Everybody does APIs. Some just expose APIs as a service - a way to allow developers to programmatically request services or capabilities. Some companies go beyond that to use APIs as a Product - a first class offering with a service level, and maybe a commercial model surrounding it. Some of our customers go further and use APIs as a way to create or explore entirely new channels for the business, or as a foundation for a digital ecosystem.

As companies climb up that ladder of value, from

• APIs as a service,
• to APIs as a Product,
• to APIs as a Channel enabler,
• and finally to using APIs to power an ecosystem...

...it becomes ever more important to have better visibility into and control over the credentials that can be used to gain access to your APIs.

You want to parcel out credentials to particular developers, credentials that allow them to do specific things, for a specific duration of time. And you want the ability to revoke authorization at any time. You may want to rotate keys, for good security.

To make all of that easier, this week, Apigee is releasing updates to the Edge administrative UI to expose more capabilities for managing the credentials associated to developer apps. These capabilities have long been accessible via the administrative API; now we're exposing them in the UI as well.

The new UI extensions will allow administrators to:

• view and edit the approval status for each app
• view the list of distinct credentials for each app
• view and edit the approval status for each credential
• view the expiry date and expiry status of each credential
• add new credentials to an app, with a specific expiry (expire never, expire on a given date, or expire after a specified amount of time)
• remove credentials, whether active or expired
• view and set the active status of individual developers

The new capabilities are available now, in the Apigee Edge cloud. Here's a 10-minute screencast explaining and showing how things work. Enjoy!