Reputation: 6733
How to Get List of Possible Policies from WSO2 API manager
We use WSO2 AM as an API gateway. We have a heavily automated deployment. As part of this we have a script which fetches the definitions (OAS/Swagger) from our back-end APIs and creates/updates the definitions in WSO2AM, using the WSO AM REST API.
We are now in the process of upgrading our WSO2 AM from 2.6 to 4.1. So, we are updating this script.
In the old version you specified tiers for each API definition. We potentially allow all tiers for all APIs so the script would fetch the list of possible tiers (via a GET call to the /tiers/api endpoint), filter it down to a list of names and send that list in as possible tiers for the new API definition.
In the new version, we have "Business Plans" in the UI which seems to map to the policies field in the REST call (docs). Question 1: is this correct?
It appears that you must have at least one policy/business plan defined in order to be able to publish the API. Question 2: Is this correct?
Given that, Question 3: how do we fetch the list of possible policies, when creating a new API, in order to send them in the REST call that creates the API? I can't see such an endpoint in the docs. I can see one for "Throttling Policies" but that seems to be a different field in the create API request. Have to admit I'm not fully clear on the distinction between the policies and apiThrottlingPolicy (I think we want policies as that's an array, whereas apiThrottlingPolicy is a single value - but are they referring to the same type of policy object?)
Upvotes: 1
Views: 181
Answers (1)
Reputation: 4001
Q1: Yes, that is correct. API tiers defined previously are now called Business Plans. When you are subscribing to an API from the dev portal, you have to select one of the available Business Policies.
Q2:Yes, that is correct. When you publish the API, the API will be available in the dev portal. So you should add Business Policies to the API.
Q3: To retrieve the Business Policies you can use the Throttling Policies API. Business Policy is a Throttle Policy that applies for Subscriptions. Here is the REST API endpoint.
https://localhost:9443/api/am/publisher/v1/throttling-policies/subscription?limit=25&offset=0
In the create API request you can see policies as well as apiThrottlingPolicy. Policies is the place where you need to define Business Policies. So an API can have one or more Business Policies. That's why it is an array. APIThrottlingPolicy is a string. In here you need to define the Throttling policy that you apply for the entire API. Sample value can be 10KperMin.
Upvotes: 1
Related Questions
- In WSO2 IS 5.9.0 how to configure Password Policies And Login Policies with help of an API?
- API Goverment rules in WSO2
- Missing Account Management Policies tab in WSO2 API Manager 2.6
- Custom Policies API Manager
- How to access XACML policy from WSO2IS in API using WSO2API manager(How to create APIs using WSO2APIM to access XACML policy)
- how to get all the scopes user has access to in WSO2 API manager
- WSO2 API endpoint options
- Wso2 API MANAGER WSDL security
- XACML - How to get the list of policies used in the decision?
- WSO2 API Manager - Visibility of APIs