Software AG Products 10.11 | Using CentraSite | Runtime Governance | Virtual Service Asset Management | Managing Virtual Service Assets through CentraSite Business UI | General Procedures across Assets | Configuring API Consumption Settings for Client Authentication
 
Configuring API Consumption Settings for Client Authentication
APIs in CentraSite require an unique identifier for consumption. A unique identifier can do the following:
*Identify the client requesting for an API consumption.
*Authenticate and validate the client for accessing and consuming the API.
*Authorize if the client making the consumption request is allowed to access and consume the API.
CentraSite Business UI supports the following mechanisms for client authentication:
*API Key
*OAuth 2.0 token
An API Provider or a user with appropriate permission defines and enforces the type of client authentication that is required for consuming the particular API. Based on the client authentication that is enforced for the API, a client will fetch the API key or OAuth 2.0 token and consume (call) the API.
You configure the client authentication mechanisms using the API Consumption Settings action in the details page of Virtual Service (also, called Virtual API) asset.
To configure the client authentication mechanisms for a Virtual Service asset, you must have the following roles or permissions:
*CentraSite Administrator
*Organization Administrator
*Asset Provider
*Full instance-level permission on the Virtual Service asset
Note:
Until you have the instance-level Modify permission on an API asset (at a minimum), you will not be able to see the API Consumption Settings action in the API details page.