- Public: The API is visible to all users (registered and anonymous), and can be advertised in multiple stores (central and non-WSO2 stores).
Restricted by Roles: The API is visible to it's tenant domain and only to the user roles that you specify.
Visible to my domain: The API is visible to all users who are registered to the API's tenant domain. This option is available only in a multi-tenanted environment. It is not available in the super tenant mode's not applicable when there is only one active tenant in the system.
Given below is how visibility levels work for users in different roles:
publisherroles can see all APIs in their tenant store even if you restrict access to them. This is because those roles have permission to view and edit all APIs in the API Publisher, and therefore, does not have to be restricted in the Store.
- Anonymous users can only see APIs that have visibility as
- Registered users can see
- public APIs of all tenant domains
- all APIs in the registered user's tenant domain as long as the API is not restricted to a role that the user is assigned to
You set the Subscription availability option, which you can set through the UI. In the following instances, the subscription availability option is not available:
- There is only one tenant in your system
- You selected the Visible to my domain as the API's visibility in a multi-tenanted setup
- Available to current Tenant Only: only users in the current organization/tenant domain can subscribe to the API
- Available to All the Tenants: users of all organizations/tenant domains can subscribe to the API
- Available to Specific Tenants: users of the organizations/tenant domains you specify as well as the current tenant domain can subscribe to the API
because you cannot subscribe to something you don't see in the store.
The diagram below depicts this relationship: