Manage Applications

Applications are containers of related APIs in
Layer7 API Developer Portal
. Org Admins and Developers can use applications to access those APIs while building their web/mobile application. Portal Admins and API Owners manage applications by adding, or registering, them to
Layer7 API Developer Portal
, by editing them, by controlling which application use specific APIs, and by deleting them. Manage applications, for example, when testing your APIs and
API Portal
.
You can also manage your applications by way of the Portal API (PAPI) or use this API in your scripts for managing applications.
For more information about the PAPI, see Portal API (PAPI).
In this article:
Add an Application
All users,
except Developers
, can add, or register, applications to
API Portal
.
Follow these steps:
  1. From the menu bar, select
    Manage
    ,
    Applications
    .
    A list of applications appears on the
    Applications
    page.
  2. Select
    Add Application
    .
    The
    Details
    page appears.
  3. Provide details about the application. Select an existing organization from the
    Selected Organization
    drop-down list. Provide a unique application name and an optional description, and then select
    Next
    .
  4. If the Portal Admin added custom fields for applications, then the
    Custom Fields
    page appears. Enter details for the custom field, and then click
    Next
    .
    The
    API Management
    page appears.
  5. Add or remove available APIs and API groups to or from your application, and then select
    Next
    .
    In addition to the listed APIs and groups, you can search using the search field.
    Do the following:
    • To remove a selected API or API group from the application
      , select (the x icon) for the API or API group that you want to remove. The list of selected APIs and API groups is under the
      Selected APIs
      and
      API Groups
      section.
    • To add an available API or API group to your application
      , select (the plus icon) to the left of the API or API group that you want to add, and then accept the terms and conditions of the end-user license agreement (EULA). The list of available APIs and API groups is under the
      Available APIs
      (or
      Available API Groups
      ) section.
      Prerequisite:
      You must have explicit access to the API or the API must belong to your organization.
    For more information about the effects of API lifecycles and states on your ability to add and remove APIs and API groups to and from your application, see Manage API Lifecycles and States.
    The
    Authentication
    page appears.
  6. If any of the APIs that you have added to the application use OAuth, complete the following fields, and then select
    Create
    :
    • Callback/Redirect URL(s)
      Defines the callback/redirect URLs for your application. Separate multiple URLs using a comma.
      https://{yourportalurl}/oauth2-redirect.html
    • Scope
      Defines the OAuth scope parameters that specify the privileges that this application requires from the protected APIs. Separate parameters using a space.
    • Type
      Defines the grant type for the OAuth-protected APIs that the application consumes.
      Values:
      • None
        .
      • Public:
        Defines that the OAuth-protected APIs that this application consumes use the Implicit grant type.
      • Confidential:
        Defines that the OAuth-protected APIs that this application consumes use the Confidential grant type.
      Default:
      None
    The
    Generate New Secret
    window opens.
  7. To generate a secret in hashed format, select
    Create & Get Key
    . Otherwise, to explicitly generate a less secure secret in plaintext format, select the
    I want to use a non-secure plaintext key
    checkbox, and then select
    Create & Get Key
    .
    The
    Key
    page appears. The application is successfully created.
    API Portal
    generates an API key for the application. The API key and shared secret are displayed in plaintext.
  8. Do any of the following tasks, and then select
    Done
    :
The application is added.
Edit an Application
All users can make the following changes to existing applications:
  • Enable or disable the application.
  • Edit the name and description of the application.
  • Add or remove APIs and API groups to and from the application.
  • Change the OAuth callback URL, scope value, and type.
  • Generate a new shared secret.
Follow these steps:
  1. On the
    Applications
    page, from the
    Actions
    drop-down for the application that you want to edit, select
    Edit
    .
    The
    Details
    page appears.
  2. Edit the application name, enable or disable the application, or edit the public description, then select
    Next
    .
  3. If the Portal Admin added custom fields for applications, then the
    Custom Fields
    page appears. Edit the details for the custom field, and then click
    Next
    .
    The
    API Management
    page appears.
  4. Add or remove available APIs and API groups to or from your application, and then select
    Next
    . By adding an API group to your application, you add the APIs that are contained within the group to your application. These APIs are enabled and public. If the APIs that are contained within the group are enabled but private, then the APIs belong to your organization and have been added to the account plan that your organization uses.
    If you have turned on API plans, you manage them instead of API groups on this page.
    For more information about API plans, see Working with API Plans.
    In addition to the listed APIs and groups, you can search using the search field.
    Do the following steps:
    • To remove a selected API or API group from the application
      , select (the x icon) for the API or API group that you want to remove. The list of selected APIs and API groups is under the
      Selected APIs
      and
      API Groups
      section.
    • To add an available API or API group to your application
      , select (the plus icon) to the left of the API or API group that you want to add, and then accept the terms and conditions of the end-user license agreement (EULA). The list of available APIs and API groups is under the
      Available APIs
      (or
      Available API Groups
      ) section.
      Prerequisite:
      You must have explicit access to the API or the API must belong to your organization.
    For more information about the effects of API lifecycles and states on your ability to add and remove APIs and API groups to and from your application, see Manage API Lifecycles and States.
    The
    Authentication & Keys
    page appears.
  5. Edit the following fields, and then select
    Save Key
    :
    Only Portal Admin or API Owner can add or remove keys.
    • Callback/Redirect URL(s)
      Defines the callback/redirect URLs for your application. Separate multiple URLs using a comma.
      https://{yourportalurl}/oauth2-redirect.html
    • Scope
      Defines the OAuth scope parameters that specify the privileges that this application requires from the protected APIs. Separate parameters using a space.
    • Type
      Defines the grant type for the OAuth-protected APIs that the application consumes.
      Values:
      • None
        .
      • Public:
        Defines that the OAuth-protected APIs that this application consumes use the Implicit grant type.
      • Confidential:
        Defines that the OAuth-protected APIs that this application consumes use the Confidential grant type.
      Default:
      None
    • Client ID & Secret
      Perform any of the following tasks:
      • Copy the API key to the clipboard.
      • If the shared secret is in plaintext format, copy it to the clipboard.
      • Generate a new secret by selecting
        Generate New Secret
        .
        For more information, see Generate a New Client Secret.
    For more information about how to manage API keys, see Manage API Keys.
  6. Select
    Done
    .
Generate a New Client Secret
If an API key's shared secret is compromised, generate a new one, and then provide it to the application developer. Depending on your
API Portal
settings,
API Portal
generates secrets in the
Plaintext Secret
or
Hashed Secret
formats.
For more information about hashed secrets, see Enable Hashed Client Secret.
If you generate a new client secret, the API Proxy no longer accepts queries that use the old secret. The Developer must update the shared section in their web/mobile application so that their application can access the APIs.
Follow these steps:
  1. With the application open in edit mode, select
    Authentication & Keys
    .
  2. From the list of keys, expand on a Key Name to show the key details.
  3. Select
    Generate New Secret
    .
    API Portal
    generates a new shared secret for the API key.
  4. Select
    Save Key
    .
Locate your Applications
You can find and examine your applications from the
Applications
page. This page shows a list of the applications, the organization associated to the application, and the status of each application (Enabled or Disabled).
View an Application's Details
You can view various details of an application on the
Configuration
,
APIs
, and
Deployments
tabs within an application open in read-only mode. To view these tabs, on the
Applications
page, select the name of the application for which you want to view details. The
Configuration
tab displays by default.
View Details for an API Key
The
Configuration
tab shows a list of the API keys that have been added to the application, the status of each API key (Enabled or Disabled), and which API key is the default API key. Select to expand the API key row for which you want to view details, such as the API key (client ID), the shared secret (client secret), the status of the API key (Enabled or Disabled), and OAuth information.
View the APIs that have been added to an Application
The
APIs
tab shows tiles for each API that has been added to the application. Each API tile shows the API state (Enabled or Disabled) and the API version.
View Deployment Details for an API Key
The
Deployments
tab, like the
Configuration
tab, also shows a list of the API keys that have been added to the application, the status of each API key (Enabled or Disabled), and which API key is the default API key. Select to expand an API key row for which you want to view deployment details, such as tiles for each API proxy. Each API proxy tile shows the name of the API proxy, the date that the API proxy was last updated, how
API Portal
deploys the API key to the proxy (Automatic or On demand), the deployment status for the API key, and options to manage the API key deployment to API proxies.
For more information about the information that is available on this tab, including how to manage API key deployments to API proxies, see Deploy to Proxies using Portal.
For more information about how to manage API keys, see Manage API Keys.
Disable an Application
  • Disabling an application disables all of its API keys.
  • Re-enabling an application will re-enable the default key, while all other keys remain disabled. Ensure that you re-enable other keys individually.
  • When a disabled application is re-enabled by an Org Admin, all other keys need to be re-enabled by Portal admin or API Owner.
Follow these steps:
  1. View the application.
  2. Click
    Change
    near the application Status, or select
    Edit Application
  3. Change the status to
    Disabled
    and click
    Save
    .
Delete an Application
All users,
except Developers
, can delete applications.
Prerequisite:
You have verified that the application does not include API keys that are deployed to on demand proxies.
Follow these steps:
  1. With the application that you want to delete open in read-only mode (the
    Configuration
    ,
    APIs
    , or
    Deployments
    tab is displayed), from the
    Actions
    menu, select
    Delete Application
    .
  2. When prompted, select
    Ok
    .
The application is deleted.
Next Steps
Org Admins and Developers who want their web/mobile application to use the APIs that have been added to the application in
API Portal
must add the unique API key that
API Portal
auto-generated for the application to their web/mobile application. In addition, if their application uses OAuth, they must also add the shared secret to their application.
For more information about how Org Admins and Developers can work with applications, including how to add the API key and shared secret to their applications, see Work with Applications.