Control API Visibility¶
By default, the APIs published in Choreo are visible to anyone who visits the Choreo Developer Portal. By default, Choreo sets the visibility of the API to Public. However, developers can control the visibility of their APIs by changing the default option to Private or Restricted.
Visibility settings control users from viewing and modifying APIs. API visibility can be one of the following options:
-
Public : The API is visible to all in the developer portal.
-
Private : The API is visible to the users who only sign in to the Developer Portal.
-
Restricted: The API is visible to only the user that has the roles that you specify. This option helps developers to enforce fine-grained access control to the API.
Change API visibility¶
- Sign in to the Choreo Console.
- In the Component Listing pane, click on the REST API (Service) for which you want to control API visibility.
- In the left navigation menu, click Manage and then click API Info.
- On the API Info page that opens, click the Developer Portal tab.
-
Under General Details, select the required visibility setting from the Visibility list.
Enable fine-grained role-based access control to the API
- To enable fine-grained role-based access control to an API in the Developer Portal, select
Restrictedfrom the API visibility list. Once selected, you will see the roles available in your organization in the Visible Roles list. - Select any combination of roles. Only the users with the given roles can access the APIs through the Dev Portal.
- Alternatively, You can create a new role and assign it to an API by following the steps below:
- Click + Create New Role in the list.
- Add the role name and description.
- Click Next.
- Assign the relevant permissions to the new role.
- Click Create.
- Select the newly created role from the Visible Roles list.
- To enable fine-grained role-based access control to an API in the Developer Portal, select
-
Click Save.