API Group in Anypoint Platform
Read this article to learn about how to use the API Manager so that once API Instances are configured, they can be grouped into an API Group.
Join the DZone community and get the full member experience.Join For Free
In this article, understand API Groups using a real-world analogy of our DZone. :)
What Is API Group?
At DZone, we have Integration, Cloud, MicroServices, etc. as separate zones. Each zone has articles/refcards/guides for the same technical goal of understanding that specific technology better.
Now let's talk about API Groups.
APIs that have a common goal or meet specific user requirements can be grouped together. In the API Manager, once API Instances are configured, we can group them in an API Group.
Let's consider an insurance company with the following APIs:
A TravelInsurance API Group can be created for DomesticTravelInsuranceAPI and InternationalTravelInsuranceAPI.
In the same way, a PropertyInsurance API Group can be created for HomeInsuranceAPI and OfficeInsuranceAPI.
Why Do We Need an API Group?
If the client requests access to a PropertyInsurance API Group, they will have access to all the APIs in that group. Instead of requesting each API separately, it can request access for the API Group.
It’s similar to our DZone RSS feeds: anyone can subscribe for RSS feeds of specific zones, like Integration or MicroServices.
Of course, an API Group does not act like an RSS feed; just understand that the similarity is in the ease of access to the specific group.
Create an API Group
Let's take the scenario where two Proxy Endpoint API Instances are configured in API Manager:
These API Instances are for OfficeInsuranceAPI and HomeInsuranceAPI.
Let's create PropertyInsurance API Group.
In the API Manager,> click on API Groups -> Create API Group Button:
In the dialogue box, specify the API Group Name as PropertyInsurance. Provide version and label (optional) and click on Continue Button. This takes us to another window where we need to add API Instances to the API Group:
Let's add API Instances to this group.
Select Environment and API Instance details. The Add button is used to add any new empty row.
Click on the Save button once you are done. This is what our API Group PropertyInsurance looks like after saving the details:
At the left-hand side menu of PropertyInsurance API Group, we can see tabs for Group Details, SLA Tiers, and Contracts. We are in the Group Details tab by default:
Add SLA Tiers to the API Group
There are two types of SLA Tiers:
- Default: Applied to all API instances in the API Group
- Individual: Applied to specific API instance of the API Group
Let's click on the SLA Tiers tab:
Click on the Add SLA Tier button and specify the configuration per your need. In this example, a Basic SLA Tier is added where Approval is automatic. Only 3 requests are allowed in a period of one minute.
Notice the configuration is done under Default Tab. Click on the Save button once you are done. The SLA Tier configuration has no impact unless the SLA-based policy is applied to the API Instances.
In this example, two SLA Tiers are added: Basic and Advanced. Add the Advanced Tier at the end with manual approval and specify the limits.
We can now see two SLA Tiers for PropertyInsurance API Group:
Publish API Group to Exchange
In the Group Details tab of PropertyInsurance API Group, we have a button to publish our API Group to Exchange:
Click on Publish To Exchange Button.
Specify name/version, and click Publish button.
In Exchange, you will find the PropertyInsurance API group now.
Share API Group
Select API Group in Exchange and share it with another user in the organization.
In this example, API Group is shared with user Will Smith.
Client Requesting Access to API Group
Will Smith will now find PropertyInsurance API Group on his Exchange page.
He can click on this API Group and go to the Asset detail page to request access.
When the Request Access button is clicked, a dialogue box opens:
Select Group Instance, create Application, select SLA Tier (Basic or Advanced), and then click on the Request Access button. In this case, Basic SLA Tier is selected.
In this example, Request Access for Basic SLA Tier is automatically approved. The client credentials are generated and displayed:
In the API Manager, Click on API Groups -> select PropertyInsurance API Group -> Select Contracts tab. The Contracts page now shows the contract that is created between Will Smith’s Client Application and this API Group:
In the API Manager -> Click API Administration. This page shows our API Instances separately and not as part of the API Group. Check that the value is 1 under client applications for each of these API Instances. One client application is shown with each API Instance now, as there is a contract between the client application and the API Group.
Click on any one of the API instances and check the contracts -> Group Contracts tab:
Notice the contract that is established with the client application.
As of now, SLA Tiers are not in effect. So we need to apply policy. Let's apply policy now!!
Apply Rate Limiting SLA Based Policy to both API Instances one by one or configure an Automated Policy. If we apply an Automated policy, it will be applied to ALL API Instances.
Next, we configure Rate Limiting SLA Based Policy. In the configuration window, we specify client id and client secret expression. Let's keep default values for now where the data weave expression specifies that the client id and secret are supposed to be retrieved from headers.
Apply the policy.
API Instances in our example are Proxy Endpoint API Instances. Use both Proxy Application URLs one by one for testing.
Will Smith's ClientApp has client credentials.
ClientApp can send requests with client_id and client_secret as headers to both OfficeInsuranceAPI and HomeInsurance API and can get the response back successfully.
Let's do the simulation using POSTMAN. The URL/method is specified and client credentials are passed in headers.
Test for OfficeInsurance API shown below:
Test for HomeInsurance API shown below:
If more than 3 requests are sent in 1 minute then we will get the error back. This is due to Basic SLA Tier that is applied to API Group:
Adding API Instances of Different Environments
The API Group PropertyInsurance was created in a Sandbox environment. Two API Instances of Sandbox environment are added in this PropertyInsurance API Group. The API Instances are for HomeInsuranceAPI and OfficeInsuranceAPI.
Let's create a new API Group for HomeInsurance API and BuildingInsurance API. This is for those clients who own complete buildings.
The API Instances are in separate environments.
In QA Environment, we have an API Instance for BuildingInsuranceAPI:
In Sandbox Environment, we have an API Instance for HomeInsuranceAPI.
Let's create an APIGroup PropertyInsuranceAdvanced and add API instances of different environments:
We can select the environment and then the API instance of that environment. Save the API Group after adding all API Instances.
Now we can add SLA Tier, publish to Exchange, etc. in the same way.
Opinions expressed by DZone contributors are their own.