...
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"id": "4841e9f5-2af5-4e42-ac1d-6b19be04c446",
"name": "Free",
"description": "Free plan",
"default": true,
"requires_approval": true,
"ratelimitgroup": "7933225d-6593-4201-bf14-c848226c770b"
} |
...
| Name | Type | Description |
|---|---|---|
| id | string | ID of this subscription plan. Cannot be changed after creation. |
| name | string | Name of this subscription plan |
| description | string | Description of this plan |
| default | boolean | If true, when new APIs are created, this subscription plan will be added to them by default. |
| ratelimitgroup | string | The ID of the rate limit group that limits the number of calls to the APIs in this subscription plan. |
| requires_approval | boolean | If true, subscriptions to this API plan requires administrator approval. |
API Profile
An API Profile is used to specify a set of common rules and limitations for API Designers - e.g. allowing publishing APIs in a specific set of environments, specifying common security settings, not allowing overriding of these settings etc. etc.
...
An API Profile has these fields:
| Name | Type | Description |
|---|---|---|
| name | string | Name of this API Profile |
| description | string | Description of this API Profile |
| roles | array of strings | If not empty, an API Designer needs one of these roles in order to be able to use the API Profile and select it for an API. |
| subscription.allow.override | boolean | |
| subscription.required | boolean | If true, a subscription is required in order to access this API, if false, no subscription is required and the API is accessible for everyone assuming no additional security has been configured for it. |
| subscriptionplans | array of strings | If subscription.required is set to true, this contains the list of IDs of the subscription plans that are applicable for this API - this list determines which plans an API Partner Application can subscribe to. |
| requestmod.specify.defaults | boolean | If true, request modification defaults are configured in the requestmodification object. See |
| requestmod.allow.override | boolean | If true, an API Designer is allowed to override requestmodification settings. |
| requestmod | JSON Object | See API Version requestmodification object. |
| security.specify.defaults | boolean | Set to true to specify security defaults for this API Profile |
| security.allow.override | boolean | If true, an API Designer is allowed to override security settings on an API Version |
| security.allow.override.per.operation | boolean | If true, an API Designer is allowed to specify security settings per operation |
| security | JSON Object | See API Version security object. |
| implementation.limit.methods | boolean | Set to true to limit implementation options that an API Designer can choose from. |
| implementation.method.pipeline | boolean | True to allow using Pipelines and Tasks as implementation method |
| implementation.method.script | boolean | True to allow using Scripts as implementation method |
| implementation.method.proxy | boolean | True to allow using Proxy as implementation method |
| implementation.allow.override.per.operation | boolean | If true, and API Designer can override implementation settings per operation -if false, he can only specify them for the entire API. |
| publish.allow | boolean | Set to true to allow an API Designer to publish APIs |
| environments | array of strings | List of environment names that an API can be published to. Leave empty for no restrictions |
| destinations | array of strings | List of destination names that proxying is restricted to. Leave empty for no restrictions |
API Group
API Groups contain 0 or more APIs. An API Group is a collection of APIs
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"id":"f83bb6fd-4252-4526-8bd0-49d973a41603",
"name":"MyMobileApplication",
"description":"The best of our applications",
"partner_id":"15ed2323-2913-4f09-b1c2-4694c7c50de5",
"client_id":"1a32f78d-83dc-488b-9e22-50b02e9328d1",
"client_secret":"f2add5d3-e67a-415f-8163-a751d7566047",
"apikeys": [
"1b119b37-e43b-46e3-9343-7cf26cec17ef"
],
"allowed_scopes": [
"openid","email","profile"
],
"valid_grant_types": [
"implicit","authorization_code","hybrid","client_credentials"
],
"developers": [
],
"accesstoken_type":"UUID",
"allowed_uris": [
"/redir1"
],
"allowed_logout_uris": [
"/logoff1"
],
"accesstoken_valid_seconds":60,
"refreshtoken_validity_seconds":60,
"maximum_idtoken_expiration_minutes":12,
"subscriptions": {
"c819724f-69e3-46bf-86d9-b15e59d1ffb0":"4841e9f5-2af5-4e42-ac1d-6b19be04c446"
},
"certificatespending_subscriptions": [
{
"subject": "C=DK,OU=Asseco,CN=Person",
"issuer": "C=DK,OU=Asseco,CN=CA 1",
"certificate": "MIIDVDCCAjygAwIBAgIHA9bbH0Y2ADANxxxxxxx ..... ==",
"developer": null,
"certificate.allow.expired": false,
"certificate.skip.chain.checks": false
}
]
}
|
The API Partner application has these fields:
...
{
"apiid": "73a02c77-c856-49fa-a1b0-be31ee8d808a",
"subscriptionplan_id": "4841e9f5-2af5-4e42-ac1d-6b19be04c446",
"comment_requestor": "Please grant me access",
"comment_response": "Certainly, enjoy",
"unread": false,
"action_id": "xxxxxx",
"approved": true,
"rejected": false
}
],
"certificates": [
{
"subject": "C=DK,OU=Asseco,CN=Person",
"issuer": "C=DK,OU=Asseco,CN=CA 1",
"certificate": "MIIDVDCCAjygAwIBAgIHA9bbH0Y2ADANxxxxxxx ..... ==",
"developer": null,
"certificate.allow.expired": false,
"certificate.skip.chain.checks": false
}
]
}
|
The API Partner application has these fields:
| Name | Type | Description |
|---|---|---|
| id | string | Unique ID of this application. |
| name | string | Name of this API Partner application |
| description | string | Description of the API Partner application |
| partner_id | string | Unique ID of the application this partner is linked to |
| client_id | string | The client ID that can authenticate this application |
| client_secret | string | The secret for the provided client id mentioned above |
apikeys | array of strings | List of API keys that can be used to authenticate this application if allowed |
| allowed_scopes | array of strings | Specifies which scopes the application is allowed to request. |
valid_grant_types | array of strings | The allowed grant types that this application is allowed to use |
accesstoken_type | string | The type of OAuth2 access token can be either UUID, or JWT - if it is a UUID, it can be used as a key - e.g. a bearer token, which is presented during authentication. If JWT, the access token is a signed JWT (JSON Web Token) containing information about the user |
allowed_uris | array of strings | OAuth2 redirect URIs for the application |
allowed_logout_uris | array of strings | OAuth2 Logout URIs which are allowed for this application |
accesstoken_valid_seconds | number | If set, overrides the time an issued OAuth2 access token is valid for |
refreshtoken_validity_seconds | number | If set, this is the number of seconds that an OAuth2 access token is valid for. |
maximum_idtoken_expiration_minutes
subscriptions
- id
- role
- subject
- issuer
- certificate
- developer
- certificate.allow.expired
- certificate.skip.chain.checks
maximum_idtoken_expiration_minutes | number | If set, this is the number of minutes that an issued ID token is valid for |
subscriptions | array of JSON objects | List of JSON Objects with API unique ID as key and subscription plan unique ID as value. |
| developers | array of JSON Objects | List of JSON objects with developers |
| string | The UID of the developer |
| string | The developer role for this application (OWNER, DEVELOPER, READ_ONLY) |
| certificates | array of JSON Objects | List of JSON objects with SSL/TLS client certificate information |
| string | Certificate Subject DN |
| string | Certificate Issuer DN |
| string | certificate, DER encoded and base64 encoded. Subject and Issuer MUST match the certificate. |
| string | ID of developer who added the certificate in developer portal, if any. |
| boolean | True if expired certificate is allowed |
| boolean | True if certificate chain, revocation etc. check should be skipped and request trusted if client cert matches this cert. |
pending_subscriptions | array of JSON objects | List of JSON objects with pending subscription requests |
| string | API ID |
| string | Subscription Plan ID |
| string | Comment made by the requestor when requesting the subscription |
| string | Comment made by the approver/rejector |
| boolean | True if unread by API Partner |
| string | ID of corresponding Action created for this request |
| boolean | True, if request has been approved by administrator |
| boolean | True, if request has been rejected by administrator |
API Developer
An API develop is a user with access to the developer portal and creator/owner/developer of API Partners and applications.
...
One API Developer have these fields:
| Name | Type | Description |
|---|---|---|
| id | string | The ID of this API Developer - cannot be changed after the developer has been created. |
| credentials | string | The credentials this user is using to log into the developer portal (matching a challenge in the user admin database) |
| string | Contact email for the API developer | |
| partners | array of JSON Objects | A list of API Partners this developer is assigned to and which role |
| string | The UID of the partner |
| string | The developer role for this partner (OWNER, READ_ONLY, NONE) |
| applications | array of JSON Objects | A list of API Partner Applications this developer is assigned to and which role |
| string | The UID of the application |
| string | The developer role for this application (OWNER, DEVELOPER, READ_ONLY) |