CentraSite Documentation : Runtime Governance with CentraSite : Virtualized APIs in CentraSite Business UI : Viewing or Changing a Virtual API : Profile Information for an Virtual API : Identification Profile
Identification Profile
In this profile, you specify the precise values for the consumer identifier token(s) that you want to use for identifying consumers for the API. (Alternatively, you may configure this profile to allow unrestricted access.)
For example, if you configure the Identification profile to identify consumers by IP address, the PEP extracts the IP address from a request’s HTTP header at run time and searches its list of consumers for the API that is defined by that IP address.
Note:  
If you want to authenticate consumers, make sure that your policy enforcement point is configured to enable authentication. For information, see Administering webMethods Mediator .
Note:  
For reasons of legibility some of the examples below contain break lines and may not work when pasted into applications or command line tools.
In this field...
Do the following...
IPv4 Address
Use this field to identify consumers based on their originating 4-byte IP address range.
Specify a range of IPv4 addresses. Type the lowest IP address in the From field and the highest IP address in the To field. For example, 192.168.0.0 and 192.168.0.10
The API will identify only those requests that originate from the specified IP address.
If you need to specify additional IP addresses, use the plus button to add more rows.
IPv6 Address
Use this field to identify consumers based on their originating 128-bit IPv6 address.
Specify a IPv6 address. For example, fdda:5cc1:23:4::1f
The API will identify only those requests that originate from an IP address that lies between the specified ranges.
If you need to specify additional IP addresses, use the plus button to add more rows.
Hostname
Use this field to identify consumers based on a specified host name.
Specify the hostname. For example, pcmachine.ab.com
The API will identify only those requests that originate from the specified host name.
If you need to specify additional hostnames, use the plus button to add more rows.
HTTP Token
Use this field to authenticate consumers based on the user name that is transmitted in an HTTP authentication user token.
Specify one or more HTTP user names. For example, SAGUser123
The API will identify only the requests that contain the specified user name encoded and passed in the HTTP authentication user token.
If you need to specify additional tokens, use the plus button to add more rows.
WS-Security Token
Use this field to authenticate consumers based on the user name that is transmitted in the SOAP or XML message header (HTTP body).
Specify the WSS username token. For example, userwss
The API will identify only the requests that contain the specified user name passed in the SOAP or XML message header.
If you need to specify additional tokens, use the plus button to add more rows.
XPath Token
Use this field to identify consumers based on the result of applying an XPath expression on the SOAP or XML message or request.
//*[local-name()= 'Envelope']/*
[local-name()='Body']/* [local-name()= 'echoInt']/*
[local-name() ='echoIntInput='] [.='2']
The API will identify the requests that contain the XPath and the consumers.
If you need to specify additional tokens, use the plus button to add more rows.
Consumer Certificate
Use this field to identify consumers based on information in an X.509 v3 certificate.
Click Upload to locate and select the certificate (.cer) file.
API Key String
Read-only. String. The API key for authentication of API consumption. The API key is typically hidden from users who browse the catalog looking for APIs to reuse and is visible only to a particular user (known as the API's owner).
Expiry Date
Read-only. String. The expiration date for the API key.
Copyright © Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback