Pre-requisites:

1)Ensure that active Informatica Intelligent Cloud Services account and API Manager license.

2)User should have Admin and Service Consumer roles.

API Registry:

API registry which is used to view the available services and details of managed APIs for that services. We can create managed API and use it in different applications after you create managed API we can view API details including API URL and swagger, WSDL URL . In API registry we can generate SDK packages (Java, Android, JavaScript, Nodejs, Python, Ruby-on-Rails, C#.NET, ASP.NET5, or C# applications) which can be use to integrate managed APIs in your applications.

Policies:

  Ø  Rate limit:

 Rate limit controls the number of attempts that API can be invoked in the given time period, we can Enable API-specific rate limit and give the no of attempts for the given time period.

  Ø  Ip filtering:

 Ip filtering is used to give access for the Manages API only allowed Ip address which has give  in a range example.192.168.0.0 to 192.168.255.255 or we can deny the access for the range of IP address.

Privacy:

We can enable privacy policy in API registry to protect private information that is contained API data Like Credit card number Email address IP address United States address United States phone number etc.We can enable this privacy policy for both request and response of the API.

Swagger:

 In API registry swagger URL can be created with version,The url is encrypted.Which can be used to view response.This Url can be used for different applications

API Group:

  Ø  Run the API using basic auth or JWT token:

             Download this meta data as java, python SDK and so on to import in another application. The authentication is either basic or we can generate JWT token which can be used as a bearer token.

Architecture of API manager in informatica cloud:

                                  fig.1:Architecture of API manager                                       

Example:

Step1: 
              We can see the services which are available in API registry created in application integration with rest/SOAP protocol. We can change the process name called API name in API registry and create the managed API. 

                                                fig.2: API registry 

Step2: In API registry we can set the privacy policy for the secure the sensitive information

          fig.3:Enable privacy policies in API registry 

Step3: In API registry we can post the URL with the API name.

                                                fig.4:Swagger URL for the process

Step4: 

            Create an API group for the managed packages from registry, generate and JWT auth token for the API. This token is having expiration date, with this token API consumers having access for the API.

                                                   fig.5:Genarting JWT token to access api 

Step5:

            Analytics is the graphical representation of API activity,It will monitor how many attempts that API has invoked,which type this API used like GET/POST.It gives the details of users and duration in activity log and consumer IP.

                                                   fig.6:Monitering the activity of the API

Conclusion:

          We can use encrypted API for organisation policies, API security is the protection of the integrity of APIs both the ones you own and the ones you use. Businesses use APIs to connect services and to transfer data to the different customers. Through API manager we can manage and secure the API with authentication and encrypting the API ,we can monitor the graphical view of API usage and its activity.

Thank You

Himaja Yerragunta

MOURI Tech Pvt Ltd. ,

himajay.in@mouritech.com