All docs This doc
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »


Visibility settings prevent certain user roles from viewing and modifying APIs created by another user role. This feature allows you to restrict the ability to view and modify APIs for a set of users. 


Work In Progress

This is available only as a WUM update.

Enabling Access Control

Instructions to new users

To enable this feature, open the <APIM_HOME>/repository/conf/api-manager.xml file. Add the code given below under APIPublisher.

<APIPublisher>
	...
	<EnableAccessControl>true</EnableAccessControl>
</APIPublisher>


If you are an existing user, with at least one API created.

  1. Open the <APIM_Home>/repository/conf/registry.xml file

  2. Add the following code as the first sub-element under <indexers>

    <indexers>
    	...
    	<indexer class="org.wso2.carbon.apimgt.impl.indexing.indexer.CustomAPIIndexer" mediaTypeRegEx="application/vnd.wso2-api\+xml" profiles ="default,api-store,api-publisher"/>
    	...
    </indexers>
  3. Replace the handler class org.wso2.carbon.registry.indexing.IndexingHandler with org.wso2.carbon.apimgt.impl.handlers.CustomAPIIndexHandler as shown below.

    <handler class="org.wso2.carbon.apimgt.impl.handlers.CustomAPIIndexHandler">
    	<filter class = "org.wso2.carbon.registry.core.jdbc.handlers.filters.MediaTypeMatcher">
    	<property name="mediaType">application/vnd.wso2-api+xml</property>
    	</filter>
    </handler>
  4. To re-index the registry, update the lastAccessTimeLocation parameter as given below.

    <lastAccessTimeLocation>/_system/local/repository/components/org.wso2.carbon.registry/indexing/lastaccesstimexyz
    </lastAccessTimeLocation>

    Restart the server after doing these changes.

Note that the registry indexing takes some time depending on the number of APIs you have in your store, so the existing APIs may not appear if you are accessing the publisher/store immediately after you start the server.

Using the API Publisher UI

  1. Log in to API Publisher as an API Creator. For more information on User Roles, see Managing Users and Roles.
  2. Create an API. Select Restricted by roles for Access Control in the Design tab.
  • No labels