When this policy is used, API manager allows only those applications which hold the valid API Key to access API resources. It restricts users to specific resources from those present in API products.
Configuration
Figure 1: Verify API Key Policy Configuration attribute
Click Edit icon against Key Source to configure Message Part Identifier.
Steps
To configure the Verify API Key policy, perform the following actions:
- In the Policies section inside the project, configure Verify API Key policy with the values shown below:
- Type: PARAMETER
- Name: apiKey (The name of the query parameter which needs to be used as the identifier)
- Default Value: null (can be any value)
Figure 2: Providing values for the KeySource Message Part Identifiers
Create a product and add the project for which Verify API Key Policy is created by navigating to the Apps module.
Figure 3: Adding a the project (for which an API Key is generated) in the product- Create a client.
Clients can access APIs after they are added under the Clients section. Then add a Client Subscription to them, so as to bind with a single API consumer key which allows access to the subscribed API products.
Figure 4: Creating a Client
Create a Client Subscription with the client created (in the above step) and perform the following actions to the Client Subscription:
Add the product to which the project is bundled.
Save the configuration.
Click the product to generate the API Consumer Key.
Consumer Key and Consumer Secret are displayed below the API Products table.
Figure 5: Creating Client Subscription and generating Consumer Key and Consumer Secret
Pass this Consumer Key to the API proxy access URL as a parameter in the following format:
http://<ip-address-of-gateway-machine>:2160/<project-context-path>/<project version>/?apiKey=<Consumer Key value> If API Key value is not provided or a wrong value is given then an error is displayed:
{
"ErrorMessage" : "The subscription corresponding to the key defaultvalue is invalid",
"ErrorCode" : "Invalid Subscription",
"MoreInfo" : "Policy Name - VerifyApiKeyPolicy, Type - VERIFY_API_KEY"
}
Adding the policy while Creating a project
Select the API Keys option when creating the project from any of the following services:
- REST/HTTP Service (in the New Backend Service dialog box)
- WSDL (in the New WSDL Project dialog box)
Figure 6: Attaching Verify API Keys to the project
After adding a policy, this can be configured as per requirement