API Gateway 10.5 | Using API Gateway | Usage Scenarios | Team Support | Scenarios where you cannot use Teams support
 
Scenarios where you cannot use Teams support
This section explains the use cases that cannot be achieved using the Team support feature.
Scenario 1
The functional privileges assigned to a team applies across all assets assigned to the team. You cannot assign different functional privileges to access different assets. That is, if you assign the Manage APIs functional privilege to a team, then the team members can perform all API-related transactions with the APIs assigned to the team. Similarly, if you assign the Manage applications privilege to a team, then all members of the team can manage the applications assigned to them.
For example, if you assign the Manage APIs privilege to Team_A and assign two APIs API_1 and API_2, then all users of the Team_A can manage both the APIs. If you do not assign the Manage APIs privilege to Team_B and assign two APIs API_1 and API_2, then the Team_B members can only view the APIs. They cannot manage them.
This image describes the flow that you can achieve:
In the same example, you cannot allow Team_B members to view API_1 and to manage API_2. You cannot assign different access level for different assets.
This image describes the flow that you cannot achieve:
Scenario 2
The functional privileges assigned to a team applies across all users towards all assets assigned to the team. You cannot assign different privileges to different assets. That is, if a user has certain functional privilege through one of their teams, and when the user is assigned to another team that does not have the particular functional privilege, the user will still have the functional privilege assigned through the first team.
Consider User_2 is a part of Team_B that has the Manage APIs privilege assigned with API_2. In this case, User_2 can manage API_2. At the same time, if User_2 is assigned to Team_C that does not have the Manage APIs privilege. If API_2 is assigned to Team_C, then User_2 can still manage API_2.
This image explains the flow that cannot be achieved: