Versions Compared

Old Version 8

changes.mady.by.user Former user

Saved on

compared with

New Version 9

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

You block APIs by subscriptions. That is, a given user is blocked access to a given API subscribed to using a given application. If a user is subscribed to two APIs using the same application and you block access to only one of the APIs, s/he can still continue to invoke the other APIs that s/he subscribed to using the same application. Also, s/he can continue to access the same API subscribed to using different applications.

 Blocking can be done in two levels:

...

Note

See the following topics for a description of the concepts that you need to know when you block subscriptions to an API:

...

  1. Log in to the API Publisher.
  2. Create two APIs by the names TestAPI1 and TestAPI2 and publish them to the API Store.
    Image Added
  3. Log in to the API Store. Click the APIs menu and note that the two APIs are visible in the APIs page.
    Image Added
  4. Subscribe to both APIs using the same application. You can use an existing application or create a new one. 
    Image Added
  5. Go to the My Subscriptions page and create an access token to the default application.
    Image Added

  6. Invoke both APIs using the access token you got in the previous step. We use cURL here. The command is,

    Code Block
    curl -k -H "Authorization: Bearer <access token>" '<API URL>'

    Be sure to replace the placeholders as follows:

    • <access token>: Give the token generated in step 5

    • <API URL>: Go to the API's Overview tab in the API Store and copy the production URL and append the payload to it. 

    Here's an example:

    Code Block
    curl -k -H "Authorization: Bearer f5aa6e4c3e592339a4a64f4a05c1eb8" 'https://gateway.api.cloud.wso2.com:8243/t/companyn/test1/1.0.0/CheckPhoneNumber?PhoneNumber=18006785432&LicenseKey=0'

    Image Added
    You have subscribed to two APIs and invoked them successfully. Let's block one subscription and see the outcome.

  7. Log back to the API Publisher.
  8. Click the Subscriptions menu to open the Subscriptions page. It shows all APIs/applications that each user is subscribed to.
    Image Added  
  9. Block subscription for TestAPI1 using the DefaultApplication. Select the production and sandbox option and click the Block link.
    Image Added
  10. Note that the Block link immediately turns to Unblock, allowing you to activate the subscription back at any time.
  11. Log back to the API Store.

  12. Invoke the two APIs (TestAPI1 and TestAPI2) again.

    Note

    You might have to regenerate the access token for DefaultApplication if the access token expiration time (1 hour by default) has passed since the last time you generated it. You can refresh the access token by going to the My Subscriptions page in the Store.

  13. Note that you can invoke TestAPI2 again but when you invoke TestAPI1, it gives a message that the requested API is temporarily blocked. Neither the API creator nor any subscriber can invoke the API until the block is removed.
    Image Added
  14. Go to the My Subscriptions page in the API Store, select the application that you used to subscribe to the API and note that your subscription is blocked.
    Image Added
  15. Go back to the API Publisher's Subscriptions page and unblock the subscription. 
  16. Invoke TestAPI1 again and note that you can invoke it as usual.

You have subscribed to two APIs, blocked subscription to one and tested that you cannot invoke the blocked API.