Data Structures

Here is a description of the data structures used for API Management, API Partners and definitions - this is useful for Administration APIs that manipulate installed APIs.


Overview

  • Environment - An environment is a place that an API Version is deployed in, it can be e.g. Sandbox, Development, Test, Production - any number of environments can be configured.
  • Rate Limit Group - A Rate Limit Group contains limitations on how often an API can be accessed, it could e.g. be 100 calls per week, but at most 10 per second.
  • Subscription Plan - A subscription plan is a specific type of subscription which references a Rate Limit Group. If subscription is required to an API, you can select among the different configured subscription plans.
  • API Profile - an API Profile allows you to specify e.g. security settings that are shared across APIs - it also allows you to limit various choices for API Designers so they get less options to choose from.
  • API Group - an API Group is a container, it can also be thought of as a category for APIs - it can contain any number of APIs which in turn contains API versions.
  • API - An API exists in a particular API Group, and contains API Versions. Access to an API can be limited by subscriptions and subscription plans.
  • API Version - An API version is a specific version of an API - it contains information about the API itself, its structure, input/output data and its implementation.
  • API Partner - An API Partner has information about a partner or consumer of APIs - A partner can be thought of as a specific group or organisation that has applications which use your published APIs.
  • API Partner Application - An API Partner can have a number of applications defined for him - each application can subscribe to different APIs.
  • Developer - A Developer can login to the developer portal and manage his API Partner and applications and perform actions such as subscribing to an API. One Developer can have access to multiple API Partners and applications.
  • API Designer - An API Designer designs APIs, creates new APIs and API Versions that are exposed to your Partners.

Environment

An environment specifies a place where an API can be published to. An API Gateway serves the APIs published to one or more environments.

Example:

Environment Example
{
  "name": "Sandbox",
  "description": "Sandbox environment, used for initial testing of APIs, playing around with new versions",
  "destinations": [{
    "name": "worldbank_sandbox",
    "description": "World Bank API",
    "http2.enable": true,
    "keepalive.enable": true,
    "sticky": false,
    "cookiesnapper": {},
    "targets": [{
      "name": "api.worldbank.org",
      "port": 80,
      "host": "api.worldbank.org",
      "scheme": "http"
    }],
  "baseurl": "https://api-sandbox.ceptor.io/",
  "gateway.config.name": "gateways"
}
NameTypeDescription
namestringName of this environment. 
descriptionstringDescription of the environment
destinationsarray of JSON Objects

Contains any destinations available in this environment - destinations are clusters of servers serving this API - they can be used when proxying API calls from the gateway to the destinations.

Each destination is a full destination containing all the capabilities you can define within the Ceptor Gateway.

See Ceptor Gateway and Config - Destinations for more information about destinations.

baseurlstringContains the base URL to add to the OpenAPI specification for any API when it is published to this environment.
oauth2.authorizationurlurlThe OAuth2 authorization url for this environment - used when OAuth2 authentication is enabled for an API.
oauth2.tokenurlurlThe OAuth2 token url for this environment - used when OAuth2 authentication is enabled for an API.
openidconnect.discoveryurlurlThe OpenID Connect discovery url for this environment - used when OpenID Connect authentication is enabled for an API.
gateway.config.namestring

Name of configuration server entry that API gateways within this environment are using. This used to read pre-configured destinations, canned replies etc. from when making them available to the API implementation.

Default is "gateways".

Rate Limit Group

A Rate Limit Group contains a list of limits on API usage that can be used from different Subscription Plans.

Example:

Rate Limit Group Example
{
  "id": "7933225d-6593-4201-bf14-c848226c770b",
  "name": "Basic",
  "description": "Basic rate limit",
  "limits": [
    {
      "value": "100",
      "unit": "hour"
    },
    {
      "value": "5",
      "unit": "second"
    }
  ]
}

One Rate Limit Group has these fields:

NameTypeDescription
idstringThe ID of this rate limit group - cannot be changed after the group has been created.
namestringThe name of this rate limit group.
descriptionstringAn optional description for this rate limit group.
limitsarray of JSON ObjectsA list of limitations on the rate of calls for this API, e.g. 100 calls per hour, or 5 per second.
  • value
integerNumber of calls per time unit
  • unit
string

Contains the time unit for this limit, this is the unit for which the value counts.

Can be either second, minute, hour, day, week, month or year

Subscription Plan

A subscription plan is tied to a rate limit group - it specifies the limitations of the API calls. APIs can be assigned to require subscriptions from specific subscription plans in order to be accessible from API Partners.

Example:

Subscription Plan Example
{
  "id": "4841e9f5-2af5-4e42-ac1d-6b19be04c446",
  "name": "Free",
  "description": "Free plan",
  "default": true,
  "requires_approval": true,
  "ratelimitgroup": "7933225d-6593-4201-bf14-c848226c770b"
}

A Subscription Plan has these fields:

NameTypeDescription
idstringID of this subscription plan. Cannot be changed after creation.
namestringName of this subscription plan
descriptionstringDescription of this plan
defaultbooleanIf true, when new APIs are created, this subscription plan will be added to them by default.
ratelimitgroupstringThe ID of the rate limit group that limits the number of calls to the APIs in this subscription plan.
requires_approvalbooleanIf true, subscriptions to this API plan requires administrator approval.

API Profile

An API Profile is used to specify a set of common rules and limitations for API Designers - e.g. allowing publishing APIs in a specific set of environments, specifying common security settings, not allowing overriding of these settings etc. etc.

Example:

API Profile Example
{
  "name": "Internal",
  "description": "Internal APIs.\nThis profile is used by internal APIs, and specifies the default settings for them.",
  "roles": [],
  "publish.allow": true,
  "environments": ["Internal"],
  "security.specify.defaults": true,
  "security.allow.override": false,
  "security.allow.override.per.operation": false,
  "implementation.limit.methods": true,
  "implementation.method.pipeline": true,
  "implementation.method.script": true,
  "implementation.method.proxy": false,
  "destinations": [],
  "implementation.allow.override.per.operation": true,
  "subscription.required": false,
  "subscription.allow.override": false,
  "requestmod.specify.defaults": true,
  "requestmod.allow.override": false,
  "security": {
    "authorization": {
      "noauthorization.for.options": false,
      "roles": ["adminusers"],
      "server.identifier": "none"
    },
    "authentication": {
      "apikey": false,
      "apikey.headername": "ceptor-apikey",
      "basicauth": true,
      "clientcert": false,
      "bearer": false,
      "oauth2": false,
      "openidconnect": false,
      "oauth2.scopes": [],
      "advanced": {}
    }
  },
  "requestmod": {
    "cookiesnapper": {"pattern": "jsessionid"},
    "plugin": {}
  },
  "subscriptionplans": [
    "Free",
    "Premium"
  ]
}

An API Profile has these fields:

NameTypeDescription
namestringName of this API Profile
descriptionstringDescription of this API Profile
rolesarray of stringsIf not empty, an API Designer needs one of these roles in order to be able to use the API Profile and select it for an API.
subscription.allow.overrideboolean
subscription.requiredbooleanIf true, a subscription is required in order to access this API, if false, no subscription is required and the API is accessible for everyone assuming no additional security has been configured for it.
subscriptionplansarray of stringsIf subscription.required is set to true, this contains the list of IDs of the subscription plans that are applicable for this API - this list determines which plans an API Partner Application can subscribe to.
requestmod.specify.defaultsbooleanIf true, request modification defaults are configured in the requestmodification object. See
requestmod.allow.overridebooleanIf true, an API Designer is allowed to override requestmodification settings.
requestmodJSON ObjectSee API Version requestmodification object.
security.specify.defaultsbooleanSet to true to specify security defaults for this API Profile
security.allow.overridebooleanIf true, an API Designer is allowed to override security settings on an API Version
security.allow.override.per.operationbooleanIf true, an API Designer is allowed to specify security settings per operation
securityJSON ObjectSee API Version security object.
implementation.limit.methodsbooleanSet to true to limit implementation options that an API Designer can choose from.
implementation.method.pipelinebooleanTrue to allow using Pipelines and Tasks as implementation method
implementation.method.scriptbooleanTrue to allow using Scripts as implementation method
implementation.method.proxybooleanTrue to allow using Proxy as implementation method
implementation.allow.override.per.operationbooleanIf true, and API Designer can override implementation settings per operation -if false, he can only specify them for the entire API.
publish.allowbooleanSet to true to allow an API Designer to publish APIs
environmentsarray of stringsList of environment names that an API can be published to. Leave empty for no restrictions
destinationsarray of stringsList of destination names that proxying is restricted to. Leave empty for no restrictions

API Group

API Groups contain 0 or more APIs. An API Group is a collection of APIs

Example:

API Group Example
{
  "name": "Demonstration APIs",
  "description": "APIs used for demonstration purposes",
  "id": "e48ca5ab-6cfa-4c4e-bb48-891d370140c6",
  "apiids": [...]
}

One API Group has these fields:

NameTypeDescription
idstringA unique ID for this API Group - cannot be changed after the API Group has been created.
namestringThe name of this API Group
tagsarray of stringsList of tags that can be used to identify this API - useful for categorizing and searching APIs
descriptionstringA description of the API Group
apiidsarray of stringsA list of API IDs that belong to this group.
restrict.access.readarray of stringsIf non-empty, the user logged into the console needs to have at least one of these groups in order to be able to see this API group, and any APIs and API Versions within it.
restrict.access.writearray of stringsIf non-empty, the user logged into the console needs to have at least one of these groups in order to be able to make any changes to this API group, and any APIs and API Versions within it.

API

An API exists inside an API Group

Example:

API Example
{
  "id": "73a02c77-c856-49fa-a1b0-be31ee8d808a",
  "groupid": "e48ca5ab-6cfa-4c4e-bb48-891d370140c6",
  "name": "Demo",
  "description": "Demo API",
  "subscription.required": true,
  "subscriptionplans": [
    "4841e9f5-2af5-4e42-ac1d-6b19be04c446",
    "109ec49f-2399-410a-8bd9-975a5e9d48a3"
  ],
  "versionids": [...]
}

One API has these fields:

NameTypeDescription
idstring

A unique ID for this API - cannot be changed after the API has been created.

This ID needs to be unique across all APIs, not just the ones within the same API Group.

groupidstringID of the API Group this API belongs to
namestringThe name of this API
apiprofilestringThe name of an API Profile to use with this API.
tagsarray of stringsList of tags that can be used to identify this API - useful for categorizing and searching APIs
override.apiprofile.subscriptionbooleanMust be set to true to override subscription settings specified an an API Profile - if set to false (the default) and if an API profile is configured for this API, the subscription settings from the API profile will be used.
descriptionstringA description of the API
subscription.requiredbooleanIf true, a subscription is required in order to access this API, if false, no subscription is required and the API is accessible for everyone assuming no additional security has been configured for it.
deprecatedboolean(as of Ceptor 6.3) If true, the entire API is marked as deprecated and administrators and developers will be warned handling this API in the administration console and developer portal. This value will overwrite any values defined in API version specifications and definitions.
subscriptionplansarray of stringsIf subscription.required is set to true, this contains the list of IDs of the subscription plans that are applicable for this API - this list determines which plans an API Partner Application can subscribe to.
versionidsarray of stringsA list of API Version IDs, each represent a version present in this API.

API Version

An API Version represents a single version of an API - one API can have many versions.

Example:

API Version Example
{
  "id": "546d4bb7-3e91-44b2-8798-1a2b753828f5",
  "apiid": "73a02c77-c856-49fa-a1b0-be31ee8d808a",
  "name": "v1",
  "tags": [
    "demo",
    "mock"
  ],
  "description": "Version 1 of the API",
  "basepath": "/hello/v1",
  "apitype": "openapi",
  "private": false,
  "cors": true,
  "implementation": {"Sandbox": {"/hello": {"get": {
    "proxy": {},
    "script": "var response = {\n  text: 'How nice of you to call me'\n};\ncontext.respond(200, 'OK', 'application/json', JSON.stringify(response));\n",
    "pipeline": {},
    "type": "script",
    "override": true,
  }}}},
  "security": {"authorization": {
    "failure": {"action": "respond"},
    "noauthorization.for.options": false,
    "roles": []
  }},
  "openapispec": {...},
  "wsdl": "<?xml version="1.0" encoding="utf-8"?>....",
  "deployed": ["Sandbox"],
  "documentation": "<h1>Example documentation</h1>"
}

One API Version has these fields:

NameTypeDescription
idstringUnique ID for this API Version
apiidstringID of the API this version belongs to
namestringThe name of this API Version
tagsarray of stringsList of tags that can be used to identify this API - useful for categorizing and searching APIs
descriptionstringA short description
basepathstringThe base path of the API - any operations defined are relative to this path, so all URIs must start with this.
apitypestring

Type of API, must be openapi for REST openapi services - Support  API specifications are Swagger 2.0 / OpenAPI 2 or OpenAPI 3.x compatible.

Can also be soap for SOAP / WSDL services, and plainhttp for plain HTTP services without any schema available.

override.apiprofile.securityboolean

If an API profile is specified, and the API profile has defined default security settings, its settings will be used unless this flag is set to true.

So in order to use the security object here, the flag needs to be set if an API profile is configure.

override.apiprofile.requestmodificationboolean

If an API profile is specified, and the API profile has defined default request modification settings, its settings will be used unless this flag is set to true.

So in order to use the requestmodification object here, the flag needs to be set if an API profile is configure.

implementationJSON Object

Contains information about the implementation of the API in each environment

implemenation.oneforallbooleanSet to true to use a single implementation for all environments. If false, one implementation is used for each environment.
securityJSON ObjectSpecifies the security requirements for this API Version.
openapispecJSON ObjectThe OpenAPI 2 or 3.x specification for this API Version.
remote.openapispecurl

If set, the openapi specification is loaded from the remote URL - in that case, it is not stored locally but instead refreshed periodically (how often depends on gateway configuration).

If API specification is loaded from remote, it cannot be edited locally in the API Management API editor, and implementation as well as individual security settings can only be created on the API level not the operation level.
This restriction exists since the individual operations can change from time to time so the gateway will treat all operations within the API as the same, letting the implementation decide what to do.

remote.openapispec.loadfromdestinationboolean

If remote.openapispec is not empty, and this flag is set then the OpenAPI spec will be loaded by the API gateway from one of the target servers specified in the destination. This allows customization of SSL options, load balancing etc.

If set to false, the request will be loaded from the URL directly, with default JVM settings.

wsdlstringFor SOAP services, no openapispec is present, instead the WSDL contains the description of the service.
deployedarray of stringsSpecifies which environments this API is deployed in (or published into).
corsbooleanIf true, CORS support is enabled for this API. If you have specific requirements, about .e.g only certain origins, you can specify filters and change HTTP response headers in Locations in the Ceptor Gateway.
privatebooleanIf true, even if an API is deployed/published to an environment, and thus accessible by consumer it will not be available and visible in the Developer Portal
deprecatedboolean(as of Ceptor 6.3) If true, the API version is marked as deprecated and hence all operations will be handled as deprecated. Administrators and developers will be warned handling this API version in the administration console and developer portal. If the API version is not deprecated individual operations can still be marked as deprecated through the OpenAPI specification.
documentationhtml stringDocumentation in HTML that can be viewed in the developer portal.
implementation

  • <environment name>
  • "*"
string

Name of environment for which this implementation is defined.

If "*" is used, this implementation is used if an implementation for the specific environment does not exist, or if implementation.oneforall is set to true so the same implementation is used for all environments.

The value is a JSON Object similar to the OpenAPI paths object, where each path and method is defined, with e.g.

"/path": {
  "method": {
    // implementation of "method" (e.g. get, post or put) in the path "/path"
  }
}

or.

"": {
  "*": {
    // Default implementation for all operations in the API
  }
}
  • .. path
JSON Object

Name of the path of the operation, the value is a JSON Object with "method" = implementation

  • .. .. method
JSON Object

Name of the method to specify an implementation for, within the given path.

Note that "*" (a star) will match any incoming request method

Important: If the path is set to "" and the operation "*" then this implementation is the default one for all operations in the API, unless a particular operation overrides the default by setting its override=true for its own path/method.

Implementation JSON contents
The contents of the JSON implementation object is as follows
typestring

Specifies the type of implementation, supported values are:

  • script
    The implementation of the API is a script, which is invoked when the API returns.
  • proxy
    The API Gateway proxies the request to a destination defined for the environment, so the actual implementation of the API is on another server which the request is forwarded to.
  • pipeline
    The API Gateway implements this API as Pipelines and Tasks - which can consist of any combination of tasks executed for this API.
overridebooleanFor an operation, set to true to override the default for a particular API - allows to customize implementation per operation or reused a global implementation for the entire API.
scriptstring

Gateway script which executes the API - see Scripts and Macros and Task - Execute script for info.

This script is invoked if the apitype is set to script.

proxyJSON ObjectIf the apitype is set to proxy then these settings apply
  • destination
string

Name of destination to proxy requests to. This name must be defined for the environment this API is published in. If null then the custom.destination must be defined.

  • custom.destination
JSON Object

If set, and if the destination name is set to null, this represents a new custom destination for this API / Operation - any settings for a regular gateway destination can be configured here.

See Config - Destinations for details.

pipelineJSON ObjectContains the pipelines / tasks which executes this API Version - see Config - Pipelines for details about contents.
requestmodificationJSON ObjectContains request modification options, allowing to set URL rewrite, request attributes, headers and cookies as well as modification of response headers and cookies
urlrewriteJSON ObjectSee Gateway Config - Locations - URLRewrite
request.headersJSON ObjectSee Gateway Config - Locations - RequestHeaders
request.cookiesJSON ObjectSee Gateway Config - Locations - RequestCookies
request.attributesJSON ObjectSee Gateway Config - Locations - RequestAttributes
response.headersJSON ObjectSee Gateway Config - Locations - ResponseHeaders
response.cookiesJSON ObjectSee Gateway Config - Locations - ResponseCookies
security

  • authorization
JSON Object

Contains security authorization information - can contain exactly the same information as an authorization object on a gateway location - see Config - Locations for details about the contents.

Note that any roles listed in authorization can be used to restrict which API Partners have access to view/subscribe to the API.

  • authentication
JSON Object

Contains security authentication information - contains information about what authentication types to request/support in case the client is not authenticated by other means when the request reaches the API Gateway's API location.

authentication
Contents of the authentication JSON object
  • apikey
booleantrue if API key authentication is supported for this API.
  • basicauth
booleantrue if basic authentication (using API Partner Application's client_id and secret) is supported for this API.
  • oauth2
booleantrue if oauth2 authentication should be enabled - the specific flow and token urls are taken from the environment configuration in the environment the API is published.
  • clientcert
booleantrue if SSL client certificate authentication should be enabled.
  • apikey.headername
stringName of HTTP header that API key is expected in - defaults to ceptor-apikey
  • oauth2.scopes
JSON Array of JSON objects

List of scopes to use when requesting OAuth2 authentication - this is required to be a non-empty list when oauth2 is true.

Each JSON object in the list has two required elements;

  • name
    Scope name
  • description
    Scope description
  • oauth2.flow
string

OAuth2 Flow - must be one of

  • implicit
    OAuth2 Implicit flow
  • clientCredentials
    The application logs in using client credentials (client_id and client_secret for the API owner).
  • authorizationCode
    The application logs the user in, obtains an authorization code, and then uses its client_id / client_secret to exchance the code for an access token.
  • openidconnect
booleantrue, if openid connect authentication should be enabled - i this case, the client gets its information from the OpenID Connect Discovery URL for a particular environment - this only works for openapi3 APIs, not for openapi2 APIs
  • advanced
JSON objectCan contain settings for advanced authentication
advanced
Contents of the advanced JSON object
  • authentication.script
stringScript which is executed when API is called to perform additional authentication - this is called no matter if authentication already has completed by other means or not.
openapispec



This OpenAPI Specification depends on the apitype - it is either OpenAPI 2.0 or 3.x - see https://github.com/OAI/OpenAPI-Specification for details.

API Partner

An API Partner contains a number of API Partner applications.

Example:

{
  "name": "Test1",
  "id": "437a175a-58ff-4dac-a515-a1f9e2966786",
  "applicationids": ["e03f3c8d-ebe7-444b-bb3c-e3074ee2ace5"],
  "roles": ["internal-apis", "management-apis"],
  "developers": [
    {
      id: "b82b3691-d5e8-4d28-882f-45a4e8efa847",
      role: "OWNER"
    }
  ]
}

The API Partner has these fields:

NameTypeDescription
idstringUnique ID of this partner.
namestringName of this API Partner
descriptionstringDescription of the API Partner
contactstringContact information
applicationidsarray of stringsList of application IDs identifying each partner application that is registered for this partner.
rolesarray of stringsThe roles assigned to this partner. The roles will be matched against API roles so applications in this partner can only subscripe to API complying with these roles
developersarray of JSON objectsList of developers of this application
  • id
stringDeveloper ID
  • role
stringRole name

API Partner Application

AN API Partner application is the application definition where APIs are subscriped to, access is defined, etc.


Rate Limit Group Example
{
	"id":"f83bb6fd-4252-4526-8bd0-49d973a41603",
	"name":"MyMobileApplication",
	"description":"The best of our applications",
	"partner_id":"15ed2323-2913-4f09-b1c2-4694c7c50de5",
	"client_id":"1a32f78d-83dc-488b-9e22-50b02e9328d1",
	"client_secret":"f2add5d3-e67a-415f-8163-a751d7566047",
	"apikeys": [
		"1b119b37-e43b-46e3-9343-7cf26cec17ef"
	],
	"allowed_scopes": [
		"openid","email","profile"
	],
	"valid_grant_types": [
		"implicit","authorization_code","hybrid","client_credentials"
	],
	"developers": [
	],
	"accesstoken_type":"UUID",
	"allowed_uris": [
		"/redir1"
	],
	"allowed_logout_uris": [
		"/logoff1"
	],
	"accesstoken_valid_seconds":60,
	"refreshtoken_validity_seconds":60,
	"maximum_idtoken_expiration_minutes":12,
	"confidential": false,
	"refreshtoken_invalidate_on_use": false,
	"refreshtoken_issue_new_on_use": false,
	"subscriptions": {
		"c819724f-69e3-46bf-86d9-b15e59d1ffb0":"4841e9f5-2af5-4e42-ac1d-6b19be04c446"
	},
    "pending_subscriptions": [
        {
            "apiid": "73a02c77-c856-49fa-a1b0-be31ee8d808a",
            "subscriptionplan_id": "4841e9f5-2af5-4e42-ac1d-6b19be04c446",
            "comment_requestor": "Please grant me access",
            "comment_response": "Certainly, enjoy",
            "unread": false,
            "action_id": "xxxxxx",
            "approved": true,
            "rejected": false
        }
    ],
	"certificates": [
		{
			"subject": "C=IO,OU=Ceptor,CN=Person",
			"issuer": "C=IO,OU=Ceptor,CN=CA 1",
			"certificate": "MIIDVDCCAjygAwIBAgIHA9bbH0Y2ADANxxxxxxx ..... ==",
			"developer": null,
			"certificate.allow.expired": false,
			"certificate.skip.chain.checks": false
		}
	]
}


The API Partner application has these fields:

NameTypeDescription
idstringUnique ID of this application.
namestringName of this API Partner application
descriptionstringDescription of the API Partner application
partner_idstringUnique ID of the application this partner is linked to
client_idstringThe client ID that can authenticate this application
client_secretstringThe secret for the provided client id mentioned above
confidentialbooleanIf true, client is confidential and client_secret must always be used
refreshtoken_invalidate_on_usebooleanIf true, a refresh_token is invalidated when used, meaning it can be used only a single time
refreshtoken_issue_new_on_usebooleanIf true, a new refresh_token is issued when the old one is used

apikeys

array of stringsList of API keys that can be used to authenticate this application if allowed
allowed_scopesarray of stringsSpecifies which scopes the application is allowed to request.

valid_grant_types

array of stringsThe allowed grant types that this application is allowed to use

accesstoken_type

string

The type of OAuth2 access token can be either UUID, or JWT - if it is a UUID, it can be used as a key - e.g. a bearer token, which is presented during authentication.

If JWT, the access token is a signed JWT (JSON Web Token) containing information about the user

allowed_uris

array of stringsOAuth2 redirect URIs for the application

allowed_logout_uris

array of stringsOAuth2 Logout URIs which are allowed for this application

accesstoken_valid_seconds

numberIf set, overrides the time an issued OAuth2 access token is valid for

refreshtoken_validity_seconds

numberIf set, this is the number of seconds that an OAuth2 access token is valid for.

maximum_idtoken_expiration_minutes

numberIf set, this is the number of minutes that an issued ID token is valid for

subscriptions

array of JSON objectsList of JSON Objects with API unique ID as key and subscription plan unique ID as value.
developersarray of JSON ObjectsList of JSON objects with developers
  • id
stringThe UID of the developer
  • role
stringThe developer role for this application (OWNER, DEVELOPER, READ_ONLY)
certificatesarray of JSON ObjectsList of JSON objects with SSL/TLS client certificate information
  • subject
stringCertificate Subject DN
  • issuer
stringCertificate Issuer DN
  • certificate
stringcertificate, DER encoded and base64 encoded. Subject and Issuer MUST match the certificate.
  • developer
stringID of developer who added the certificate in developer portal, if any.
  • certificate.allow.expired
booleanTrue if expired certificate is allowed
  • certificate.skip.chain.checks
booleanTrue if certificate chain, revocation etc. check should be skipped and request trusted if client cert matches this cert.

pending_subscriptions

array of JSON objectsList of JSON objects with pending subscription requests
  • apiid
stringAPI ID
  • subscriptionplan_id
stringSubscription Plan ID
  • comment_requestor
stringComment made by the requestor when requesting the subscription
  • comment_response
stringComment made by the approver/rejector
  • unread
booleanTrue if unread by API Partner
  • action_id
stringID of corresponding Action created for this request
  • approved
booleanTrue, if request has been approved by administrator
  • rejected
booleanTrue, if request has been rejected by administrator


API Developer

An API develop is a user with access to the developer portal and creator/owner/developer of API Partners and applications.

Example:

Rate Limit Group Example
{
  "id": "7933225d-6593-4201-bf14-c848226c770b",
  "credentials": "user@company.net",
  "email": "private@mail.org",
  "partners": [{
    "id": "b82b3691-d5e8-4d28-882f-45a4e8efa847",
    "role": "OWNER"
   }],
  "applications": [{
    "id": "b82b3691-d5e8-4d28-882f-45a4e8efa847",
    "role": "OWNER"
   },
   {
    "id": "a68f73691-b5e3-2328-882f-48712ab81247",
    "role": "OWNER"
   }]
}

One API Developer have these fields:

NameTypeDescription
idstringThe ID of this API Developer - cannot be changed after the developer has been created.
credentialsstringThe credentials this user is using to log into the developer portal (matching a challenge in the user admin database)
emailstringContact email for the API developer
partnersarray of JSON ObjectsA list of API Partners this developer is assigned to and which role
  • id

string

The UID of the partner
  • role
string

The developer role for this partner (OWNER, READ_ONLY, NONE)

applicationsarray of JSON ObjectsA list of API Partner Applications this developer is assigned to and which role
  • id
stringThe UID of the application
  • role
stringThe developer role for this application (OWNER, DEVELOPER, READ_ONLY)



© Ceptor ApS. All Rights Reserved.