Layer7 API Management

  • 1.  Explicitly Allow Orgs to See APIs

    Posted Apr 21, 2015 05:11 PM

    Hello,

     

    Is there a way to associate APIs with an organization explicitly?  It looks like APIs are public to ALL by default.  I do see that you can mark an API as private and then associate private APIs to orgs, but this feels backwards.

     

    I'm want to support a situation where you have multiple organizations, where each organization can only choose from a select set of APIs.  Any help is appreciated.

     

    Thanks,

     

    Alejandro



  • 2.  Re: Explicitly Allow Orgs to See APIs

    Posted Apr 28, 2015 04:56 PM

    Can anyone help the user with this question?

     

    Thank you



  • 3.  Re: Explicitly Allow Orgs to See APIs

    Posted Apr 28, 2015 07:23 PM

    Alejandro,

     

    You are correct:

    • you can assign sets of APIs to Account Plans, and then assign one of the Account Plans to an org. or
    • If you'd rather have orgs choose which APIs they want, you can create a set of Account Plans and check the "include in Registration" checkbox. Orgs can now refer to the API Catalog's "Plans" tab to see which Account Plan they'd like to choose, and then select that plan at registration time.


  • 4.  Re: Explicitly Allow Orgs to See APIs

    Posted Apr 30, 2015 06:14 PM

    Hi crada08,

     

    Thanks for the detailed response.  I'm not seeing the behaviour that you're describing.  From what I understand from your post, there is a possibility of linking apis to account plans.  From there you can link orgs to account plans.  Am I correct in thinking that by doing this, orgs will ONLY see the apis that are associated with their account plan?  I ask because I've set you a scenario as you've described.  But when a developer (under an org with a narrow set of apis in an account plan) goes to  add an application, they still see all apis, event ones outside their account plan.

     

    Am I thinking about this the wrong way?

     

    Thanks,

     

    Alejandro



  • 5.  Re: Explicitly Allow Orgs to See APIs

    Posted Apr 30, 2015 07:41 PM

    There is one prerequisite for this scenario: all APIs must be set to Private.

     

    By default, any API that is not set to Private can be view/worked with by any developer.



  • 6.  Re: Explicitly Allow Orgs to See APIs

    Posted Apr 30, 2015 07:54 PM

    Thanks crada08.  Appreciate your responses.  Very helpful!

     

    So, is it too far fetched for a feature request to have apis marked as private by default?  This would same a ton of time if this were possible.

     

    Thanks,

     

    Alejandro



  • 7.  Re: Explicitly Allow Orgs to See APIs
    Best Answer

    Posted Apr 30, 2015 08:11 PM

    Alejandro,

     

    Thanks for the suggestion. I will definitely take it under consideration. In the meantime, the simplest way to save time is to:

    1. Login as Admin (or API Owner)
    2. Go to the Manage APIs page
    3. Click on the checkbox beside the heading labeled "API"
    4. Click on the "Actions" dropdown at the bottom of the page and choose "Set to Private"
    5. Click the Apply button

     

    All APIs are now Private.