Setting Permissions in API Manager

In this Article

Overview

You can set permissions for your APIs at different levels of the asset hierarchy. When you create an API, you can set permissions at the API and version level in the API Manager console. Clicking the API opens the API Details page. In the Permissions tab, the owner of the API is automatically added as a user.


Permission Types

As an Org admin, you can set permissions for users at the /apim space level in addition to the APIs and versions to users and groups. The API Manager console has the following permission types:

  • Owner/Full Access: Automatically assigned to the creator of an API asset or version. Accordingly, you cannot select this option.
  • Read and Execute: Select to give access to view API assets and call API endpoints.
  • Read Only: Select to give access to view API assets.
  • Read and Write: Select to give read and write access to API assets.
  • Full Access: Select to give permissions to view, create, modify, and call API calls.

For details, see API Management User Permissions.

Adding Permissions to Users in the APIM Space

  1. In Manager, click API Management > API Manager on the left pane, and then click  to view the Add Permission dialog.


  2.  In the Add Permission dialog. configure the following settings, and then click Add.
    • User/Group: Select the user or group.
    • Status: Select the Permission type.
    • Apply Status to All Versions: Select to make the permission status global for the user at all three levels: APIM, APIs, and Versions.


  3. Verify that the correct permissions are set for the target user in the API > Permissions tab.


Adding Permissions for APIs

  1. Navigate to API Management > API Manager, then select the target API.

  2. Click the Permissions tab.


  3. Click  to view the Add Permissions dialog window, then select the following options:
    • User/Group: Select the user or group.
    • Status: Select the Permission type.
    • Apply Status to All APIs and Versions: Select to make the permission status global for the user at all three levels: API Manager console, APIs, and versions.

  4. Verify that the correct permissions are set for the target user in the Permissions tab for that API.

Adding Permissions for Versions

  1. Navigate to API Management > API Manager, and select the target version of the API.

  2. Click the Permissions tab.


  3. Click  to view the Add Permissions dialog window, then make the following selections:
    • User/Group: Select the user or group
    • Status: Select the permission type.


  4. Verify that the correct permissions are set for the target user in the Permissions tab for that API version.

Deleting a Permission

As an Org admin, you can delete a permission at any level. 

API developers can only set permissions to APIs or versions they own.

To delete a permission:

  1. Navigate to the target permission.
  2. Click  to delete the permission from a version, API, or the API Manager console.
    The following image shows the delete icon at the version level.