Create and Set Permissions for APIs

This article includes information about how to create and set up the visibility permissions and the API management for APIs.
Create an API
This article includes information about how to create and set up the visibility permissions and the API management for APIs.
Follow these steps:
  1. In API Developer Portal, go to 
    Publish
    .
    A list of APIs appears.
  2. Select 
    Add API
    .
    A new 
    Publish an API
     window opens.
  3. In the 
    API Definition
     section, choose between 
    REST
     and 
    SOAP
     API types.
  4. If applicable, select 
    Choose file
     to upload your Swagger or WADL definition files (for REST API), or WSDL file and optional XSD file (for SOAP API). For more details, see About API Description Files. If you do not have any definition files, provide API details manually in the next step.
  5. Click 
    Next
    .
    The 
    API Details
     section opens.
  6. If you uploaded an API definition file, the fields are already filled with values. You are alerted to any mandatory fields that do not have assigned values.
    Provide values as follows:
    Field
    Notes
    API Name
    Maximum name length is 255 characters. Name must be unique.
    Version
    The value for this field can only contain 0-9 and be delimited with . _ and - characters.
    Location of API
    The API proxy routes requests from applications to the location of the API behind the API proxy. Developers do not see this information. Use a context variable to Route the API to Multiple Data Centers.
    API EULA
    Select an available End User License Agreement (EULA). Before developers can get an API key for the API, they must agree to your EULA.
    Public Description
    Optional. The description appears in the API Catalog, API Explorer, and Add/Edit Application wizards. Use this field to provide developers with API information such as its proxy URL and authentication requirements. Maximum description length is 255 characters.
    Private Description
    Maximum description length is 255 characters.
    API Explorer is only accessible through the API Portal/Ingress tenant.
  7. Click 
    Next
    .
    The 
    Proxy Configuration
     section opens.
  8. Complete the 
    Proxy URL
    , which is the public URL of the API on the API proxy. Developers use this URL in their applications to send requests to the API.
    For 
    Policy Templates
    , select a policy template, select 
    Add
    , and then set its parameters. You can combine multiple policy templates. If you select multiple policy templates, ensure that you select them in the order that you want the API Proxy to apply them. For more information about how to control API access with policy templates, see Policy Templates.
  9. Click 
    Next
    .
  10. (Only for REST APIs) The 
    Spec Authentication
     section opens. Select 
    Authentication type
    . The selected Authentication type is used in the 
    Spec
     tab of the details page when trying out the API.
  11. Click 
    Create
    .
The API is created.
A new window opens. Set up the visibility permissions and the API management.
Set Up the Visibility Permissions for Your Organizations
Follow these steps:
  1. Choose the level of visibility of the API for your Organizations:
    1. Public
       - The API is visible to all organizations. If you set the visibility to 
      Public
      , any API Owner added in the future will automatically see this API.
    2. Private
       - The API is visible only to you. If you are part of an organization, the organization can see the API as well. API Owners can still see this API.
      If an administrator or an API Owner select Private, the API is not associated with any organization.
    3. Restricted
       - Specify which organizations can see this API. If you set the visibility to 
      Restricted
      , API Owners can still see this API.
  2. Select 
    Restricted
    .
    A list of available Organizations appear.
  3. Check the box next to each Organization Name for the organizations that have permission to see the API.
    The selected organizations appear in the right column 
    Selected
    .
  4. Click 
    Next
    .
Visibility permissions are updated. You have successfully selected the organizations that can see the API.
Set Up the API Management Permissions
Set up who has the permissions to edit and delete this API.
Follow these steps:
  1. Select who can manage the API:
    1. Open
       - Anyone with API Management permissions can edit and delete the API. To see who that would be, select 
      Restricted
       and view the list of users. API Owners can automatically see all APIs but cannot edit or delete unless they are given permissions. Users added in the permissions list can edit and delete API only if they have RBAC permissions. 
    2. Private
       - Only you can edit this API. 
    3. Restricted
       - Specify the users with API management permissions to edit and delete this API. API Owners can automatically see all APIs but cannot edit or delete unless they are given permissions. Users added in the permissions list can edit and delete API only if they have RBAC permissions.
  2. Select 
    Restricted
    .
    A list of users appears.
  3. Select the users that have permission to edit and delete the API.
    The selected users appear in the right column 
    Selected
    .
  4. Click 
    Next
    .
API Management permissions are updated. You have successfully selected the users that can edit and delete the API.