Before you begin, learn more about API management. You should also be familiar with plans, applications, and subscriptions.
This quickstart guide is for API publishers creating and managing plans or approving subscriptions. To subscribe to and use a published API, see API consumers.
A default API plan is created when you publish the API through integrator.io. However, you can create other tiered plans to manage options like rate limiting and quotas. You can also manually customize your plan using the Design feature. Learn more about plans.
-
Navigate to your API → Plans.
-
Click + to create a new plan.
-
Set your Authentication type.
-
-
NOTE: OAuth2 can only be enabled using Identity and Access Management software (IAM).
-
-
-
NOTE: JWT only supports the RSA Public Key format.
-
-
-
You use API key plans to enforce verification of API keys during request processing, allowing only apps with approved API keys to access your APIs. This plan type ensures that API keys are valid, are not revoked or expired, and are approved to consume the specific resources associated with your API. API key plans offer only a basic level of security, acting more as a unique identifier than a security token, since the API key can easily be found in the app code. For a higher level of security, see OAuth 2.0 and JWT plans.
-
The API key header is
x-celigo-api-key
. You can find it at Settings menu → Settings page → Portal section.
-
-
-
Keyless plans allow public access to the API and bypass any security mechanisms on the whole request process. By default, keyless plans offer no security and are most useful for quickly and easily exposing your API to external users and getting their feedback. Due to the lack of a consumer identifier token (API key), keyless consumers are set as unknown application in the API analytics section.
-
-
-
Check scopes: Check the required scopes to access the resource. You can add scopes as needed.
-
Rate limiting: Limit how many HTTP requests an application can make in a given period of seconds or minutes.
-
Quota: Limits how many HTTP requests an application can make in a given period of hours, days, or months.
-
Resource filtering: Restrict resources according to whitelist and/or blacklist rules.
Before anyone can subscribe to your API plan, you must publish it. Don’t forget to deploy your plan first to send the latest changes. To publish:
-
Navigate to Plans → Staging.
-
Click the cloud with the arrow to publish your plan.
-
Confirm that you want your plan to be published.
Your applications allow you to consume your APIs. Generally, your API consumers would create an application in the API developer portal.
When you create new plans, you can specify auto-validation of subscriptions so API consumers can access the API as soon as they subscribe to the plan. If you set manual approval on a plan; however, you must approve subscriptions.
When publishers create new plans, they can specify auto-validation of subscriptions so consumers can access the API as soon as they subscribe to the plan. If you set manual approval on a plan; however, you must approve subscriptions by following these steps.
-
Navigate to your API and click Portal → Subscriptions.
-
Select the Pending subscription.
-
Click Accept, then enter the start and end dates (no end date means forever) of subscription approval.
Comments
Please sign in to leave a comment.