This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

What is the significance of custom attributes of a Product and App?

Posted on 07-05-2015 10:09 PM
gargi_talukdar
New Member
Reply posted on --/--/---- --:-- AM

What is the signification of custom attributes in Product and App? How these attributes can accessed from a proxy, especially Product attributes?

Solved Solved
1 8 3,905
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
gnanasekaran
Staff
Reply posted on --/--/---- --:-- AM

custom attributes are significant in many ways

> provides flexibility for you to extend the functionality and implement attribute specific runtime enforcements for your API [Quota is just another attribute of a product, just an example how you could use an attribute]

> provides a means for you to classify, group your api products and apps for consumption - for eg, what to show in the portal, mapping to different consumer roles etc..

.. and there are several other examples how it can be used, specific to usecases

----------

What is interesting and important is that - Apigee provides you a easy way to configure these values and access them at runtime easily.

For eg, you can have attributes for your products, attributes for developers, attributes for apps.. and lets say you use

VerifyApiKey or OAuth Accesstoken verification policy in your flow-- all the information about your product, developers, app are loaded a flow variables for you to access within the flow, using this you could enforce any kind of runtime constraints and management functions

Have a look at there,

http://apigee.com/docs/api-services/reference/verify-api-key-policy#variables

and

http://apigee.com/docs/api-services/content/oauthv2-policy#flowvariables

Thanks,

View solution in original post

Jump to Solution
8 REPLIES 8

Posted on --/--/---- --:-- AM
gnanasekaran
Staff
Reply posted on --/--/---- --:-- AM

custom attributes are significant in many ways

> provides flexibility for you to extend the functionality and implement attribute specific runtime enforcements for your API [Quota is just another attribute of a product, just an example how you could use an attribute]

> provides a means for you to classify, group your api products and apps for consumption - for eg, what to show in the portal, mapping to different consumer roles etc..

.. and there are several other examples how it can be used, specific to usecases

----------

What is interesting and important is that - Apigee provides you a easy way to configure these values and access them at runtime easily.

For eg, you can have attributes for your products, attributes for developers, attributes for apps.. and lets say you use

VerifyApiKey or OAuth Accesstoken verification policy in your flow-- all the information about your product, developers, app are loaded a flow variables for you to access within the flow, using this you could enforce any kind of runtime constraints and management functions

Have a look at there,

http://apigee.com/docs/api-services/reference/verify-api-key-policy#variables

and

http://apigee.com/docs/api-services/content/oauthv2-policy#flowvariables

Thanks,

Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to gnanasekaran
Reply posted on --/--/---- --:-- AM

Hi @mukundha@apigee.com What if I'm trying to access the product level custom attribute from an API proxy that's part of two different API products? How do I access the custom attributes of both API products in this case?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

@SZHorani There is no efficient or an easy way to get to what you are trying to achieve, but continue reading as there are some options available for you 🙂

So at a high level products have access to some api's (proxies) and those products are associated to apps. Ideally if you have designed and configured the products,apps and developers correctly there should not be a scenerio where while running a particular API call you would need information for more than two products (ideally). You might want to create different apps for each of the product.

Technical challenge - When you validate an access token, within Apigee it run down some classification tree and picks up the 1st encountered product and puts all the values associated with that product as variables in an api call. All other associated products are skipped. You must be observing the same I believe, where you can only access one 1st picked product.

Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

Below are some options for you -

1) What exactly are those product attributes? If you need all of them while running a single call, why not move them as app or developer attributes?? This way you can access them all through an api call.

2) What you want is still possible with the following solution but something I dont recommend as it has performance impact. Using Apigee access entity policy you can pretty much achieve what you want. In a nutshell access entity policy works like having management api calls in the background where you can get details about any app,developer or product.

For your particular use case you would 1) Get custom attributes of the 1st product which gets populated in the verify access token step 2) Use access entity policy to get the app details to get a list of products associated with that app (assuming its all dynamic) 3) Get the product which was not retrieved at step 1 and use access entity policy again to get its custom attributes.

You can read more about access entity policy here Again running this policy for a very high volume traffic might not be the best performant option. Give it a shot at least, I think it should work.

Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

Thanks for quick response Vinit. This helps.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
vednath_pittala
New Member
In response to gnanasekaran
Reply posted on --/--/---- --:-- AM

@Mukundha Madhavan if i were to add/change this custom attribute value in the proxy flow how would i be able to acheive it?Am using the below in javascript to set it

context.setVariable("verifyapikey.Verify-API-Key.hashattribute1",context.getVariable("has_uname"));


Though the variable seems to be set it doesn't populate the same when verifying it on UI. Attaching both the screen shots for referencecust-attr-1.jpgcust-attr-2.jpg

Thanks,

Vednath

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Former Community Member
Not applicable
Reply posted on --/--/---- --:-- AM

Hi @GargiTalukdar in addition to what @mukundha@apigee.com mentioned, you can access custom attributes defined on products as follows:

  • Define a custom attribute named "some-attribute" at the product level
  • Attach a VerifyAPIKey policy to your proxy:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<VerifyAPIKey async="false" continueOnError="false" enabled="true" name="Verify-API-Key">
    <DisplayName>Verify API Key</DisplayName>
    <Properties/>
    <APIKey ref="request.queryparam.apikey"/>
</VerifyAPIKey>
  • Assuming you followed the above steps and use the exact same names (policy name & attribute name), then you should be able to reference your product custom variable as {verifyapikey.Verify-API-Key.apiproduct.some-attribute} in the remainder of your proxy

Hope this helps!

Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to Former Community Member
Reply posted on --/--/---- --:-- AM

@Prithpal Bhogill In your opinion, what's the best way for me to develop an API proxy that acts differently based on the condition that it's associated with a certain API product. Behaves a certain way for API product X, and another way for API product Y.

Jump to Solution
0 Likes