Access Groups
This section is critical for keeping your API products secure. If you intend to restrict access to APIs, Access Groups must be configured accordingly.
What is an Access Group?
An Access Group is a method of user segmentation where designated teams and individuals are granted access to specific API products. For example:
Access Group Name | API Products | Developers | Teams |
|---|---|---|---|
Internal Users | Company API | Company Team | |
Partners | Partner API 1 Partner API 2 | Individual Dev | Company Team Partner |
The Internal Users group grants Company Team access to the Company API product. The developer Individual Dev and team Partner would be restricted from seeing or using Company API.
As members of Partners though, Individual Dev and Partner team are able to see and utilize both Partner API 1 and Partner API 2.
Note: RBAC roles, specifically site staff, are unaffected by groups. A product owner doesn’t need to be in the same group as their product to have access, their role is sufficient.
Access Group Management
The first thing you’ll want to do is create an actual group. Access Groups can be found in the admin menu and are managed in a familiar way, consistent with other Apiboost features (Teams, especially). Once you’ve created a test team, you may want to go back and try editing or deleting it. Otherwise, you can continue with adding products and assigned users.
Associated Products
Once you have a group, you can associate some products with it. After you’ve added your product(s), you may never need to alter the list again. Should you need to, you can always go back and edit just in case.
User & Team Access
After selecting your product(s), the last thing left to do is define your user segment. Choose which developer(s) or team(s) can view the product. This may be a more routine task as users are added and removed from the site, same with teams.