Field | Description |
IPv4 Address | Use this field to identify consumers based on their originating 4-byte IP address range. Specify a range of IPv4 addresses. Type the lowest IP address in the From field and the highest IP address in the To field. For example, 192.168.0.0 and 192.168.0.10 The virtual API will then identify and authorize only those requests that originate from the specified IP address. If you need to specify additional IP addresses, use the plus button to add more rows. |
IPv6 Address | Use this field to identify consumers based on their originating 128-bit IPv6 address. Specify a IPv6 address. For example, fdda:5cc1:23:4::1f The virtual API will then identify and authorize only those requests that originate from an IP address that lies between the specified ranges. If you need to specify additional IP addresses, use the plus button to add more rows. |
Hostname | Use this field to identify consumers based on a specified host name. Specify the hostname. For example, pcmachine.ab.com The virtual API will then identify and authorize only those requests that originate from the specified host name. If you need to specify additional host names, use the plus button to add more rows. |
HTTP Token | Use this field to authenticate consumers based on the user name that is transmitted in an HTTP authentication user token. Specify one or more HTTP user names. For example, SAGUser123 The virtual API will then identify and authorize only those requests that contain the specified user name encoded and passed in the HTTP authentication user token. If you need to specify additional tokens, use the plus button to add more rows. |
WS-Security Token | Use this field to authenticate consumers based on the user name that is transmitted in the SOAP or XML message header (HTTP body). Specify the WSS username token. For example, userwss The virtual API will then identify and authorize only those requests that contain the specified user name passed in the SOAP or XML message header. If you need to specify additional tokens, use the plus button to add more rows. |
XPath Token | Use this field to identify consumers based on the result of applying an XPath expression on the SOAP or XML message or request. //*[local-name()= 'Envelope']/* [local-name()='Body']/* [local-name()= 'echoInt']/* [local-name() ='echoIntInput='] [.='2'] The virtual API will then identify and authorize only those requests that contain the XPath and the consumers. If you need to specify additional tokens, use the plus button to add more rows. |
Consumer Certificate | Use this field to identify consumers based on information in an X.509 v3 certificate. Click Upload to locate and select the certificate (.cer) file. The virtual API will then identify and authorize only those requests that contain the specified X.509 v3 certificate in the SOAP or XML header. |
Field | Description |
API Key String | Read-only. String. The confidential secret key used to securely authenticate the client. This field is visible only to a consumer who requested the API key. |
Expiry Date | Read-only. String. An expiration date for the API key. |
Field | Description |
Client Id | Read-only. String. The unique identifier that is used by the client to fetch access tokens for the virtual API. |
Client Secret | Read-only. String. The secret key value that is used with the client identifier, serves as a password to fetch access tokens for the virtual API. |
Client Name | Read-only. String. The name of the client (consumer application) that is attempting to get access to the virtual API. |
Scope | Read-only. String. The scope value is the name of the virtual API. If the scope value is valid, API Gateway obtains the access token. If no scope value is provided, API Gateway provides the access token to the scope in which the client is allowed and adds the scope to the response. |
Refresh Token | Read-only. String. The unique identifier used by the client to obtain a new access token when the current access token becomes invalid or expires. |
Field | Description |
API Service | Read-only. String. The name of the virtual API that is associated with the API key. To view details of the virtual API, click its hyperlinked name. |