Approval Workflows - Workflow configurations on API Portal and API Gateway

Introduction

This article explains the approval workflows that can be set up in API Portal and API Gateway for setting up new user and application.

Audience

It is assumed that readers of this article are familiar with usage of API Gateway and portal and how to configure APIs in GW and portal.

Pre-Requisites

  1. Configure the API in API gateway

  2. Publish API to API Portal

  3. Set up basic authentication of API or API Key as authentication

Use Case

API Approval workflows are part of typical API Lifecycle. API is created and exposed to developers through API Portal. Any new user who want to consume an API, logs in to API Portal and subscribes for the API. The user registration workflow is set up in API Portal and subscription approval workflow is set up in API Gateway.

When a new user registers in API Portal he provides his basic information like name and email id. The user registration is sent to predefined approvers who approve the user registration. After approval and email is sent to the user with his access details.
API administrators approve the new subscription and the access token is sent to the developer via email. Approvals can be set up for creating, registering and/or updating an application.

Setting up API Portal approval workflow

  • Click on Administration and User registration and select approval required
    image

  • In the approval settings select the appropriate group, in this case “API User Registration Approvers”
    image

  • Select Anyone or Everyone
    image

  • In the Approval Notifications section select the appropriate notifications to be sent
    image

  • Click on Apply

  • Make sure the email server is configured.

Setting up API Gateway approval workflow

  • Login to API Gateway and select Administration

  • Click on Approval Configuration and click enable
    image

  • Select the appropriate email communication templates by clicking on the check box
    image
    image

  • Approvers can be any selected group as shown in the drop-down menu
    image

  • Done. When a new application is created you will see the approval request generated for administrators to approve.

Usage

  • User logs into API Portal, the user should already be a registered user in API portal

  • User subscribes for an API and enters his details as in the below screen

  • The administrator sees the application in pending requests page and can approve or reject the app
    image