You're viewing Apigee Edge documentation.
Go to the
Apigee X documentation. info
Register apps and manage API keys, as described in the following sections.
Introduction
App registration provides the primary mechanism for controlling who can access your APIs.
As an API provider, you create one or more API products to bundle your APIs, as explained in Manage API products. When registering an app, the app developer selects which API products to use and Edge provides a single API key that the developer can use to access those API products. The app developer passes the API key in each call to the API proxies contained in the API products. At any time, you can revoke an app's API key, preventing an app developer from accessing all or a subset of API products referenced by that app.
Typically, app developers register to use your API products using your developer portal. The steps to build your portal and publish your API products are described in Build your portal.
Alternatively, as an API provider, you might want more control over the app registration process and choose to register apps in Edge, as described in the following sections. For example, you may want to register apps for your internal development teams or on behalf of a developer without access to your portal.
The following sections describe how to register apps and manage API keys using the UI and API.
Exploring the Apps page
Access and explore the Apps page, as described below.
Edge
To access the Apps page using the Edge UI:
- Sign in to apigee.com/edge.
- Select Publish > Apps in the left navigation bar.
The Apps page is displayed.
As highlighted in the figure, the Apps page enables you to:
- Register an app
- View and edit an app
- Manage credentials
- Approve or revoke an app
- Delete an app
- Search the list of apps by name, developer, app ID, consumer API key, or all content
Classic Edge (Private Cloud)
To access the Apps page using the Classic Edge UI:
- Sign in to
http://ms-ip:9000
, where ms-ip is the IP address or DNS name of the Management Server node. - Select Publish > Developer Apps in the top navigation bar.
The Developer Apps page is displayed.
- Register an app
- View and edit an app
- Manage credentials
- Approve or revoke an app
- Delete an app
- Search the list of apps by name, developer, app ID, consumer API key, or all content
Registering an app
An app can be registered using one of the following methods:
- An app developer can register the app via your portal, as described in How app developers interact with your portal.
- You can register an app in Edge, as described below. It is up to you to determine how to provide the key to the app developer.
Registered apps are added to:
- List of registered apps in Edge. See Viewing and editing developer details.
- Apps page in the developer portal.
To register an app in Edge:
- Access the Apps page.
- Click + App.
- Specify the App Details:
Field Description Required? Name Name of the app. You can't change the name once the app is created. This name is used in management API calls. Yes Display Name Display name for the app that appears in the Edge management UI and the developer portal. No Company/Developer Note: Apigee hybrid does not support company apps; this field does not apply.
Select Company or Developer and select a company or developer name from the drop-down.
Note: For performance reasons, not all companies or developers are displayed in the drop-down. Start typing the company name or developer name or email in the search box. See also Register app developers.Yes Callback URL Typically specifies the URL of an app that is designated to receive an authorization code on behalf of the client app. This value is not required for all API products. No Notes Descriptive notes for the app. No - Specify the Credentials, including the API key expiration and status and the associated API products.
In the Credentials section, click and enter the following information:Field Description Expiry Configure an expiration duration or date, or set the API key to never expire, and click OK. Products Associate one or more API products with the API key: - Click Add product.
- Select one or more API products from list.
- Click Add.
- Set the Status to Approved or Revoked for each API product.
- Repeat steps to add more API products.
- Specify the Custom Attributes:
- In the Custom Attributes section, click .
- Enter the name and value.
- Click Add or Add & Start another.
The maximum number of custom attributes that you can add is 18.
- Click Create.
If the API products you associated with the app required manual approval for their API keys, approve them, as described in Approving or revoking API keys.
Viewing apps registered for a developer
To view apps registered for a specific developer, use one of the following methods:
- View all registered apps, select Developer in the Search drop-down, and enter the name of the developer in the search field.
- View all registered app developers and click the row associated with the developer.
Viewing and editing an app
To view and edit an app:
- Access the Apps page.
- Click in the row of the app that you want to view and edit.
App details are displayed. - To edit an app, click Edit.
- Perform one or more of the following tasks:
- Modify the app details, including the name, callback URL, or notes.
- Manage the credentials.
- Add or delete custom attributes.
The maximum number of custom attributes that you can add is 18. - Approve or revoke the app.
- Click Save.
Managing credentials
When editing an app, you can manage its credentials in the Credentials section, as shown in the following figure:
As highlighted in the previous figure, in the Credentials section you can perform the following tasks using the UI:
- View an API key and secret
- Approve or revoke an API key for all associated API products or for a single API product.
- Manage API products in an app
- Generate new credentials
To use the API to manage credentials, see the following sections:
Viewing an API key and secret
To view an API key and secret:
- Access the Apps page.
- Click in the row of the app for which you want to view the API key and secret.
- In the Credentials section, click Show associated with the API key or secret that you want to view.
Approving or revoking an API key
API calls to API proxies usually require an API key. Edge allows the calls only if the API key is approved, valid, and meets the conditions defined by the API product containing the API.
You can configure an API product for automatic approval of API keys, as described in Manage API products. However, if the API product requires manual approval of API keys, you need to manually approve the key.
You can revoke an API key for all or a single API product. In this case, the API key and secret are invalid and cannot be used to accessing APIs in the associated API product(s). You can re-approve an API key at any time.
To approve or revoke an API key:
- Access the Apps page.
- Click in the row of the app that you want to view and edit.
- Click Edit.
- Perform one of the following tasks:
- To approve or revoke an API key for all API products associated with an API key, select Approved or Revoked associated with the API key.
- To approve or revoke an API key for a specific API product, select Approved or Revoked in the Status column for the API product.
- Click Save.
Managing API products in an app
Manage API products in your app by performing the following tasks:
Adding an API product to an app
To add an API product to an app:
- Access the Apps page.
- Click in the row of the app that you want to view and edit.
- Click Edit.
- Perform one of the following tasks:
- To add an API product to a new API key, click to generate a new credential, select an experation, and add the API product to the API key.
- To add an API product to an existing API key, in the Credential section click Add product and select the API product from the drop-down list.
- Click Save.
Removing an API product from an app
If you want to keep an API key active but not allow it to be used by an API product, you can remove it from the associated credential.
- Access the Apps page.
- Click in the row of the app that you want to view and edit.
- Click Edit.
- Click adjacent to the API product.
- Click Save.
You can re-add a removed product.
Generating new credentials
You can generate new credentials for an app. For instance, if you're using API key rotation, you can generate new keys whose expiration overlaps keys that will be out of rotation when they expire. You might also generate a new key/secret if the security of the original key/secret is compromised. If you generate a new key, any existing API keys will continue to work until they expire or you explicitly revoke them.
To generate a new API key:
- Access the Apps page.
- Click in the row of the app that you want to view and edit.
- Click Edit.
- In the Credentials section, click .
- Specify the expiration, add the API products, and set their status.
- Optionally, revoke any of the other API keys, as required.
- Click Save.
Approving or revoking an app
Approve or revoke an app, as described below. When you revoke an app, any approved API keys can no longer be used in API calls to Edge. When you re-approve an app, all approved and valid API keys can be used to make API calls.
If the app is registered in other organizations, you must revoke it in each of those organization. It may take a few minutes for the changes to be recognized by all message processors.
To approve or revoke an app:
- Access the Apps page.
- Click in the row of the app that you want to view and edit.
- Click Edit.
- Select Approve or Revoke in the App Status field to approve or revoke the app, respectively.
- Click Save.
Deleting an app
When you delete an app, all client keys associated with the apps become invalid. Using an invalid key on a request causes the request to fail.
If you think you may want to reinstate a developer app in the future, an alternative to deletion is revoking an app.
To delete an app:
- Access the Apps page.
- Position the cursor in the row of the app that you want to delete.
- Click in the actions column.
Note: With Apigee Edge for Public Cloud, deletion of the developer app and associated artifacts happens asynchronously. The developer app is deleted immediately, but the resources associated with that developer app, such as app keys or access tokens, may take anywhere from a few seconds to a few minutes to be automatically deleted.
Registering apps and managing API keys using the API
To register and manage apps using the API, see Registering developer apps. See also the following sections in the API reference documentation: