Here is a description of the data structures used for API Management, API Partners and definitions - this is useful for Administration APIs that manipulate installed APIs.

Overview

Environment

An environment specifies a place where an API can be published to. An API Gateway serves the APIs published to one or more environments.

Example:

{
  "name": "Sandbox",
  "description": "Sandbox environment, used for initial testing of APIs, playing around with new versions",
  "destinations": [{
    "name": "worldbank_sandbox",
    "description": "World Bank API",
    "http2.enable": true,
    "keepalive.enable": true,
    "sticky": false,
    "cookiesnapper": {},
    "targets": [{
      "name": "api.worldbank.org",
      "port": 80,
      "host": "api.worldbank.org",
      "scheme": "http"
    }],
  "baseurl": "https://api-sandbox.ceptor.io/",
  "gateway.config.name": "gateways"
}

Name	Type	Description
name	string	Name of this environment.
description	string	Description of the environment
destinations	array of JSON Objects	Contains any destinations available in this environment - destinations are clusters of servers serving this API - they can be used when proxying API calls from the gateway to the destinations. Each destination is a full destination containing all the capabilities you can define within the Ceptor Gateway. See Ceptor Gateway and Config - Destinations for more information about destinations.
baseurl	string	Contains the base URL to add to the OpenAPI specification for any API when it is published to this environment.
oauth2.authorizationurl	url	The OAuth2 authorization url for this environment - used when OAuth2 authentication is enabled for an API.
oauth2.tokenurl	url	The OAuth2 token url for this environment - used when OAuth2 authentication is enabled for an API.
openidconnect.discoveryurl	url	The OpenID Connect discovery url for this environment - used when OpenID Connect authentication is enabled for an API.
gateway.config.name	string	Name of configuration server entry that API gateways within this environment are using. This used to read pre-configured destinations, canned replies etc. from when making them available to the API implementation. Default is "gateways".

Rate Limit Group

A Rate Limit Group contains a list of limits on API usage that can be used from different Subscription Plans.

Example:

{
  "id": "7933225d-6593-4201-bf14-c848226c770b",
  "name": "Basic",
  "description": "Basic rate limit",
  "limits": [
    {
      "value": "100",
      "unit": "hour"
    },
    {
      "value": "5",
      "unit": "second"
    }
  ]
}

One Rate Limit Group has these fields:

Name	Type	Description
id	string	The ID of this rate limit group - cannot be changed after the group has been created.
name	string	The name of this rate limit group.
description	string	An optional description for this rate limit group.
limits	array of JSON Objects	A list of limitations on the rate of calls for this API, e.g. 100 calls per hour, or 5 per second.
value	integer	Number of calls per time unit
unit	string	Contains the time unit for this limit, this is the unit for which the value counts. Can be either second, minute, hour, day, week, month or year

Subscription Plan

A subscription plan is tied to a rate limit group - it specifies the limitations of the API calls. APIs can be assigned to require subscriptions from specific subscription plans in order to be accessible from API Partners.

Example:

{
  "id": "4841e9f5-2af5-4e42-ac1d-6b19be04c446",
  "name": "Free",
  "description": "Free plan",
  "default": true,
  "requires_approval": true,
  "ratelimitgroup": "7933225d-6593-4201-bf14-c848226c770b"
}

A Subscription Plan has these fields:

Name	Type	Description
id	string	ID of this subscription plan. Cannot be changed after creation.
name	string	Name of this subscription plan
description	string	Description of this plan
default	boolean	If true, when new APIs are created, this subscription plan will be added to them by default.
ratelimitgroup	string	The ID of the rate limit group that limits the number of calls to the APIs in this subscription plan.
requires_approval	boolean	If true, subscriptions to this API plan requires administrator approval.

API Profile

An API Profile is used to specify a set of common rules and limitations for API Designers - e.g. allowing publishing APIs in a specific set of environments, specifying common security settings, not allowing overriding of these settings etc. etc.

Example:

{
  "name": "Internal",
  "description": "Internal APIs.\nThis profile is used by internal APIs, and specifies the default settings for them.",
  "roles": [],
  "publish.allow": true,
  "environments": ["Internal"],
  "security.specify.defaults": true,
  "security.allow.override": false,
  "security.allow.override.per.operation": false,
  "implementation.limit.methods": true,
  "implementation.method.pipeline": true,
  "implementation.method.script": true,
  "implementation.method.proxy": false,
  "destinations": [],
  "implementation.allow.override.per.operation": true,
  "subscription.required": false,
  "subscription.allow.override": false,
  "requestmod.specify.defaults": true,
  "requestmod.allow.override": false,
  "security": {
    "authorization": {
      "noauthorization.for.options": false,
      "roles": ["adminusers"],
      "server.identifier": "none"
    },
    "authentication": {
      "apikey": false,
      "apikey.headername": "ceptor-apikey",
      "basicauth": true,
      "clientcert": false,
      "bearer": false,
      "oauth2": false,
      "openidconnect": false,
      "oauth2.scopes": [],
      "advanced": {}
    }
  },
  "requestmod": {
    "cookiesnapper": {"pattern": "jsessionid"},
    "plugin": {}
  },
  "subscriptionplans": [
    "Free",
    "Premium"
  ]
}

An API Profile has these fields:

Name	Type	Description
name	string	Name of this API Profile
description	string	Description of this API Profile
roles	array of strings	If not empty, an API Designer needs one of these roles in order to be able to use the API Profile and select it for an API.
subscription.allow.override	boolean
subscription.required	boolean	If true, a subscription is required in order to access this API, if false, no subscription is required and the API is accessible for everyone assuming no additional security has been configured for it.
subscriptionplans	array of strings	If subscription.required is set to true, this contains the list of IDs of the subscription plans that are applicable for this API - this list determines which plans an API Partner Application can subscribe to.
requestmod.specify.defaults	boolean	If true, request modification defaults are configured in the requestmodification object. See
requestmod.allow.override	boolean	If true, an API Designer is allowed to override requestmodification settings.
requestmod	JSON Object	See API Version requestmodification object.
security.specify.defaults	boolean	Set to true to specify security defaults for this API Profile
security.allow.override	boolean	If true, an API Designer is allowed to override security settings on an API Version
security.allow.override.per.operation	boolean	If true, an API Designer is allowed to specify security settings per operation
security	JSON Object	See API Version security object.
implementation.limit.methods	boolean	Set to true to limit implementation options that an API Designer can choose from.
implementation.method.pipeline	boolean	True to allow using Pipelines and Tasks as implementation method
implementation.method.script	boolean	True to allow using Scripts as implementation method
implementation.method.proxy	boolean	True to allow using Proxy as implementation method
implementation.allow.override.per.operation	boolean	If true, and API Designer can override implementation settings per operation -if false, he can only specify them for the entire API.
publish.allow	boolean	Set to true to allow an API Designer to publish APIs
environments	array of strings	List of environment names that an API can be published to. Leave empty for no restrictions
destinations	array of strings	List of destination names that proxying is restricted to. Leave empty for no restrictions

API Group

API Groups contain 0 or more APIs. An API Group is a collection of APIs

Example:

{
  "name": "Demonstration APIs",
  "description": "APIs used for demonstration purposes",
  "id": "e48ca5ab-6cfa-4c4e-bb48-891d370140c6",
  "apiids": [...]
}

One API Group has these fields:

Name	Type	Description
id	string	A unique ID for this API Group - cannot be changed after the API Group has been created.
name	string	The name of this API Group
tags	array of strings	List of tags that can be used to identify this API - useful for categorizing and searching APIs
description	string	A description of the API Group
apiids	array of strings	A list of API IDs that belong to this group.
restrict.access.read	array of strings	If non-empty, the user logged into the console needs to have at least one of these groups in order to be able to see this API group, and any APIs and API Versions within it.
restrict.access.write	array of strings	If non-empty, the user logged into the console needs to have at least one of these groups in order to be able to make any changes to this API group, and any APIs and API Versions within it.

API

An API exists inside an API Group

Example:

{
  "id": "73a02c77-c856-49fa-a1b0-be31ee8d808a",
  "groupid": "e48ca5ab-6cfa-4c4e-bb48-891d370140c6",
  "name": "Demo",
  "description": "Demo API",
  "subscription.required": true,
  "subscriptionplans": [
    "4841e9f5-2af5-4e42-ac1d-6b19be04c446",
    "109ec49f-2399-410a-8bd9-975a5e9d48a3"
  ],
  "versionids": [...]
}

One API has these fields:

Name	Type	Description
id	string	A unique ID for this API - cannot be changed after the API has been created. This ID needs to be unique across all APIs, not just the ones within the same API Group.
groupid	string	ID of the API Group this API belongs to
name	string	The name of this API
apiprofile	string	The name of an API Profile to use with this API.
tags	array of strings	List of tags that can be used to identify this API - useful for categorizing and searching APIs
override.apiprofile.subscription	boolean	Must be set to true to override subscription settings specified an an API Profile - if set to false (the default) and if an API profile is configured for this API, the subscription settings from the API profile will be used.
description	string	A description of the API
subscription.required	boolean	If true, a subscription is required in order to access this API, if false, no subscription is required and the API is accessible for everyone assuming no additional security has been configured for it.
deprecated	boolean	(as of Ceptor 6.3) If true, the entire API is marked as deprecated and administrators and developers will be warned handling this API in the administration console and developer portal. This value will overwrite any values defined in API version specifications and definitions.
subscriptionplans	array of strings	If subscription.required is set to true, this contains the list of IDs of the subscription plans that are applicable for this API - this list determines which plans an API Partner Application can subscribe to.
versionids	array of strings	A list of API Version IDs, each represent a version present in this API.

API Version

An API Version represents a single version of an API - one API can have many versions.

Example:

{
  "id": "546d4bb7-3e91-44b2-8798-1a2b753828f5",
  "apiid": "73a02c77-c856-49fa-a1b0-be31ee8d808a",
  "name": "v1",
  "tags": [
    "demo",
    "mock"
  ],
  "description": "Version 1 of the API",
  "basepath": "/hello/v1",
  "apitype": "openapi",
  "private": false,
  "cors": true,
  "implementation": {"Sandbox": {"/hello": {"get": {
    "proxy": {},
    "script": "var response = {\n  text: 'How nice of you to call me'\n};\ncontext.respond(200, 'OK', 'application/json', JSON.stringify(response));\n",
    "pipeline": {},
    "type": "script",
    "override": true,
  }}}},
  "security": {"authorization": {
    "failure": {"action": "respond"},
    "noauthorization.for.options": false,
    "roles": []
  }},
  "openapispec": {...},
  "wsdl": "<?xml version="1.0" encoding="utf-8"?>....",
  "deployed": ["Sandbox"],
  "documentation": "<h1>Example documentation</h1>"
}

One API Version has these fields:

Name

Type

Description

id

string

Unique ID for this API Version

apiid

string

ID of the API this version belongs to

name

string

The name of this API Version

tags

array of strings

List of tags that can be used to identify this API - useful for categorizing and searching APIs

description

string

A short description

basepath

string

The base path of the API - any operations defined are relative to this path, so all URIs must start with this.

apitype

string

Type of API, must be openapi for REST openapi services - Support API specifications are Swagger 2.0 / OpenAPI 2 or OpenAPI 3.x compatible.

Can also be soap for SOAP / WSDL services, and plainhttp for plain HTTP services without any schema available.

override.apiprofile.security

boolean

If an API profile is specified, and the API profile has defined default security settings, its settings will be used unless this flag is set to true.

So in order to use the security object here, the flag needs to be set if an API profile is configure.

override.apiprofile.requestmodification

boolean

If an API profile is specified, and the API profile has defined default request modification settings, its settings will be used unless this flag is set to true.

So in order to use the requestmodification object here, the flag needs to be set if an API profile is configure.

implementation

JSON Object

Contains information about the implementation of the API in each environment

implemenation.oneforall

boolean

Set to true to use a single implementation for all environments. If false, one implementation is used for each environment.

security

JSON Object

Specifies the security requirements for this API Version.

openapispec

JSON Object

The OpenAPI 2 or 3.x specification for this API Version.

remote.openapispec

url

If set, the openapi specification is loaded from the remote URL - in that case, it is not stored locally but instead refreshed periodically (how often depends on gateway configuration).

If API specification is loaded from remote, it cannot be edited locally in the API Management API editor, and implementation as well as individual security settings can only be created on the API level not the operation level.
This restriction exists since the individual operations can change from time to time so the gateway will treat all operations within the API as the same, letting the implementation decide what to do.

remote.openapispec.loadfromdestination

boolean

If remote.openapispec is not empty, and this flag is set then the OpenAPI spec will be loaded by the API gateway from one of the target servers specified in the destination. This allows customization of SSL options, load balancing etc.

If set to false, the request will be loaded from the URL directly, with default JVM settings.

wsdl

string

For SOAP services, no openapispec is present, instead the WSDL contains the description of the service.

deployed

array of strings

Specifies which environments this API is deployed in (or published into).

cors

boolean

If true, CORS support is enabled for this API. If you have specific requirements, about .e.g only certain origins, you can specify filters and change HTTP response headers in Locations in the Ceptor Gateway.

private

boolean

If true, even if an API is deployed/published to an environment, and thus accessible by consumer it will not be available and visible in the Developer Portal

deprecated

boolean

(as of Ceptor 6.3) If true, the API version is marked as deprecated and hence all operations will be handled as deprecated. Administrators and developers will be warned handling this API version in the administration console and developer portal. If the API version is not deprecated individual operations can still be marked as deprecated through the OpenAPI specification.

documentation

html string

Documentation in HTML that can be viewed in the developer portal.

implementation

<environment name>
"*"

string

Name of environment for which this implementation is defined.

If "*" is used, this implementation is used if an implementation for the specific environment does not exist, or if implementation.oneforall is set to true so the same implementation is used for all environments.

The value is a JSON Object similar to the OpenAPI paths object, where each path and method is defined, with e.g.

"/path": {
  "method": {
    // implementation of "method" (e.g. get, post or put) in the path "/path"
  }
}

or.

"": {
  "*": {
    // Default implementation for all operations in the API
  }
}

.. path

JSON Object

Name of the path of the operation, the value is a JSON Object with "method" = implementation

.. .. method

JSON Object

Name of the method to specify an implementation for, within the given path.

Note that "*" (a star) will match any incoming request method

Important: If the path is set to "" and the operation "*" then this implementation is the default one for all operations in the API, unless a particular operation overrides the default by setting its override=true for its own path/method.

Implementation JSON contents

The contents of the JSON implementation object is as follows

type

string

Specifies the type of implementation, supported values are:

script
The implementation of the API is a script, which is invoked when the API returns.
proxy
The API Gateway proxies the request to a destination defined for the environment, so the actual implementation of the API is on another server which the request is forwarded to.
pipeline
The API Gateway implements this API as Pipelines and Tasks - which can consist of any combination of tasks executed for this API.

override

boolean

For an operation, set to true to override the default for a particular API - allows to customize implementation per operation or reused a global implementation for the entire API.

script

string

Gateway script which executes the API - see Scripts and Macros and Task - Execute script for info.

This script is invoked if the apitype is set to script.

proxy

JSON Object

If the apitype is set to proxy then these settings apply

destination

string

Name of destination to proxy requests to. This name must be defined for the environment this API is published in. If null then the custom.destination must be defined.

custom.destination

JSON Object

If set, and if the destination name is set to null, this represents a new custom destination for this API / Operation - any settings for a regular gateway destination can be configured here.

See Config - Destinations for details.

pipeline

JSON Object

Contains the pipelines / tasks which executes this API Version - see Config - Pipelines for details about contents.

requestmodification

JSON Object

Contains request modification options, allowing to set URL rewrite, request attributes, headers and cookies as well as modification of response headers and cookies

urlrewrite

JSON Object

See Gateway Config - Locations - URLRewrite

request.headers

JSON Object

See Gateway Config - Locations - RequestHeaders

request.cookies

JSON Object

See Gateway Config - Locations - RequestCookies

request.attributes

JSON Object

See Gateway Config - Locations - RequestAttributes

response.headers

JSON Object

See Gateway Config - Locations - ResponseHeaders

response.cookies

JSON Object

See Gateway Config - Locations - ResponseCookies

security

authorization

JSON Object

Contains security authorization information - can contain exactly the same information as an authorization object on a gateway location - see Config - Locations for details about the contents.

Note that any roles listed in authorization can be used to restrict which API Partners have access to view/subscribe to the API.

authentication

JSON Object

Contains security authentication information - contains information about what authentication types to request/support in case the client is not authenticated by other means when the request reaches the API Gateway's API location.

authentication

Contents of the authentication JSON object

apikey

boolean

true if API key authentication is supported for this API.

basicauth

boolean

true if basic authentication (using API Partner Application's client_id and secret) is supported for this API.

oauth2

boolean

true if oauth2 authentication should be enabled - the specific flow and token urls are taken from the environment configuration in the environment the API is published.

clientcert

boolean

true if SSL client certificate authentication should be enabled.

apikey.headername

string

Name of HTTP header that API key is expected in - defaults to ceptor-apikey

oauth2.scopes

JSON Array of JSON objects

List of scopes to use when requesting OAuth2 authentication - this is required to be a non-empty list when oauth2 is true.

Each JSON object in the list has two required elements;

name
Scope name
description
Scope description

oauth2.flow

string

OAuth2 Flow - must be one of

implicit
OAuth2 Implicit flow
clientCredentials
The application logs in using client credentials (client_id and client_secret for the API owner).
authorizationCode
The application logs the user in, obtains an authorization code, and then uses its client_id / client_secret to exchance the code for an access token.

openidconnect

boolean

true, if openid connect authentication should be enabled - i this case, the client gets its information from the OpenID Connect Discovery URL for a particular environment - this only works for openapi3 APIs, not for openapi2 APIs

advanced

JSON object

Can contain settings for advanced authentication

advanced

Contents of the advanced JSON object

authentication.script

string

Script which is executed when API is called to perform additional authentication - this is called no matter if authentication already has completed by other means or not.

openapispec

This OpenAPI Specification depends on the apitype - it is either OpenAPI 2.0 or 3.x - see https://github.com/OAI/OpenAPI-Specification for details.

API Partner

An API Partner contains a number of API Partner applications.

Example:

{
  "name": "Test1",
  "id": "437a175a-58ff-4dac-a515-a1f9e2966786",
  "applicationids": ["e03f3c8d-ebe7-444b-bb3c-e3074ee2ace5"],
  "roles": ["internal-apis", "management-apis"],
  "developers": [
    {
      id: "b82b3691-d5e8-4d28-882f-45a4e8efa847",
      role: "OWNER"
    }
  ]
}

The API Partner has these fields:

Name	Type	Description
id	string	Unique ID of this partner.
name	string	Name of this API Partner
description	string	Description of the API Partner
contact	string	Contact information
applicationids	array of strings	List of application IDs identifying each partner application that is registered for this partner.
roles	array of strings	The roles assigned to this partner. The roles will be matched against API roles so applications in this partner can only subscripe to API complying with these roles
developers	array of JSON objects	List of developers of this application
id	string	Developer ID
role	string	Role name

API Partner Application

AN API Partner application is the application definition where APIs are subscriped to, access is defined, etc.

{
	"id":"f83bb6fd-4252-4526-8bd0-49d973a41603",
	"name":"MyMobileApplication",
	"description":"The best of our applications",
	"partner_id":"15ed2323-2913-4f09-b1c2-4694c7c50de5",
	"client_id":"1a32f78d-83dc-488b-9e22-50b02e9328d1",
	"client_secret":"f2add5d3-e67a-415f-8163-a751d7566047",
	"apikeys": [
		"1b119b37-e43b-46e3-9343-7cf26cec17ef"
	],
	"allowed_scopes": [
		"openid","email","profile"
	],
	"valid_grant_types": [
		"implicit","authorization_code","hybrid","client_credentials"
	],
	"developers": [
	],
	"accesstoken_type":"UUID",
	"allowed_uris": [
		"/redir1"
	],
	"allowed_logout_uris": [
		"/logoff1"
	],
	"accesstoken_valid_seconds":60,
	"refreshtoken_validity_seconds":60,
	"maximum_idtoken_expiration_minutes":12,
	"confidential": false,
	"refreshtoken_invalidate_on_use": false,
	"refreshtoken_issue_new_on_use": false,
	"subscriptions": {
		"c819724f-69e3-46bf-86d9-b15e59d1ffb0":"4841e9f5-2af5-4e42-ac1d-6b19be04c446"
	},
    "pending_subscriptions": [
        {
            "apiid": "73a02c77-c856-49fa-a1b0-be31ee8d808a",
            "subscriptionplan_id": "4841e9f5-2af5-4e42-ac1d-6b19be04c446",
            "comment_requestor": "Please grant me access",
            "comment_response": "Certainly, enjoy",
            "unread": false,
            "action_id": "xxxxxx",
            "approved": true,
            "rejected": false
        }
    ],
	"certificates": [
		{
			"subject": "C=IO,OU=Ceptor,CN=Person",
			"issuer": "C=IO,OU=Ceptor,CN=CA 1",
			"certificate": "MIIDVDCCAjygAwIBAgIHA9bbH0Y2ADANxxxxxxx ..... ==",
			"developer": null,
			"certificate.allow.expired": false,
			"certificate.skip.chain.checks": false
		}
	]
}

The API Partner application has these fields:

Name	Type	Description
id	string	Unique ID of this application.
name	string	Name of this API Partner application
description	string	Description of the API Partner application
partner_id	string	Unique ID of the application this partner is linked to
client_id	string	The client ID that can authenticate this application
client_secret	string	The secret for the provided client id mentioned above
confidential	boolean	If true, client is confidential and client_secret must always be used
refreshtoken_invalidate_on_use	boolean	If true, a refresh_token is invalidated when used, meaning it can be used only a single time
refreshtoken_issue_new_on_use	boolean	If true, a new refresh_token is issued when the old one is used
apikeys	array of strings	List of API keys that can be used to authenticate this application if allowed
allowed_scopes	array of strings	Specifies which scopes the application is allowed to request.
valid_grant_types	array of strings	The allowed grant types that this application is allowed to use
accesstoken_type	string	The type of OAuth2 access token can be either UUID, or JWT - if it is a UUID, it can be used as a key - e.g. a bearer token, which is presented during authentication. If JWT, the access token is a signed JWT (JSON Web Token) containing information about the user
allowed_uris	array of strings	OAuth2 redirect URIs for the application
allowed_logout_uris	array of strings	OAuth2 Logout URIs which are allowed for this application
accesstoken_valid_seconds	number	If set, overrides the time an issued OAuth2 access token is valid for
refreshtoken_validity_seconds	number	If set, this is the number of seconds that an OAuth2 access token is valid for.
maximum_idtoken_expiration_minutes	number	If set, this is the number of minutes that an issued ID token is valid for
subscriptions	array of JSON objects	List of JSON Objects with API unique ID as key and subscription plan unique ID as value.
developers	array of JSON Objects	List of JSON objects with developers
id	string	The UID of the developer
role	string	The developer role for this application (OWNER, DEVELOPER, READ_ONLY)
certificates	array of JSON Objects	List of JSON objects with SSL/TLS client certificate information
subject	string	Certificate Subject DN
issuer	string	Certificate Issuer DN
certificate	string	certificate, DER encoded and base64 encoded. Subject and Issuer MUST match the certificate.
developer	string	ID of developer who added the certificate in developer portal, if any.
certificate.allow.expired	boolean	True if expired certificate is allowed
certificate.skip.chain.checks	boolean	True if certificate chain, revocation etc. check should be skipped and request trusted if client cert matches this cert.
pending_subscriptions	array of JSON objects	List of JSON objects with pending subscription requests
apiid	string	API ID
subscriptionplan_id	string	Subscription Plan ID
comment_requestor	string	Comment made by the requestor when requesting the subscription
comment_response	string	Comment made by the approver/rejector
unread	boolean	True if unread by API Partner
action_id	string	ID of corresponding Action created for this request
approved	boolean	True, if request has been approved by administrator
rejected	boolean	True, if request has been rejected by administrator

API Developer

An API develop is a user with access to the developer portal and creator/owner/developer of API Partners and applications.

Example:

{
  "id": "7933225d-6593-4201-bf14-c848226c770b",
  "credentials": "user@company.net",
  "email": "private@mail.org",
  "partners": [{
    "id": "b82b3691-d5e8-4d28-882f-45a4e8efa847",
    "role": "OWNER"
   }],
  "applications": [{
    "id": "b82b3691-d5e8-4d28-882f-45a4e8efa847",
    "role": "OWNER"
   },
   {
    "id": "a68f73691-b5e3-2328-882f-48712ab81247",
    "role": "OWNER"
   }]
}

One API Developer have these fields:

Name	Type	Description
id	string	The ID of this API Developer - cannot be changed after the developer has been created.
credentials	string	The credentials this user is using to log into the developer portal (matching a challenge in the user admin database)
email	string	Contact email for the API developer
partners	array of JSON Objects	A list of API Partners this developer is assigned to and which role
id	string	The UID of the partner
role	string	The developer role for this partner (OWNER, READ_ONLY, NONE)
applications	array of JSON Objects	A list of API Partner Applications this developer is assigned to and which role
id	string	The UID of the application
role	string	The developer role for this application (OWNER, DEVELOPER, READ_ONLY)