Layer7 API Management

  • 1.  API Portal APIs and Gateway folders

    Posted Nov 17, 2016 09:24 AM

    Hi

     

    This is about API visibility on the API Gateway, when created from Portal (and optional the other way around). 

    We have 15 Business Units defined in API Gateway, and mapped this on Portal using the following:

     

    On API Gateway

          /APIs/<entity name>/<business unit name>/<project 1>/policy1

    each <business unit name> folder is made available to users through a dedicated BU role

     

    On API Portal

    - We have 15 organizations created, one per BU

    - We have 15 generic account mapping all 15 BUs. Those accounts have roles:

    organizationAdmin, registeredUser, ApiOwner and ApiOwner-***-***-xxxxxxx (API owner group)

    - Each generic BU account is mapped to corresponding organization.

    - Each organization has an Account Representative' being the generic account.

    - We have 15 API Owner Groups, in order to segregate and restrict API views from one BU to others.

     

    API segregation is ok (or seems to be).

     

    Now the problem as seen from Policy Manager 

     

    - When creating an API on the Policy Manager and set it as 'Portal Managed Servive', the API is created on the Portal and set to 'Public'.

    - None is able to see it, whether it is disabled or enabled, because it needs to be put in an API Owner Group.

    - In order for all BUs to see a 'Public' API, we need to create an additional API Owner Group and associate all BUs to it.

     

    Q: is there a way to automagically modifiy API so that it ends up into an API Owner Group instead of being set to Public ?

     

    And the problem as seen from Portal:

     

    - When creating an API, it ends up at the root level directory on the API Gateway

    - Because developers are 'jailed' into their own directory (see above), they can't see what's on the root node

    - Gibing right to see root node is a no-go as all users at some point could see published APIs coming to the API Gateway.

     

    Q: is there a way to modify Portal behavior so that an extra path being inserted while sending it to the API Gateway ?

     

    Q: is this the right way to go when dealing with multiple BU ?



  • 2.  Re: API Portal APIs and Gateway folders
    Best Answer

    Posted Nov 25, 2016 12:54 PM

    Hi PhBrand,

     

    Thank you for posting in the CA API Management Community.

     

    Regarding the "problem as seen from Policy Manager":

    • APIs created from Policy Manager will always show up as 'Public' and 'Disabled' by default. It can only be enabled in that workflow from the API Developer Portal side. There is no current way to customize that workflow, unfortunately.
    • Per the product documentation on working with API Owner Groups, new APIs can be assigned to API Owner Groups at the Publishing stage on the API Developer Portal side, but cannot be assigned to API Owner Groups from within Policy Manager.
    • At least for now, API Owner Groups is an API Developer Portal specific feature and any API Developer Portal specific features are located only within the API Developer Portal user interface. If you wish to see API Developer Portal specific features as configurable options from within Policy Manager too, then I encourage you to submit a new Idea in the CA API Management Community for the community to vote on. I'll definitely vote on it too once it is created as I think that could be useful to users depending on their workflows.

     

    Regarding the "problem as seen from Portal":

    • Unfortunately, there is no current way for the API Developer Portal to push APIs to the Gateway under certain directories/folders. Stephen Hughes (our director of CA Support for the CA API Management business unit) did see this request though and has already created a new Idea for the community to vote on. I see that you already voted it up too which is great! I have also just voted on it too, as I think it's a great idea and one that can hopefully be implemented in a future version of the product.

     

    I'm sure the above is not what you were hoping for. We are always looking for new ideas like this though when we find out new ways our customers want to use the API Management products. Your workflow suggestions are new to me in terms of customer behaviour, but I'm all for it. I think it's a good workflow, and one that we should at least review for possible inclusion in a future release.

     

    Thank you for your time, PhBrand.

     

    Sincerely,

     

    Dustin Dauncey

    Sr Support Engineer, Global Customer Success

    Email: Dustin.Dauncey@ca.com

    Phone: +1 800 225 5224 ,48385

    Phone if outside North America - https://tinyurl.com/CAContactSupport

    CA API Management Community: https://tinyurl.com/CAAPIMCommunity