Greetings-
My organization is an Apigee X cloud user. We use Apigee’s “integrated portal” for publishing our API catalog and for developers to register teams their apps, get keys, etc.
In the Apigee integrated portal (developer portal), when a developer creates an app to subscribe to an API product, they often set the owner of the app to be a team instead of themselves (so the app is not bound to a single individual). At the same time, they will also often generate several api keys for use by their team members, which they then assign to people on their team. A common challenge among our faculty, researchers and others is that they need to keep track of which keys have been assigned to who. Since this cannot be done in the integrated portal, they end up creating files and spreadsheets with this info, which must be stored securely and are generally unwieldy.
If app owners (in this case the members of the team who own the app) could associate individual API keys in the integrated API Portal to specific users, it would be extremely helpful. There are two mechanisms for recording this association in the app which could be helpful: (1) for each API key, include an “api key user” field which is a dropdown list auto-populated with developer names from the team which owns the app, which the user can select from; and (2) for each API key, also include a free text field (like app attributes for API producers.. but in this case api key attributes for use by API consumers), which app owners could us to enter a free text note (for notes about key assignment or even a note about the name of a person outside the owning team who has been given a key).
This feature request has come up with a variety of our Apigee integrated portal users, and most recently from a research scholarship leader here at Harvard.
Thank you for your consideration.
Peter
1 Like
Are you sure?
Two suggestions:
-
There’s a teams feature in the integrated portal that allows you to associate an app to a TEAM, and then add people to the team.
-
If you look at the teams feature and find it lacking, consider building a custom solution yourself, relying on the Apigee APIs, and whatever web app framework you like (React, Angular, whatever you are comfortable with) .
re-reading your question, it seems you ARE using Teams, AND,… you want one extra features which is to associate individual API keys to specific people. Hmm. That latter thing seems to be what you get without the teams feature.
You want teams management and also individual ownership.
I am not sure how to balance that.
Thank you. Perhaps these are kind of a Higher Ed corner cases, and we’ll need to create a custom solution.
To provide more context, the following are two real-life scenarios and discussions we’ve had with grant-funded research teams and with teaching teams for various courses here.
- In a research team scenario, we have two faculty members who are the leaders for a grant-funded project. The two faculty members and their admin constitute a team, and they set themselves up as a team in the integrated API portal. Then they set up an app in the integrated API portal which is owned by that team. They also have 5-10 post-doctoral fellows and graduate students assisting with their research. So they generate 5-10 api keys for that app, and they want to assign one key to each of the 5-10 research assistants. They don’t want the research assistants to “own” the team or app or be able to view/use the keys for other team members. This relates to the part in my original post about “we would like a free text field (like app attributes for API producers.. but in this case api key attributes for use by API consumers), which app owners in the portal could use to enter a free text note (for notes about key assignment or even a note about the name of a person outside the app-owning team who has been given a key).”
- In a teaching and learning scenario, we have a professor and two teaching fellows who run an Intro to Python class. They create a team for themselves in the integrated API portal. Then they create an app to generate a set of keys for each semester’s class, which is owned by the teaching team. With that app, they generate a set of api keys and distribute one to each student in the class. Since in the integrated portal there’s no attribute on the keys in the app which they can use to record the student name for each key, they use a spreadsheet where they copy-paste all the keys and then record the student names there.
With capabilities of the integrated portal where they currently stand, for the research team scenario it seems like setting up a separate app for each research assistant (with one app owned by each research assistant, instead of by a team) would probably makes more sense in terms of ability to track and manage keys and usage by person. But if we do that, we lose the ability to track traffic, $ and set quotas and such at the "project level”. So, one app (ie, where app=grant-funded project) equates to ease of aggregating usage and cost; and many apps (ie, app = specific person working on grant-funded project) equates to inability to aggregate usage and cost at the project/grant level, but benefit of granular tracking and control with auditability back to a specific person.
Having said all that, as we talked through this and the various scenarios and options and pros and cons of each, one of our faculty leaders said “within a single, team-owned app in the Apigee integrated API portal, where by necessity we have generated multiple API keys, why can’t we just have a way to associate each api key to one specific individual?”