Key Terms
• An Organization is a collection of users, APIs and other resources.
• An Environment is a subset of APIs in an organization that are in a given deployment state – Default environments: test and prod
• An API Proxy is a set of configurable logic that handles API requests.
• Flows (sometimes called resources) represent a specific request type within an API proxy - usually qualified by verb and path, but often by other request parameters as well.
• Policies (also known as Flow steps) are bits of logic that can be executed during the course of processing a request – Policies can be applied to all resources in a proxy or only to select resources – Policies can be conditionally executed
Developers and Apps
• Developers are the internal or external partners that create applications that use your API products – can be internal or external, and generally represent individuals – can be grouped into Companies
• Developers are associated with Applications, which are developer-written programs that use APIs – can also be included in Companies
• Applications (and Flows) can be grouped into Products for exposure to Application Developers – Application Developers are restricted by Products NOTE: Companies, Company App Family, Company Developers can be configured using API. For configuring the above using UI, the org needs to enable monetization and some customization in the Developer Portal
API Security
API Products are: – collections of API resources, combined with a service plan and presented to developers as a bundle – the central mechanism for authorization and access control Consumer Keys are: – assigned to an application when it is created – linked to a product when the product is associated with an application Product API Proxy 1 API Proxy 2 API Proxy 3 Consumer Key Apps Developer NOTE: Consumer Key is also known as Client ID and API Key
Security for Edge Users Organization Administrator
• Administrator of an organization
• Responsible for mainly user management but has super access to everything Business User
• API Program Manager
• Responsible for success of API program and developer management, KPIs Operations Administrator
• API Operation Manager
• Responsible for production and test deployment, troubleshooting User
• API Developer
• Responsible for development of API proxy, policy management, troubleshooting etc.
• Permissions define create/read/update/delete access to resources
• Roles identify a collection of permissions that can be assigned to a user
• Predefined roles assign common permissions to key Edge resources
• An Organization is a collection of users, APIs and other resources.
• An Environment is a subset of APIs in an organization that are in a given deployment state – Default environments: test and prod
• An API Proxy is a set of configurable logic that handles API requests.
• Flows (sometimes called resources) represent a specific request type within an API proxy - usually qualified by verb and path, but often by other request parameters as well.
• Policies (also known as Flow steps) are bits of logic that can be executed during the course of processing a request – Policies can be applied to all resources in a proxy or only to select resources – Policies can be conditionally executed
Developers and Apps
• Developers are the internal or external partners that create applications that use your API products – can be internal or external, and generally represent individuals – can be grouped into Companies
• Developers are associated with Applications, which are developer-written programs that use APIs – can also be included in Companies
• Applications (and Flows) can be grouped into Products for exposure to Application Developers – Application Developers are restricted by Products NOTE: Companies, Company App Family, Company Developers can be configured using API. For configuring the above using UI, the org needs to enable monetization and some customization in the Developer Portal
API Security
API Products are: – collections of API resources, combined with a service plan and presented to developers as a bundle – the central mechanism for authorization and access control Consumer Keys are: – assigned to an application when it is created – linked to a product when the product is associated with an application Product API Proxy 1 API Proxy 2 API Proxy 3 Consumer Key Apps Developer NOTE: Consumer Key is also known as Client ID and API Key
Security for Edge Users Organization Administrator
• Administrator of an organization
• Responsible for mainly user management but has super access to everything Business User
• API Program Manager
• Responsible for success of API program and developer management, KPIs Operations Administrator
• API Operation Manager
• Responsible for production and test deployment, troubleshooting User
• API Developer
• Responsible for development of API proxy, policy management, troubleshooting etc.
• Permissions define create/read/update/delete access to resources
• Roles identify a collection of permissions that can be assigned to a user
• Predefined roles assign common permissions to key Edge resources
ليست هناك تعليقات:
إرسال تعليق