Add an API
An API is the technical representation of a product. APIs can belong to one or more Services.
Last updated
An API is the technical representation of a product. APIs can belong to one or more Services.
Last updated
The APIs section of My Hub will contain the technical specifications and access controls for your APIs.
Use the Upload APIs button to upload API definition (OAS) files. Open API 2.0, 3.0 and 3.1 standards are supported. The API calls contained in your OAS file will be automatically parsed and displayed to consumers.
YAML files are currently not supported, only JSON.
Expanding an API entry with the drop-down arrow will show you the Base URL, endpoints, and further details rendered from the OAS file.
Please note that only one Base URL will be used from the definition. Multiple servers in one API will not be handled by the gateway. If you have multiple servers in your OAS definition, the first one will be used.
You can now continue to Assign Access Control. This will bring you to the Access Controls tab where you specify authorization details used by your API.
Access Control provides the authentication between the apinity marketplace and your API endpoint. It is not shared with the consumers. They will use their own Consumer Clients to authenticate to your service after they subscribed, and apinity will use your Access Control to forward their request to you.
Access Control is optional. It allows for hands-off onboarding of consumers, leaving the authorization flow entirely to be handled by the marketplace.
If you skip Access Control, it is assumed that your API endpoint does not require authentication (e.g. a test or demo API), or that you provide the consumers with individual authorization tokens.
Access Controls can be freely assigned and unassigned to the uploaded APIs.
One access control can be assigned to one or multiple APIs.
You can choose from the following authentication types and methods:
All your access controls will be listed in a table, and you can use the popup menu to Edit and Assign them to an API.
The assigning dialogue will highlight APIs that already have access controls. If you assign a new access control to these, it will replace their existing one.
You may also see APIs flagged as invalid. These have incorrect or incomplete technical specification, and cannot have access control assigned at this point.
Static credentials | Token endpoint |
---|---|
Once you successfully uploaded an API and decided your access control, you can use the API in a Plan.
Basic Auth
OAuth2 with grant type password
Header with API Key
OAuth2 with grant type client credentials
Header with Username and Password
HMAC
Header with authentication key
JSON payload