Versions Compared

Old Version 116

changes.mady.by.user Eleanor Tesoro

Saved on

compared with

New Version 117

changes.mady.by.user John Brinckwirth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

In this article

...

In addition to validating requests, you can use API policies to authenticate and authorize requests using various authentication methods. Without the API Policy Manager, an API can only be invoked by a user registered with the SnapLogic platform or by using a bearer token. With an APIM authenticator policy, clients can be authenticated through an OAuth2 server or a REST service, as well as other authentication policies available. Thus, SnapLogic Tasks can be made available to a much wider audience.

Info

Only Org admins can view and set API policies at the Project Space and project levels. The Manage API Policy option on the Project dropdown menu is not available to basic users without Org admin access, even if as a basic user, you have full permissions to the project or Project Space.

Supported API Policies

  • Anonymous Authenticator: Allows anonymous access to a Task. The user’s roles are taken from Anonymous Authenticator API policy configuration.

  • API Key Authenticator: Authenticates a client using API keys passed as a header or query parameter. 

  • Authorize By Role: Authorizes a request based on the role associated with the client. If a request is not authorized, it is rejected with a 403 Forbidden error.

  • Authorized Request Validator: Validates requests after authorization and returns a customized response. 

  • CORS Restriction: Sets the appropriate headers for requests coming from a different domain so that the response is not blocked by browser.

  • Callout Authenticator: Authenticates a client by calling out to a REST service to validate a token in the request and then authenticating the user.

  • Client Throttling: Limits Task invocations for a given client over a window of time by throttling or rejecting requests from that client. Installing this API policy can help protect a Snaplex from being overloaded by too many requests.

  • Early Request Validator: Validates requests before authentication and returns a customized response. 

  • Generic OAuth2: Authenticates requests from users registered in an existing identity provider. 

  • IP Restriction: Restricts access based on the client IP address of the request. If the request does not meet the configured requirements, it is rejected with a 403 Forbidden error.

  • OAuth 2.0 Client Credentials: Authenticates users with a token in your OAuth 2.0 environment.

  • Request Size Limit: Limits the size of each request. 

  • Request Transformer: Transforms a request before it is passed onto the remaining API policies and, finally, the Pipeline to be executed.

...

  1. In Manager, click the shared folder for your Org (also known as the global shared folder), then click Manage API Policy to view the API Policy Manager -shared dialog window, which displays a list of existing API policies and their status.

  2. In the API Policy Manager -shared dialog window, click Add Policy to view list of policies.

    Image RemovedImage Added

  3. Select a policy from the list of policies to display the settings dialog window.

  4. Enter/modify the fields to configure the policy as required, then click Validate and Save.

    The policy settings dialog window closes and your policy is displayed in the API Policy Manager-shared dialog window.

    Image RemovedImage Added

You can also import and export policies in the API Policy Manager-shared dialog window.

...

  1. In SnapLogic Manager, click Settings > API Management > API Manager

    Image RemovedImage Added

    The API Manager page is displayed.

    Image RemovedImage Added

  2. Click the target API to display the API Details page, and click  to display the list of API policies.

    Image RemovedImage Added

  3. Enter or modify the fields as required to configure the policy.

  4. Click Validate and Save.

    The policy settings dialog window closes, and your policy is displayed on the API Details page.

    Image RemovedImage Added


Adding API Policies to API Versions
Anchor
api-version-level
api-version-level

  1. In SnapLogic Manager, click Settings > API Management > API Manager

    Image RemovedImage Added

    The API Manager page is displayed.

    Image RemovedImage Added

  2. Click the target API to view the API Details page.

  3. In the API Details page, click the Versions tab, then click the target API version to view the Version Details page.

    Image RemovedImage Added

  4. In the Version Details page, click the target to view the API Details page, and click  to display the list of API policies.


  5. Enter or modify the fields as required to configure the policy.

  6. Click Validate and Save.

    The policy settings dialog window closes, and your policy is displayed in the API Details page.

    Image RemovedImage Added

Adding API Policies to Project Spaces/Projects in Manager
Anchor
projects-projspaces-level
projects-projspaces-level

...

  1. In Manager, select the target Project Space/project, click  to display the dropdown list, and select Manage API Policy to display the API Policy Manager dialog window.

    Image RemovedImage Added

  2. Click Add Policy. A list of all the API policy types appears. 

    Image RemovedImage Added

  3. Click the API policy that you want to add. The settings dialog window for that policy is displayed. 

    Image RemovedImage Added

  4. Enter/modify the field values to configure the policy, then click Validate & Save. The API policy is added to the list of API policies. 

  5. Click Close to close the API Policy Manager dialog.

...

  1. Open the API Policy Manager dialog. 

  2. Click the target API policy to open its settings.

  3. Change the value of the Status field. 

  4. Click Validate & Save. You can confirm the Status of the API policy is updated. To enable the API policy, repeat steps 2 through 4. 

    Image RemovedImage Added
Note

Adding the same API policy type at a lower-level in the hierarchy automatically overrides all API policies of the same type at higher levels. For example, if a Callout Authenticator API policy is added at an Org-level and also at the project-space-level, the Org-level is automatically overridden as far as the Tasks within that Project Space are concerned.

...

  1. Navigate to the target Project in SnapLogic Manager.

  2. Right-click to display the dropdown list, and click Manage API Policy. The API Policy Manager dialog appears.

  3. Select Choose File and navigate to the target file.

    • Import non-existent only: (Default) Only uploads API policies in the selected file that do not already exist in the Project Folder.

    • Import all policies: Imports all API policies in the selected file.

    Image RemovedImage Added


  4. Click Import. The Import Policy Result popup appears with the following Status:

    • Added: The API policies added to the Project Folder.

    • Overwritten: The existing API policies overwritten by the imported ones.

    • Ignored: The existing API policies not overwritten by the imported ones.

...

  1. In Manager, navigate to the target Task.

  2. Click  to display the Tasks menu, then select Related API Policy.

    Image RemovedImage Added

    The Related Policies dialog window for the target Task is displayed.

    Image RemovedImage Added

  3. Click the Hierarchy tab to display the policy hierarchy.

    Image RemovedImage Added

Exporting Policies

  1. Navigate to the target Project Space or project in SnapLogic Manager.

  2. Right-click on the project folder to display the dropdown menu, and click Manage API Policy.

  3. When the API Policy Manager dialog appears, click Export. The API policies are downloaded to the specified folder (the default is the Downloads folder on your machine).

    Image RemovedImage Added


Deleting Policies in Manager

...