API products API
An API product consists of a list of API resources (URIs) and custom metadata required by the API provider. API products enable you to bundle and distribute your APIs to multiple developer groups simultaneously without having to modify code. API products provide the basis for access control in Apigee, as they provide control over the set of API resources that apps are allowed to consume. As part of the app provisioning workflow, developers select from a list of API products. This selection of an API product is usually made in the context of a developer portal. The developer app is provisioned with a key and secret (generated by and stored on Apigee Edge) that enable the app to access the URIs bundled in the selected API product. To access API resources bundled in an API product, the app must present the API key issued by Apigee Edge. Apigee Edge will resolve the key that is presented against an API product, and then check associated API resources and quota settings. The API supports multiple API products per app key, which enables app developers to consume multiple API products without requiring multiple keys. Also, a key can be 'promoted' from one API product to another. This enables you to promote developers from 'free' to 'premium' API products seamlessly and without user interruption. For more information, see What is an API product?.
Resource Types
APIProduct
Method | Endpoint | Description |
---|---|---|
post | /organizations/{org_name}/apiproducts | Creates an API product in an organization. You create API products after you have proxied backend services using API proxies. An API product is a collection of API resources combined with quota settings and metadata that you can use to deliver customized and productized API bundles to your developer community. This metadata may include the scope, environments, API proxies, and extensible profile. API products enable you to repackage APIs on-the-fly, without having to do any additional coding or configuration. Apigee recommends that you start with a simple API product including only required elements. Then provision credentials to apps to enable them to start testing your APIs. Once you have authentication and authorization working against a simple API product, you can iterate to create finer-grained API products, defining different sets of API resources for each API product. Warning:
Ensure optimal API product and app security An organization-level property,
Note: Setting this organization property requires system administrator privileges. Edge for Private Cloud system administrators can add this property when updating organization properties. If you are an Edge for Public Cloud user, contact Apigee Support to set the organization property. |
delete | /organizations/{org_name}/apiproducts/{apiproduct_name} | Deletes an API product from an organization. Deleting an API product will cause app requests to the resource URIs defined in the API product to fail. Ensure that you create a new API product to serve existing apps, unless your intention is to disable access to the resources defined in the API product. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via the UI or API. View the list of API products to verify the internal name. |
get | /organizations/{org_name}/apiproducts/{apiproduct_name} | Gets configuration details for an API product. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via the UI or API. View the list of API products to verify the internal name. With Apigee Edge for Public Cloud:
|
put | /organizations/{org_name}/apiproducts/{apiproduct_name} | Updates an existing API product. Note: You must include all required values, whether or not you are updating them, as well as any optional values that you are updating. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via UI or API. View the list of API products to verify the internal name. Apigee Edge for Public Cloud only: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with these entities also get cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an |
APIProductRequest
Method | Endpoint | Description |
---|---|---|
post | /organizations/{org_name}/apiproducts | Creates an API product in an organization. You create API products after you have proxied backend services using API proxies. An API product is a collection of API resources combined with quota settings and metadata that you can use to deliver customized and productized API bundles to your developer community. This metadata may include the scope, environments, API proxies, and extensible profile. API products enable you to repackage APIs on-the-fly, without having to do any additional coding or configuration. Apigee recommends that you start with a simple API product including only required elements. Then provision credentials to apps to enable them to start testing your APIs. Once you have authentication and authorization working against a simple API product, you can iterate to create finer-grained API products, defining different sets of API resources for each API product. Warning:
Ensure optimal API product and app security An organization-level property,
Note: Setting this organization property requires system administrator privileges. Edge for Private Cloud system administrators can add this property when updating organization properties. If you are an Edge for Public Cloud user, contact Apigee Support to set the organization property. |
put | /organizations/{org_name}/apiproducts/{apiproduct_name} | Updates an existing API product. Note: You must include all required values, whether or not you are updating them, as well as any optional values that you are updating. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via UI or API. View the list of API products to verify the internal name. Apigee Edge for Public Cloud only: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with these entities also get cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an |
Attribute
Method | Endpoint | Description |
---|---|---|
post | /organizations/{org_name}/apiproducts | Creates an API product in an organization. You create API products after you have proxied backend services using API proxies. An API product is a collection of API resources combined with quota settings and metadata that you can use to deliver customized and productized API bundles to your developer community. This metadata may include the scope, environments, API proxies, and extensible profile. API products enable you to repackage APIs on-the-fly, without having to do any additional coding or configuration. Apigee recommends that you start with a simple API product including only required elements. Then provision credentials to apps to enable them to start testing your APIs. Once you have authentication and authorization working against a simple API product, you can iterate to create finer-grained API products, defining different sets of API resources for each API product. Warning:
Ensure optimal API product and app security An organization-level property,
Note: Setting this organization property requires system administrator privileges. Edge for Private Cloud system administrators can add this property when updating organization properties. If you are an Edge for Public Cloud user, contact Apigee Support to set the organization property. |
delete | /organizations/{org_name}/apiproducts/{apiproduct_name} | Deletes an API product from an organization. Deleting an API product will cause app requests to the resource URIs defined in the API product to fail. Ensure that you create a new API product to serve existing apps, unless your intention is to disable access to the resources defined in the API product. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via the UI or API. View the list of API products to verify the internal name. |
get | /organizations/{org_name}/apiproducts/{apiproduct_name} | Gets configuration details for an API product. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via the UI or API. View the list of API products to verify the internal name. With Apigee Edge for Public Cloud:
|
put | /organizations/{org_name}/apiproducts/{apiproduct_name} | Updates an existing API product. Note: You must include all required values, whether or not you are updating them, as well as any optional values that you are updating. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via UI or API. View the list of API products to verify the internal name. Apigee Edge for Public Cloud only: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with these entities also get cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an |
get | /organizations/{org_name}/apiproducts/{apiproduct_name}/attributes | Lists all API product attributes. |
post | /organizations/{org_name}/apiproducts/{apiproduct_name}/attributes | Updates or creates API product attributes. This API replaces the current list of attributes with the attributes specified in the request body. In this way, you can update existing attributes, add new attributes, or delete existing attributes by omitting them from the request body. Apigee Edge for Public Cloud only: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with these entities also get cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an |
delete | /organizations/{org_name}/apiproducts/{apiproduct_name}/attributes/{attribute_name} | Deletes an API product attribute. |
get | /organizations/{org_name}/apiproducts/{apiproduct_name}/attributes/{attribute_name} | Gets the value of an API product attribute. |
post | /organizations/{org_name}/apiproducts/{apiproduct_name}/attributes/{attribute_name} | Updates the value of an API product attribute. Apigee Edge for Public Cloud only: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with these entities also get cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an |
Attributes
Method | Endpoint | Description |
---|---|---|
get | /organizations/{org_name}/apiproducts/{apiproduct_name}/attributes | Lists all API product attributes. |
post | /organizations/{org_name}/apiproducts/{apiproduct_name}/attributes | Updates or creates API product attributes. This API replaces the current list of attributes with the attributes specified in the request body. In this way, you can update existing attributes, add new attributes, or delete existing attributes by omitting them from the request body. Apigee Edge for Public Cloud only: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with these entities also get cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an |