developers need their approval to edit an application.
Configure Application Request Workflows
To enable or disable the 
add
 application request workflow:
  1. Select the 
    Administration
     icon.
  2. Select 
    Request Settings 
    from the menu bar on the top of the page.
  3. In the
    Edit Workflow
    section, under 
    Add Application Request Workflow
    , select 
    Enabled
     or 
    Disabled
    .
  4. Select 
    Save
    .
To enable or disable the 
edit
 application request workflow:
  1. Select the 
    Administration
     icon.
  2. Select 
    Requests
    .
  3. In the 
    Edit Workflow
     section, under 
    Edit Application Request Workflow
    , select 
    Enabled
     or 
    Disabled
    .
  4. Select 
    Save
    .
Process Application Requests
When an organization administrator completes the Add Application form on the Add Application page, if the add application request workflow is enabled, then the application is in the "Pending Approval" status until an administrator reviews and approves or rejects the add application request. Similarly, when an organization administrator or developer completes the Edit Application form on the Edit Application page, if the edit application request workflow is enabled, then the changes are not enabled until an administrator reviews and approves the edit application request.
Administrators and API owners do not need approval to add or edit applications.
Administrators can control which applications use specific APIs. If the add application workflow is enabled, then, when an organization administrator completes the Add Application form, an administrator reviews and approves or rejects the application.
  • If approved, the API proxy assigns a unique API key to the application and the 
    API Portal
    sends an email notification to the organization administrator.
  • If rejected, the administrator writes a message to explain the reason. Then the 
    API Portal
    sends the message in an email notification to the organization administrator.
Follow these steps:
  1. Select the 
    Administration
     icon.
  2. Select 
    Requests
    .
  3. (Optional) Use the filter to restrict the list.
  4. Select 
    View Details
     next to the application request that you want to process, and do
    one
    of the following steps:
    • To accept the add/edit application request, select 
      Accept
      .
      The 
      API Portal
      sends a request approval message to the person who submitted the request. Also, the API proxy assigns a unique API key to the application.
    • To reject the add/edit application request, select 
      Reject
      , enter a message that explains why you rejected the request, and then select 
      Send
      .
      The 
      API Portal
      sends the message to the person who submitted the request.
The application request is processed.