User Groups
API Gateway is shipped with the following predefined groups:
Administrators
API-Gateway-Administrators
API-Gateway-Providers
By default, API Gateway's Administrator user, is part of Administrators and API-Gateway-Administrators group.
API Gateway populates the Administrator access profiles with API-Gateway-Administrators group and creates API-Gateway-Providers access profiles with API-Gateway-Providers group.
The table lists the privileges based on the user group.
Privileges | API Gateway Administrator | API Provider |
Manage APIs | Y | Y |
Manage aliases | Y | Y |
Manage policy templates | Y | N |
Activate/Deactivate APIs | Y | Y |
Manage global policies | Y | N |
Manage threat protection configurations | Y | N |
Manage applications | Y | Y |
Activate/Deactivate global policies | Y | N |
Publish API to service registry | Y | Y |
Manage packages and plans | Y | Y |
Activate/Deactivate packages | Y | Y |
Publish to API Portal | Y | Y |
View administration configurations | Y | N |
Execute service result cache APIs | Y | Y |
Manage user administration | Y | N |
Manage general administration configurations | Y | N |
Manage destination configurations | Y | N |
Manage promotions | Y | Y |
Manage security configurations | Y | N |
Manage system settings | Y | N |
Manage service registeries | Y | N |
Import assets | Y | Y |
Export assets | Y | Y |
Manage purge and restore runtime events | Y | N |
Authentication and Authorization
API Gateway is primarily accessed using API Gateway user interface, which supports Basic authentication and SAML SSO.
You can also use REST APIs to manage API Gateway. To invoke the APIs, you must have the required functional privileges.
Note: You cannot delete predefined users, groups, and access profiles but you can delete the groups and access profiles that are created in API Gateway.