Configuring API Definitions and Endpoints

The API Definitions page displays a navigable list of API definitions. To add a new API Definition, click New.

The following table describes the fields on the API Definitions page.
Field Description

Name

Name of the API.

Version

Version of the API.

Description

Description of the API.

Created

The date and time when the API definition was created.

Updated

The date and time when the API definition was updated.

Actions

Navigates to the API Definition Settings page, where properties of the API can be edited.

Deletes the API definition.

The API Definitions page has the following sub-pages with further fields and settings that can be configured.

API Definition Settings

General settings such as API description, API version, cross-domain and robots policies can be defined on the API Definition Settings page.

After entering the policy and other details, click Save to save the changes.

API Definition Security



The API Definition Security page allows you to enable OAuth 2.0 for an API. The OAuth settings are applied to all endpoints that are configured to use OAuth as the security mechanism. Some of these settings can be overridden at the endpoint level.
Note: This section is applicable only for those customers who are using the OAuth 2.0 Accelerator feature as part of their contract. Please contact TIBCO Mashery Support if you have questions about the OAuth 2.0 Accelerator.

API Definition Endpoints

After an API is created, you can create, modify, and delete endpoints associated with the API on the API Definition Endpoints page.

While you are viewing or creating endpoints, you can access the API Definition-related endpoint settings by using the navigational tabs on the left pane of the page. The following sub-pages are available from the API Definition Endpoints page.

Endpoint Page

The Endpoint sub-page allows you to create the name of the endpoint, as well as configure an HTTP Client Profile, Public Endpoint Address, and TIBCO Mashery Endpoint Address.

Protocol and Authentication Page

The Protocol and Authentication page allows you set the key and method details related to an endpoint. You can select parameters such as the endpoint type, supported HTTP methods, method location, and Developer API key location.

Security Page

The Security page allows you to enable System Domain Authentication.

CORS Page

The CORS page allows you to configure Endpoint Cross-Origin Resource Sharing, a W3C standard that defines how the browser and server should interact when cross-domain requests are made.

Call Transformations Page

The Call Transformations page allows you to apply processing logic to an API call before it is sent to the host API servers and after the call is returned from the client API servers.

More Page

The More page allows for configuring Traffic-Manager-specific settings. You can configure the Traffic Manager to include or exclude headers from the requests and responses.