API Visibility
API visibility in super-tenant mode
When creating an API in the super tenant mode using API Publisher, you can set its level of visibility to either Public
or Restricted by Roles
in the Add New API page as shown below.
- Public : The API is visible to all subscribers as well as anonymous users of the API store
- Restricted by Roles : The API is visible only to specific roles
When Restricted by Roles
is selected, a new field called Visible to Roles appears where you can specify the user roles that have access to the API. These roles can be given in a comma-separated list (no spaces).
After a created API is published, it becomes visible in the API Store. Subscribers can see an API depending on its visibility level as follows:
- Anonymous users : All APIs with
Public
visibility - Signed-up users : All APIs with
Public
visibility as well asRestricted by Roles
APIs that are visible to a role the user is assigned to
API visibility in multi-tenant mode
When creating an API in the tenant mode using API Publisher, you can set its level of visibility to either Public,
Restricted by Roles
or Restricted by Tenants
in the Add New API page as shown below.
- Public : The API is visible across all the tenants as well as anonymous users of the API store
- Restricted by Roles : The API is visible only to specific roles within a tenant space
- Restricted by Tenants : The API is visible among a set of selected tenants
When Restricted by Roles
is selected, a new field called Visible to Roles appears where you can specify a set of roles within a tenant space that has access to the API. These roles can be given in a comma-separated list (no spaces). If no roles are specified here, API will be visible to all users in this tenant space.
When Restricted by Tenants
is selected, a new field called Visible to Tenants appears where you can specify a set of tenant domains that has access to the API. These domains can be given in a comma-separated list (no spaces).
After a created API is published, it becomes visible in the API Store. In a multi-tenant environment, the API Store has two views. One is the public API Store and the other is the tenant's API Store. The APIs, a subscriber sees depend on their visibility levels as well as which API Store s/he is looking at.
APIs in the public API Store
Any user can log in to the public API Store and subscribe to APIs. Subscribers can see an API depending on its visibility level as follows:
- Anonymous users : All APIs with
Public
visibility - Signed-up users : All APIs with
Public
visibility as well asRestricted by Tenants
APIs that were created within the current user's tenant domain
There is a link in the public API Store that directs users to the tenant’s API Store. Tenant's API Store is the API Store specific to the tenant domain the user belongs to. You can also access it with the URL http://<hostname>/Store?tenant=<tenantdomain.com>
.
APIs in the tenant's API Store
Any subscriber viewing his/her tenant's API Store can see an API depending on its visibility level as follows:
- Anonymous users:
- APIs that have
Public
visibility and created within the current user's tenant domain APIs that have
Public
visibility and created by non-tenant users
- APIs that have
- Signed-In/Logged in users :
- APIs that have
Public
visibility and created within the current users tenant domain - APIs that have
Public
visibility and created by non tenant users Restricted by Tenants
APIs created within the current user's tenant domainRestricted by Tenants
APIs shared within the current user's tenant domainRestricted by Roles
APIs created within the current user's tenant domain and are allowed to be accessed by the role of the current user
- APIs that have
Go back to API Visibility field in Creating an API page.