Publish APIs with the API Proxy and Policy Manager

This page describes how to create Gateway-published APIs.
This page describes how to create
Gateway-published
APIs.
For Portal-published APIs, see Publish APIs with the API Portal.
In this article:
About Gateway-Published APIs
Gateway-published APIs use more sophisticated policies. You cannot use the API Portal to add policy templates to Gateway-published APIs.
The API proxy administrator uses the CA Policy Manager application and API proxy to publish the API. On the API Portal, the initial state of new Gateway-published APIs is unpublished. The API Portal administrator or API owner then enables the API on the API Portal to make it available to developers. Enabling an API requires assigning the APIs an API EULA. Developers cannot access the APIs until the API is enabled.
Do not use Gateway-published APIs in a multi-cluster environment where your API Portal is integrated with multiple API proxies. We recommend using only Portal-published APIs in a multi-cluster environment.
If you fail to migrate a Gateway-published API in a multi-cluster environment, the API might appear and then disappear from the APIs section on the Portal. To resolve this issue, use the Gateway Migration Utility (GMU) to migrate all Gateway-published APIs to all clusters. For more information about the GMU, see "Gateway Migration" in the API Gateway online documentation.
Best Practices for API Proxy Administrators
  • Do not copy and paste Gateway-published APIs (that is, services with the Set as Portal Managed Service Assertion in their policy) in the Policy Manager. The reason is that the original and copy will have the same API ID.
  • To allow the API Explorer to consume APIs that have policies or policy templates containing the Return Template Response to Requestor Assertion, clear the assertion's
    Send Response Immediately
    checkbox.
  • For hybrid customers, if your on-premise Gateway requires a proxy setting for any outbound traffic or connections, modify the Routing Assertions in your specific policies or services.
Create a Gateway-Published API
To create a Gateway-published API:
  1. In Policy Manager, log in to the API proxy.
  2. Add an API service to the API proxy.
    For more information about how to add an API service to the API proxy, see the API Gateway online documentation.
  3. Open the API service in the Policy Manager.
  4. Be sure to enable
    Set as Portal Managed Service
    in your API service. This can be found in
    Internal Assertions > Set as Portal Managed Service
    .
  5. Use the
    Include Policy Fragment
    assertion to add the
    Portal Service Preface
    fragment to the beginning of the API service.
  6. Drag the
    Set as Portal Managed Service
    fragment to the API service below the Portal Service Preface fragment.
  7. Select
    Save and Activate
    . After the API proxy and API Portal synchronize, the API appears in the API Portal on the APIs page.
  8. Access the Service Properties for the API service. Select the HTTP/FTP tab and then enable the
    Options
    HTTP method.
Enable Gateway-Published APIs
Each API listed on the APIs page has one of the following Portal States:
Portal State
Icon
Notes
Enabled
enabled.png
The API is published and available.
Unpublished
unpublished.png
Initial state of an API. Requires acceptance of the EULA.
Disabled
disabled.png
Existing applications will no longer be able to access this API.
Deprecated
deprecated.png
An enabled API can be deprecated. The API is still available, but use of a replacement API is preferred.
To enable a Gateway-published API:
  1. Log in to the API Portal as an administrator or API owner.
  2. Select
    Publish
    .
    The APIs page appears.
  3. Filter the list by Portal State, selecting
    Unpublished
    .
  4. Click the name of the API from the filtered list.
    The details page for that API appears.
  5. Click
    Edit
    .
  6. Select
    API Details
    .
  7. In API Details, select an
    API EULA
    .
    For unpublished APIs, you do not have to manually change the state to Enabled.
  8. Select
    Save
    .
Enable Analytics for Gateway-Published APIs
The following policy fragments provide analytics:
  • Standard Policy Template Fragment - API Key
  • Standard Policy Template Fragment - OAuth 2
  • Standard Policy Template Fragment - NoAuth
To enable analytics for Gateway-published APIs:
  1. In Policy Manager, log in to the API proxy.
  2. Open the API Service.
  3. After the Portal Service Preface section, Set context variable for
    apiLocation
    .
    Repeat the same for Set context variable for
    serviceUrl
    .
  4. Select
    one
    of the following fragments, depending on your method of API Protection:
    • Standard Policy Template Fragment - API Key
    • Standard Policy Template Fragment - OAuth 2.0
    • Standard Policy Template Fragment - No Auth Gateway_API_Snap.png
  5. Delete
    Route via http to ....
    .
Override Template Routing
If an API requires custom routing instead of routing functionality that is provided by the template fragment included in Step 5, it can be achieved by setting
override_template_routing
to
false
before the template fragment. Custom routing code should be included after the fragment.
In this scenario, policy developer should assign total routing time value to variable
portal.analytics.routingTotalTime
and response code to variable
portal.analytics.response.code
in custom routing section. Also, the variables
apiLocation
and
serviceUrl
are not used in custom routing.
View Analytics with API Explorer
To view the analytics of your  API with API Explorer:
  1. Right-click on your API and open
    Published Service Properties
    .
  2. Under
    HTTP/FTP > Allowed HTTP Methods
    , enable
    OPTIONS
    .
  3. Select
    OK
    .
Test your API and view the Analytics report. You should now be able to view API hits for your Gateway-published API.