Layer7 API Management

Expand all | Collapse all

use of API KEY

Jump to Best Answer
  • 1.  use of API KEY

    Posted 06-24-2015 12:01 AM

    I generated an API Key for an application, now how can I use, which assertions I must include in my service definition in the api Gateway, and how I include in my code as a header, cookie, parameter and which is the name?



  • 2.  Re: use of API KEY
    Best Answer

    Posted 06-25-2015 10:26 AM

    The API key and it's corresponding secret can be used in many ways such as just passing the key in a parameter or header or hmac signatures. The most common way of passing the key is as an http paremeter or header. On the gateway side, there is an assertion named "Look up API Key" which allows the policy to compare an incoming API key value with known API keys and retrieve all properties of the API key including its secret. As part on setting up a gateway and portal pair, you define fragments that will validate an api key as well as control the API plan and Account plans limits defined in the portal. There are sample of such fragments in the portal release and in the API Management evaluation image. Such fragments are added to your runtime API.



  • 3.  Re: use of API KEY

    Posted 06-26-2015 07:32 AM

    Thanks for your help, I made this configuration but I still have not access to the key