Nav

Manage an API

Managing an API involves a number of tasks, including the set up of SLA tiers, applying an SLA-based policy, and setting API alerts. As an API Versions Owner, you typically add policies and SLA tiers to the API that you deploy by proxy. The policies combined with an SLA definition restricts access to the API from applications registered by tier to make API calls. In the first part of this tutorial, you create two tiers of access for developers who want to call the API:

  • A tier that accepts anyone who wants to access the API, but limits this person’s application to three requests per minute, and rejects additional requests.

  • A tier for a premium access level that accepts up to five requests per minute and requires API Versions Owner approval of the developer who wants to access the API.

API Manager sends an email for granting access to you when someone signs up for premium access.

In the second part of this tutorial, you apply SLA-based policies to handle requests that exceed SLA limits that you added.

  • Throttling - SLA-based

    Stores excessive requests in a queue for processing later.

  • Rate Limiting - SLA-based

    Discards excessive requests.

This tutorial uses features that might not be visible or accessible to you, depending on entitlements you purchased.

Adding an SLA Tier

To add SLA tiers:

  1. On the API version details page, click the SLA Tiers tab.

    walkthrough-manage-afcf8

    The Add SLA tier dialog appears.

  2. Click Add SLA Tier.

  3. Fill in the fields as follows:

    • Name: Free

    • Approval: Automatic

    • Limits

      • # of Reqs: 3

      • Time Period: 1

      • Time Unit: Minute

  4. Click Add.

  5. On the API version details page, click Add SLA Tier again, and fill in the fields as follows:

    • Name: Premium

    • Approval: Manual

    • Limits

      • # of Reqs: 5

      • Time Period: 1

      • Time Unit: Minute

To apply policies:

  1. Set up and deploy an API proxy.

  2. On the API version details page of the deployed API, click the Policies tab.

    The list of available policies appears.

  3. Click > to get the status and description of a policy.

    walkthrough-manage-0994c
  4. Click Apply for the Throttling - SLA-based policy.

    The Apply "Throttling - SLA based" policy dialog appears.

    walkthrough-manage-e6710
  5. Accept the defaults, click Apply.

  6. Click Apply for the Rate limiting - SLA-based policy.

    The Apply "Rate limited - SLA based" policy dialog appears.

  7. Accept the defaults, click Apply.

  8. On the list of available policies, click the Raml snippet for either of the policies you applied.

  9. Follow instructions to add traits to RAML for enforcing the policies: Open API Designer and edit the RAML as follows:

    • Add a section called traits: at the root level to define query parameters:

      
                     
                  
      1
      2
      3
      4
      5
      6
      7
      
      traits:
        - client-id-required:
            queryParameters:
             client_id:
              type: string
            client_secret:
              type: string
    • Reference the trait in each of the methods to specify that each of the methods require these query parameters. After each method in the RAML file, add is: [client-id-required]. For example:

      
                     
                  
      1
      2
      3
      4
      
      /products:
        get:
          is: [client-id-required]
          description: Gets a list of all the inventory products.

Next

In this topic: