Walkthrough 5-4: Request and grant access to a managed API

In this walkthrough, clients request access to an API proxy and administrators grant access. You will:

·       Request application access to SLA tiers from private and public API portals.

·       Approve application requests to SLA tiers in API Manager.

Starting file

This walkthrough uses Anypoint Platform. There is no starting file. To complete the walkthrough, you must have completed the preceding walkthrough.

Request access to the API as an internal consumer

1.     Return to the browser tab with Anypoint Exchange.

2.     In the left-side navigation, select Home to return to the API's home pagee.

3.     Click the more options button in the upper-right corner and select Request access.

Note: Other internal users that you shared the API with that do not have Edit permissions will see a different menu.

4.     In the Request access dialog box, select Rate limiting - SLA based policy in the API Instance drop-down menu.

5.     Click the Create a new application link in the Application drop-down menu.

 

6.     In the Create new application dialog box, set the name to Training internal app and click Create.

7.     In the Request access dialog box, set the SLA tier to Free.

 

 

8.     Click Request access.

9.     On the Training internal app page, click the Show link next to Client Secret.

10.  View the assigned values for the client ID and client secret.

Request access to the API as an external consumer

11.  Return to the public portal in the private/incognito window.

12.  Refresh the page for the American Flights API; you should now see a Request access button.

13.  Click the Request access button; you should get a page to sign in or create an Anypoint Platform account.

14.  Enter your existing credentials and click Sign in.

Note: Instead of creating an external user, you will just use your existing account.

15.  Back in the public portal, click the Request access button again.

16.  In the Request access dialog box, select Rate limiting - SLA based policy in the API Instance drop-down menu.

17.  Click the Create a new application link in the Application drop-down menu.

18.  In the Create new application dialog box, set the name to Training external app and click Create.

19.  In the Request access dialog box, set the SLA tier to Silver.

 

20.  Click Request access.

21.  In the Request API access dialog box, click Close.

22.  In the portal main menu bar, right-click My applications and select to open it in a new tab; you should see the two applications you created.

23.  Click the link for Training external app; you should see what APIs the application has access to, values for the client ID and secret to access them, and request data.

 

24.  Leave this page open in a browser so you can return to it and copy these values.

Grant an application access

25.  Return to the browser window and tab with the Settings page for American Flights API v1 in API Manager.

26.  In the left-side navigation, select Contracts; you should see the two applications that requests access to the API.

 

27.  Click the Approve button for the application requesting Silver tier access.

28.  Expand the Training external app row and review its information.

29.  Copy the value of the Client ID.

 

Add authorization headers to test the rate limiting – SLA based policy from an API portal

30.  Return to the browser window and tab with the API console in the public portal.

31.  Try again to make a call to the Sandbox – Rate limiting – SLA based policy; you should still get a 401 Unauthorized response.

32.  In the Headers section, click the add header link.

Note: If you do not see the add header link, skip the remaining steps of this walkthrough.

33.  Set the header name to client_id.

34.  Set the value of client_id to the value you copied.

 

35.  Return to the browser tab with My applications in the public portal.

36.  Click the Show link next to Client Secret then copy its value.

37.  Return to the browser window and tab with the API console in the public portal.

38.  Add another header and set the name to client_secret.

39.  Set the client_secret header to the value you copied.

 

40.  In the course snippets.txt file, record these client_id and client_secret values in the section reserved for this module.

41.  Click Send; you should now get a 200 response with flight results.

 



Did you complete the walkthrough?

  Yes, I completed the walkthrough

  No, I did not complete the walkthrough

  I completed part of the walkthrough


Comments and/or feedback