Versions Compared

Old Version 22

changes.mady.by.user Former user

Saved on

compared with

New Version 23

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Creating users and roles

In Users and roles, we  we introduced you to a set of users that are commonly found in many enterprises. Let's see how you can log in to the Management Console as an admin and create these roles.

 

To create these users in the API Manager, you log in to the management console as an administration user admin (credentials: admin/admin). Alternatively, you can use the default admin The admin use can play the creator, publisher and subscriber roles described earlier. In this section, we explain how to set up these users or custom users and roles.

  1. Log in to the management console user interface Management Console (https://<hostname>:9443/carbon) of the API Manager using admin/admin credentials.

  2. Select the Users and Roles menu under the Configure menu.
    Image Added
  3. Click the Roles link and then click Add New Role and provide creator as .
    Image Added
  4. Give the role name as creator and click Next.
  5. Click Next.
  6. Image Added
  7. A list of permissions opens. Select the following permissions from the list that opens and click Finish.
    • Configure > Governance and all underlying permissions.
    • Login
    • Manage > API > Create  
    • Manage > Resources > Govern and all underlying permissions    

    Image Added

  8. Similarly, create the publisher role with the following permissions.

    • Login
    • Manage > API > Publish
    Tip
  9. Tip: As the

    Note that the API Manager comes with the subscriber role

    is

    available

    in the API Manager

    by default

    , you do not have to create it. If you want to create a new role with subscriber permissions, you can do so with

    . It has the following permissions

    .

    :

      • Login
      • Manage > API > Subscribe
    You can now
  10. Note that you have the following roles added:
    Image Added
    Let's create users for each of those the roles. To do so, click  
  11. Click the Users and Roles menu under the Configure menu again.
    Image Added
  12. Click Users.Click the Users link and then click Add New User, provide .
    Image Added
  13. Give the username/password and click Next. For example, lets create a new user by the name apipublisher.
    Image Added

  14. Select the role you want to assign to the user (e.g., creator,  publisher or subscriber) and click and Finish. Given below is a list of usernames and the roles we assign to them in this guide.

    UsernameRole
    apicreatorcreator
    apipublisherpublisher

    Repeat the steps to create at least one user for all roles.

Creating an API

...

  1. Image Added

  2. Similarly, create a new user by the name apicreator and assign the creator role.

Creating an API

An API creator uses the API Publisher to create and publish APIs into the API Store. In this section, we explain how to create an API and attach documentation to it.

...

  1. Open the API Publisher (https://<hostname>:9443/publisher) and log in as apicreator.

  2. Click the Add link and provide the information given in the table below.

    FieldValueDescription
    Name
    PhoneVerification
    Name of API as you want it to appear in the API
    store
    Context
    /phoneverify
    URI context path that is used by to API consumers
    Version1.0.0API version (in the form of version.major.minor)

  3. Under the Resources section, create a resource by the name CheckPhoneNumber and select its GET, POST and OPTIONS methods. Once you are done, click Implement.

    Tip

    Tip: Selecting the OPTIONS method is mandatory if you want to allow subscribers to invoke the API using the API Console, which is in the API Store.

    Image Removed

  4. The The Implement tab opens. Provide the following information.

    FieldValueDescription
    Implementation methodBackend endpointIf you have a real backend implementation to your API, select that option. Else, you can specify implementation in-line. The latter approach is usually used in mock-up implementation for prototyped APIs.
    Endpoint typeHTTP endpoint 
    Production endpointhttp://ws.cdyne.com/phoneverify/phoneverify.asmx 
    Endpoint security schemeNon Secured

    If the endpoint is secured, user is asked for credentials of the backend service.

  5. Click Manage to go to the Manage tab and provide the following information.

    FieldValueDescription
    Tier AvailabilityBronze/Gold/Silver/UnlimitedThe API can be available at different level of service; you can select multiple entries from the list. At subscription time, the consumer chooses which tier they are interested in.
    TransportsHTTP/HTTPS 
    Tip

    Tip: For resources that have methods requiring authentication (i.e., Auth Type is not NONE), you set  None  as the Auth type of  OPTIONS  to support CORS (Cross Origin Resource Sharing) between the API Store and Gateway.

...

  1. Log in to the API Store (https:/ /<YourHostName>:9443/store).

  2. Click the APIs menu in the API Store and then click on the API that you want to invoke. When the API opens, go to its API Console tab.

  3. Note the changes you did in the Swagger definition earlier displayed on the console. For example, expand the GET method and see the two parameters that you added:

    Let's invoke this API using the API Console.

  4. Base URL

    Appears at the bottom of the console. Using the base URL and the parameters, the system creates the API URL in the form http://<host_name>:8280/<context>/<version>/<Resource, if any><back end service requirements included as parameters, if any>. For example, http://localhost:8280/phoneverify/2.0.0/CheckPhoneNumber. /phoneverify is the context, 2.0.0 is the version, and CheckPhoneNumber is the resource.

    Tip

    Click On the GET method, provide the required parameters and API Console, give values to the PhoneNumber and LicenseKey and clickTry it Out . The parameters you give here change depending on the backend implementation of  to invoke the API. 

    Query ParametersE.g., PhoneNumber=18006785432&LicenseKey=0AuthorizationThe API console is automatically populated by the access token that you generated in step 9 after subscribing to the API. 

    Image Added

    Tip

    Tip: If you cannot invoke the API's HTTPS endpoint (causes the SSLPeerUnverified exception), it could be because the security certificate issued by the server is not trusted by your browser. To resolve this issue, access the HTTPS endpoint directly from your browser and accept the security certificate.

    Image Removed 

  5. Note the response for the API invocation. As we used a valid phone number in this example, the response is valid.

...