CentraSite 10.11 | CentraSite User’s Guide | Asset Management | Managing Assets through CentraSite Business UI | Application Management | Viewing Application Asset Details
 
Viewing Application Asset Details
The following general guidelines apply when examining the details of an Application asset in CentraSite Business UI:
*If you are not the owner of an Application, you cannot view the details page of the Application unless you have a View permission on the Application (granted though either a role-based permission or instance-level permission).
*You will only see profiles of the Application for which you have an instance-level View permission.
In this task you examine the basic and type-specific attributes that are associated with an Application asset.
*To view the details of an Application asset
1. In CentraSite Business UI, access the Advanced Search panel in one of the following ways:
*Click the Browse link in the upper-left corner of the menu bar.
*Click the Search icon next to the Scope list. The default search scope is Assets.
This displays a list of assets in the Search Results page.
2. In the Additional Search Criteria list, select Asset Types.
3. To search for the assets of type, Application, click Choose.
This opens the Choose Asset Types dialog box.
4. In the Choose Asset Types dialog box, select the Assets option button, and perform the following:
a. Click the chevron next to Assets option button.
A list of currently defined asset types in CentraSite is displayed.
b. In the displayed list of asset types, select Application.
c. Click OK.
A list of currently defined Application assets is displayed in the Search Results page.
5. Click the Application asset you want to examine the attributes.
This opens the Application details page. Also, the actions bar displays a set of actions that are available for working with the Application asset.
You can hover over the info symbol next to an attribute to display the tooltip text, which describes the purpose of the attribute. The tooltip text displays the values of the attribute's Name, and Description fields that are contained in the Application type definition.
6. To examine the extended type-specific attributes of the Application asset, click the appropriate profiles.
The details page of an Application asset includes the following additional information:
Identification Profile (for Application Assets)
In this profile, you specify the precise values for the consumer identifier token(s) that you want to use for identifying and authorizing the consumers for a particular virtual API. (Alternatively, you may configure this profile to allow unrestricted access.)
For example, if you configure the Identification profile to identify and authorize consumers by IP address, the PEP extracts the IP address from a request’s HTTP header at run time and searches its list of consumers for the virtual API that is defined by that IP address.
Note: 
*If you want to authenticate consumers, make sure that your policy enforcement point is configured to enable authentication.
*For reasons of legibility some of the examples below contain break lines and may not work when pasted into applications or command line tools.
Field
Description
IPv4 Address
Use this field to identify consumers based on their originating 4-byte IP address range.
Specify a range of IPv4 addresses. Type the lowest IP address in the From field and the highest IP address in the To field. For example, 192.168.0.0 and 192.168.0.10
The virtual API will then identify and authorize only those requests that originate from the specified IP address.
If you need to specify additional IP addresses, use the plus button to add more rows.
IPv6 Address
Use this field to identify consumers based on their originating 128-bit IPv6 address.
Specify a IPv6 address. For example, fdda:5cc1:23:4::1f
The virtual API will then identify and authorize only those requests that originate from an IP address that lies between the specified ranges.
If you need to specify additional IP addresses, use the plus button to add more rows.
Hostname
Use this field to identify consumers based on a specified host name.
Specify the hostname. For example, pcmachine.ab.com
The virtual API will then identify and authorize only those requests that originate from the specified host name.
If you need to specify additional host names, use the plus button to add more rows.
HTTP Token
Use this field to authenticate consumers based on the user name that is transmitted in an HTTP authentication user token.
Specify one or more HTTP user names. For example, SAGUser123
The virtual API will then identify and authorize only those requests that contain the specified user name encoded and passed in the HTTP authentication user token.
If you need to specify additional tokens, use the plus button to add more rows.
WS-Security Token
Use this field to authenticate consumers based on the user name that is transmitted in the SOAP or XML message header (HTTP body).
Specify the WSS username token. For example, userwss
The virtual API will then identify and authorize only those requests that contain the specified user name passed in the SOAP or XML message header.
If you need to specify additional tokens, use the plus button to add more rows.
XPath Token
Use this field to identify consumers based on the result of applying an XPath expression on the SOAP or XML message or request.
//*[local-name()= 'Envelope']/*
[local-name()='Body']/* [local-name()= 'echoInt']/*
[local-name() ='echoIntInput='] [.='2']
The virtual API will then identify and authorize only those requests that contain the XPath and the consumers.
If you need to specify additional tokens, use the plus button to add more rows.
Consumer Certificate
Use this field to identify consumers based on information in an X.509 v3 certificate.
Click Upload to locate and select the certificate (.cer) file.
The virtual API will then identify and authorize only those requests that contain the specified X.509 v3 certificate in the SOAP or XML header.
Identification Profile (for Assets with Key-based Authentication)
Field
Description
API Key String
Read-only. String. The confidential secret key used to securely authenticate the client. This field is visible only to a consumer who requested the API key.
Expiry Date
Read-only. String. An expiration date for the API key.
Identification Profile (for Assets with OAuth-based Authentication)
Field
Description
Client Id
Read-only. String. The unique identifier that is used by the client to fetch access tokens for the virtual API.
Client Secret
Read-only. String. The secret key value that is used with the client identifier, serves as a password to fetch access tokens for the virtual API.
Client Name
Read-only. String. The name of the client (consumer application) that is attempting to get access to the virtual API.
Scope
Read-only. String. The scope value is the name of the virtual API. If the scope value is valid, API Gateway obtains the access token. If no scope value is provided, API Gateway provides the access token to the scope in which the client is allowed and adds the scope to the response.
Refresh Token
Read-only. String. The unique identifier used by the client to obtain a new access token when the current access token becomes invalid or expires.
API Key Scope Profile
Field
Description
API Service
Read-only. String. The name of the virtual API that is associated with the API key. To view details of the virtual API, click its hyperlinked name.