Overview

SnapLogic APIM is an API Management solution that leverages all of the capabilities of the Intelligent Integration Platform. You can develop, manage, protect, and share your APIs with this solution.

This article provides information and steps to get started with SnapLogic APIM. It assumes that your Environment/Org is already set up, that your Org has a gateway (configured Snaplexes), and that you or SnapLogic have deployed a load balancer.

Learn more about best practices and deployment architectures for APIM.

Concepts

• API/API Version - A service that enables you to create an API with endpoints generated in SnapLogic (Triggered and Ultra Tasks) that supports versioning.

• Proxy - A service that enables you to make use of endpoints created outside of SnapLogic.

• Policy - A set of rules that enables you to apply criteria to APIs before execution, such as authorization, authentication, traffic shaping, and request/response transformation.

• Server - In APIM, a Snaplex is the server.

• Developer Portal - An external-facing page that hosts the API catalog for your Environment/Org.

Supported Workflows

• Creating and managing API versions

• Creating Proxies

• Applying policies to APIs, API Versions, and Proxies

• Publishing an API and managing its status throughout the API lifecycle

• Managing user accounts and applications on a Developer Portal

Assets

• APIs

• API Versions

• Proxies/Endpoints

• Tasks (Triggered and Ultra)

• Pipelines

• Files (typically, specifications)

• Accounts

• Snap Packs (must be in global shared folder)

Prerequisite

• Subscription to APIM in Org

• Set up Groundplexes and FeedMasters

• configure load balancer

• Subscribe to policies Snap Pack

• Set up feature flags for APIM policies.

Step 1: Set up Developer Portal

To expose APIs to your developer audiences, you must first configure the Developer Portal for your Environment/Org. The Developer Portal is a stand-alone page that hosts the API catalog, where API consumers can explore and subscribe to the APIs developed in your Environment/Org.

In Portal Manager, customize your Developer Portal. Learn more about configuration settings.

Step 2: Configure User Access Management

To access APIs from an external application, the user needs to have an account (SnapLogic) or create one directly from the Developer Portal. If they follow the self-service registration process from the portal to create an account, it's similar to the IIP account setup for the process. However, an API administrator needs to approve the user-created portal account (this is done from the Subscription Manager).

Create a login account to access the API Catalog in the Developer Portal.

Step 3: Manage API Lifecycle

To expose an API for consumption by external users, you need to manage the API lifecycle from the Portal Manager. As the API developers in your Environment/Org create APIs, they will publish them to your Developer Portal. The API lifecycle covers Published, Unpublished, Deprecated and Retired states of an API version or Proxy published on your Developer Portal. External users will require access of an API through subscriptions, so your API developers need to enable subscriptions when they publish an API to the portal.

Manage the API lifecycle from the Portal Manager.

Step 4: Enable application usage

To enable user subscriptions to the APIs on your Developer Portal, you must monitor the subscriptions and login accounts in the Subscription Manager. An API consumer can then create an application and request a subscription for any APIs they see on the API catalog. When a subscription is created, it should be approved by the API admin, or they can set it up to auto-approve.

Learn more about monitoring application requests and user subscriptions in the Subscription Manager.

Step 5: Enable the Consumption of APIs

When they have an approved API subscription, API consumers can then call the API through the generated client ID and secret.

Usage Guidelines

• APIM does not support the Cloud URL for Triggered Tasks.

• The API Gateway should have dedicated infrastructure resources.

• If you alter the IP Address in the header, you need to do so with caution because it might cause adverse effects in case someone tries to spoof the header value and gain entry to a company’s system.