Getting Started with Anypoint API Governance
After you become familiar with the UI and concepts covered in the Anypoint API Governance Overview, you’re ready to get started governing your APIs.
Before You Begin
Before you begin using API Governance, see the following sections:
Verify Your Permissions
Ensure you have access to API Governance with one of the following permissions:
-
API Governance > Governance Viewer
This permission allows API Governance users, such as API developers and architects, to:
-
View the API Governance console conformance summary.
-
View the Governed APIs page with the list of governed APIs that they have permission to view.
-
Download a detailed governance report for their APIs in CSV format.
-
-
API Governance > Governance Administrator
This permission allows API Governance users, such as API governance and security officers, full access to API Governance.
Anypoint Platform organization administrators are allowed full access to API Governance regardless of their API Governance permission settings.
Higher level permissions override the Governance Viewer permission. If a user has the Governance Administrator permission or is an organization administrator, setting the Governance Viewer permission for them does not limit their permissions.
Opt in to Additional Functionality
If you’re an administrator and have an opt-in banner in the API Governance console, opt in to get additional functionality for your business groups (organizations). See the API Governance Release Notes entry for October, 17 2023.
This documentation covers the full product functionality that is available after the opt-in.
Govern Your APIs
Govern your APIs using the following steps:
-
Identify APIs to filter for governance by using tags and categories in Exchange.
-
Configure governance profiles to identify which rulesets to apply to which APIs.
-
Consider saving your profiles as draft to test settings before revealing their targeted APIs' conformance information across Anypoint Platform.
-
After you test settings using draft profiles, activate the profiles to notify developers and reveal the resulting API conformance information across Anypoint Platform.
-
-
Monitor governance conformance status in the API Governance console.
-
View the APIs targeted by each draft profile to assess conformance impacts for that profile and download the associated CSV file report.
-
View summary information in the API Governance console and in validation reports.
-
-
Find and fix conformance issues:
-
In API specifications in Anypoint Code Builder, Design Center, and Exchange as you design your APIs
-
In API instances in API Manager at deployment time
-
In API catalog information in Exchange asset portal information
-
In API documentation in Exchange asset portal documentation
-
-
(Optional) Create custom rulesets to more effectively govern APIs for your business groups (organizations).
-
(Optional) Install and run CLI commands to automate governance as part of your CI/CD pipeline and to more easily create custom rulesets.
-
(Optional) Use the API Governance Experience API to implement custom API-based solutions that access a subset of API Governance functionality. For example, you can use the experience API to list governance profiles and retrieve API conformance status information. Access the experience API in Exchange in your preferred Anypoint Platform control plane: