Remove vs Revoke API Product for a Key. Any difference?

We are developing a custom Web UI for key management to meet our needs, and we are thinking about how to associate/disassociate API products to a key.

I found two options: "Revoke API Product for an API Key" and "Remove API Product for a Specific Key", and wondering which should I use. Are there any significant difference between them? What points should I pay attention to?

Approve or Revoke API Product for an API Key https://apidocs.apigee.com/management/apis/post/organizations/%7Borg_name%7D/developers/%7Bdeveloper... Remove API Product for a Specific Key https://apidocs.apigee.com/management/apis/delete/organizations/%7Borg_name%7D/developers/%7Bdevelop...

Solved Solved
0 2 1,180
1 ACCEPTED SOLUTION

sidd-harth
Participant V

Hi @Shotaro Aoyama, in Apigee an API Product has a set of API resources, Quota Configurations, Custom attributes associated with it. When Applications choose an API product it gets an API key which can be used to access the API resources.

When you use the Remove API Product for a Specific Key, it will completely delete/remove the API Product from the Application. If the application wants to access the API resources again, it has to add the API Product again & use the same/existing API Key. To do this we can use Add API Product to Key Management API.

If you use Revoke API Product for an API Key you simple revoke the access to the API key. The API Product is still associated with the Application & In the future, if you want to access the resource using the same/existing API key, we can do it using Approve API Product for an API Key Management API.

View solution in original post

2 REPLIES 2

sidd-harth
Participant V

Hi @Shotaro Aoyama, in Apigee an API Product has a set of API resources, Quota Configurations, Custom attributes associated with it. When Applications choose an API product it gets an API key which can be used to access the API resources.

When you use the Remove API Product for a Specific Key, it will completely delete/remove the API Product from the Application. If the application wants to access the API resources again, it has to add the API Product again & use the same/existing API Key. To do this we can use Add API Product to Key Management API.

If you use Revoke API Product for an API Key you simple revoke the access to the API key. The API Product is still associated with the Application & In the future, if you want to access the resource using the same/existing API key, we can do it using Approve API Product for an API Key Management API.

Hi, @Siddharth Barahalikar, thank you for info.

After reading your answer, I don't see big difference besides which APIs to use.

Add/Remove way:

allow: Add API Product to Key

disallow: Remove API Prodoct for a Specific Key

Approve/Revoke way:

allow: Approve API Product for an API Key

disallow: Revoke API Product for an API Key


In either case, it is possible to disallow a key to access a product and re-allow the same key in the future. Am I understanding correctly? Is there anything we can do in one way and we cannot do in another?

Thanks,