7.2 Managing Subscriptions

Secure API Manager allows you to subscribe to applications that contain the API or APIs you want to use. It also allows you to remove subscriptions if you no longer want to use the API or the API is deprecated. Also, if you want to delete an API, you must remove all subscriptions from the API before you can delete it.

7.2.1 Subscribing to APIs

To use any of the published APIs in the Store, you first must create an application and subscribe to the application through the appropriate API. Subscribing to the API allows you to combine multiple APIs to create applications with new functionality. Subscribing to the application also allows you to receive the access token for the API to authenticate you to the API so that you can invoke the API. If you have used an API in multiple applications, you can generate one authentication token to use in all of the applications.

To subscribe to an API:

  1. Log in to the Store using the URL you received from your administrator.

    https://lifecycle-manager-dns-name:9444/store
  2. Click the Applications tab.

  3. Create a new application or ensure that the application you want to use already exists. For more information, see Creating Applications.

  4. Click on the APIs tab, then click the name of the API you want to subscribe to and use.

  5. In the Applications field, select the application you want to use.

  6. In the Tiers field, select the appropriate tier to use for this subscription, then click Subscribe.

  7. When prompted, click View Subscriptions.

  8. Click the Production Key tab, then use the following information to define the appropriate information for your environment:

    Grant Type

    Select the Client Credentials grant type to use with the selected API. The grant types generate the access tokens for the API.

    IMPORTANT:By default, Secure API Manager uses the Client Credentials grant type to generate the access token. Ensure that you always select the Client Credentials grant type.

    Callback URL

    (Conditional) Specify a callback URL that sends a callback to a specific server or program soon after Secure API Manager sends your application request.

    Scopes

    (Conditional) Select the appropriate scope to limit the access for the API. For more information, see Section 4.0, Controlling Access to the APIs through the Access Manager Roles.

    Access token validity period

    Specify how long the access token is valid in hours. The default value is 3600 hours, which equals 150 days. If you do not want the access token to expire, specify -1.

  9. Click Generate keys.

After you subscribe to the API, you are able to use the API with the correct access token. The steps to use each API type are different. For more information, see Invoking or Testing the APIs.

7.2.2 Deleting Subscriptions

If you are no longer using an API and want to delete it or deprecate it, you must remove all subscriptions from the API before you can delete the API.

  1. Log in to the Store using the URL you received from your administrator.

    https://lifecycle-manager-dns-name:9444/store
  2. Click the Applications tab.

  3. Click the name of the appropriate application.

  4. On the overview page of the application, click the Subscriptions tab.

  5. Click Unsubscribe, then verify that you want to unsubscribe.