3.1 Create an API Group

Select Store.

To be able to subscribe to an API you must create an API group in the Store for the APIs that you want to use. To secure access to the APIs, Secure API Manager is tightly integrated with Access Manager to provide the OAuth authorizations for the APIs. The API group allows you to select the available OAuth clients, roles, and scopes from Access Manager to limit access to the APIs through the OAuth authorizations.

The Access Manager roles and scopes that you assign when you create the API group are global roles and scopes. The roles and scopes apply to all APIs that you subscribe to in the API group. You can add more granular access by adding additional roles and scopes to an API endpoint.

Secure API Manager stores the APIs on a specific Identity Server cluster. When you create an API group, you must select the Identity Server cluster that contains the APIs you want to use.

To create a group:

  1. In the Cluster field, select the appropriate Identity Server cluster.

  2. Click New.

  3. Use the following information to define the group:

    API Group Name

    Specify a unique name for the API group.

    OAuth 2 Client

    Select an OAuth client from Access Manager to provide the OAuth tokens to secure access to the API.

    Manage OAuth Clients

    Register and manage the OAuth clients that you select for use with this group of APIs. You must register the OAuth client to allow the API authorization to work.

    Scopes

    Select the default scope APIManagerScope or any scopes that you have created to restrict access to the APIs. The scopes that the Store displays are from Access Manager. These are global scopes for all APIs assigned to this API group.

    Roles

    Select appropriate roles to restrict access to the API. These are global roles for all APIs assigned to this API group.

  4. Click OK to save the group.

  5. (Optional) Click Show JSON to view the API group in JSON.