Create and Set Permissions for APIs
This article includes information about how to create APIs and set up API management permissions and visibility.
2

Create an API
This article includes information about how to create APIs and set up API management permissions and visibility.
Follow these steps:
- Log in to API Developer Portal as an administrator.
- SelectPublish.A list of APIs appears.
- SelectAdd API.A newPublish an APIwindow opens.
- In theAPI Definitionsection, choose betweenRESTandSOAPAPI types.
- If applicable, selectChoose fileto upload your Swagger or WADL definition files (for REST API), or WSDL file and optional XSD file (for SOAP API). For more details, see About API Description Files. If you do not have any definition files, provide API details manually in the next step.
- ClickNext.TheAPI Detailssection opens.
- If you uploaded an API definition file, the fields are already filled with values. You are alerted to any mandatory fields that do not have assigned values.Provide values as follows:FieldNotesAPI NameMaximum name length is 255 characters. Name must be unique.VersionThe value for this field can only contain 0-9 and be delimited with . _ and - characters.Location of APIThe API proxy routes requests from applications to the location of the API behind the API proxy. Developers do not see this information. Use a context variable to Route the API to Multiple Data Centers.API EULASelect an available End User License Agreement (EULA). Before developers can get an API key for the API, they must agree to your EULA.Public DescriptionOptional. The description appears in the API Explorer and Add/Edit Application wizards. Use this field to provide developers with API information such as its proxy URL and authentication requirements. Maximum description length is 255 characters.Private DescriptionMaximum description length is 255 characters.API Explorer is only accessible through the API Portal/Ingress tenant.
- ClickNext.TheProxy Configurationsection opens.
- Complete theProxy URL, which is the public URL of the API on the API proxy. Developers use this URL in their applications to send requests to the API.ForPolicy Templates, select a policy template, selectAdd, and then set its parameters. You can combine multiple policy templates. If you select multiple policy templates, ensure that you select them in the order that you want the API Proxy to apply them. For more information about how to control API access with policy templates, see Policy Templates.
- ClickNext.
- (Only for REST APIs) TheSpec Authenticationsection opens. SelectAuthentication type. The selected Authentication type is used in theSpectab of the details page when trying out the API.
- ClickCreate.
The API is created.
A new window opens. Set up API Management and visibility permissions.
Set Up the API Management Permissions
Follow these steps:
- Select who can manage the API. You must specify a Managing Organization or at least one API Owner.
- Select the Managing Organization- Selecting a managing organization allows all users within that organization to edit this API. This only applies if the user has permissions to edit APIs.If you are upgrading from version 4.4 or earlier, note the following:In previous versions of API Portal, the association of APIs and Organizations was either direct or indirect.
- Direct association = you could only select one organization for the API.
- Indirect association = you could attach the API to an account plan, then add multiple organizations to the account plan.
What happens after the upgrade to version 4.5:- If the association of an API and Organizations was direct, the organization that was assigned to the API is now the Managing Organization.
- If the association of an API and Organizations was direct, there is no Managing Organization associated with the API. If you want to assign a Managing Organization, edit the Management permissions of the API.
- Select API Owner Permissions
- Open - Anyone with API management permissions can edit this API.
- Restricted - Specify users with API management permissions to edit this API.
Note the following:If an Admin or an API Owner created an API in version 4.4 and assigned an Org User to the user permission list:- After the upgrade to 4.5, only the Portal Admin or the API Owner who belong to the permissions list will have access to manage this API.
- An Org User who was a part of the permissions list will gain or lose the API management permissions based on the number of Organizations associated with this API. If there were multiple organizations assigned, the Org User will lose the API management permissions.
- SelectRestricted.A list of API Owners appears.
- Select the users that have permission to edit and delete the API.The selected users appear in the right columnSelected.
- ClickSave &Next.
Set Up the API Visibility Permissions for Your Organizations
Follow these steps:
- Choose the level of visibility of the API for your Organizations:
- Public- The API is visible to all organizations. If you set the visibility toPublic, any API Owner added in the future will automatically see this API.
- Private- The API is visible only to you. If you are part of an organization, the organization can see the API as well. API Owners can still see this API regardless of the settings. Set up which organizations can see this API. If you are not part of an organization and creating a private API, then only API owners will be able to see it.If an administrator or an API Owner selects Private, the API is not associated with any organization.
- Restricted- Specify which organizations can see this API. If you set the visibility toRestricted, existing API Owners can still see this API but any new API Owners will need to be added manually to be able to see this API.
- SelectRestricted.A list of available Organizations appear.
- Check the box next to each Organization Name for the organizations that have permission to see the API.The selected organizations appear in the right columnSelected.
- ClickNext.
Visibility permissions are updated. You have successfully selected the organizations that can see the API.
Add Tags to the API
After creating an API, you can add tags to the API to group similar APIs together for improved filtering. Users can then search and discover APIs according to their visibility permissions.
You can add up to 25 tags to an API. Maximum length of the tag is limited to 60 characters.
Follow these steps:
- ClickTagsto open the Tags screen.All the tags that are imported from Swagger and those available in Portal are listed.
- Select the tags that you need to associate with the API.The tags are added to theSelectedcolumn.Note:ClickSelect swagger tagsto select all the tags that are imported from Swagger with a single click.
- To add a new tag, type the tag in theEnter tag namefield and clickAdd New Tag.The new tag is added and it is automatically selected to be associated with the API.Only the following characters are allowed in tags:alphanumeric space ' " _ - . # :
- ClickSave.All the selected tags are now associated with the API.
Set Up Publish State
Follow these steps:
- In thePublish Statesection, select:
- Incomplete - The API is incomplete.
- Enabled - The API will be published. Add applications right away.
- Disabled - Cannot add applications and deploy to proxies.
- Deprecated - Cannot add applications and deploy to proxies.
- Unpublished - This setting is only available to Gateway-published APIs.
- ClickSave.