Quick Start (API Policy Administrators)
How do I add policies to the SOA Software Open Tenant?
Before API Providers can add API's to SOA Software Open, policy administrators must define the following policy types in SOA Software Open. After the policies are defined in the Policies folder of the SOA Software Open Tenant Organization, they will be available for selection in the Add a New API Wizard.
Note: SOA Software Open customers must designate policy administrator users who will be responsible for defining policies and adding them to the SOA Software Open Tenant Organization using the Policy Manager "Management Console."
Click here to review a summary listing of policies you can use to get started. Additional documentation on these policies is available in the Policy Manager Online Help.
- API User Security Policy - This policy type is the default security policy for SOA Software Open services and controls who can perform administrative actions on the SOA Software Open portal.
- API Consumer Application Security Policy - This policy type is used to identify (authenticate) the application that is attempting to consume an API to determine if it is authorized or not. This policy type supports multiple mechanisms for the App to present its identity, including plain text App Id, signed header with x.509 or a shared secret, or OAuth (1.0 or 2.0).
Auditing / SLA Policies:
You can also optionally define auditing and service level policies that meet your specific security and monitoring requirements. To enable basic message auditing, you can add the BasicAuditing policy available in the root level Policies folder.
Step 1: Designate API Policy Administrator for SOA Software Open instance
- The API Policy Administrator who is designated to manage policies must request authorization to the Policy Manager instance associated with the SOA Software Open deployment. Contact SOA Software Customer Support (support.soa.com) to submit your request.
- Upon approval, you will receive a URL address, and username and password to access the Policy Manager "Management Console."
Step 2: Determine Policy Requirements
- Determine API user, API security, usage monitoring, and service level policy requirements for the API's you plan to add to your SOA Software Open deployment.
- Discuss your requirements with an SOA Software Customer Support member and get recommendations based on your policy requirements.
Step 3: Define Policies in Policy Manager
- Launch the Policy Manager "Management Console" and log in using the username/password credentials provided to you by SOA Software Customer Support.
- After Policy Manager has successfully loaded click the SOA Software Policy Manager Organization in the Organization Tree.
- Click + to expand the organization. You will see SOA Software SOA Software Open Organization.
- Click + to expand the organization. You will see the Policies folder. Expand the Policies folder. You will see Compliance, Operational, and QoS Policies folders:
- Policies added to the Operational folder display in the Operational Policies section of the 2. Target page of the SOA Software Open Add a New API Wizard.
- Policies added to the QoS folder display in the Service Level Policies section of the 2. Target page of the SOA Software Open Add a New API Wizard.
- If no policies exist in either of the Policies folders in Policy Manager, the Operational Policies or Service Level Policies folders on the 2. Target page of the Add a New API Wizard will not display.
- Select either the Operational or QoS Policies folder. In the upper right-hand corner of the Policy Manager "Management Console" click Help. The Policy Manager Online Help loads.
- Review the Workbench > Browse > Organization Views > Policies View > About Policies > Policy Configuration section of the Policy Manager Online Help for:
- Information on how Policy Manager policies are organized.
- A complete reference of policies offered by Policy Manager.
- Instructions on how to add a new policy.
- Instructions on how to copy a policy.
- Click here to review a summary listing of policies you can use to get started. Additional documentation on these policies is available in the Policy Manager Online Help.
- The API User Security Policy and API Consumer Application Security Policy are the minimum requirements. You can add additional auditing or service level policies based on your requirements. Based on the security mechanisms supported by APIs you will be adding to SOA Software Open, your policy list might look like this:
- The Policies folder in the root Organization includes a set of sample policies you can use as well. Use the Copy Policy function to replicate a copy of the policy. Use Change Organization and select the SOA Software Open Tenant Organization to move the policy. Then configure the policy based on your requirements.
- Use the Add Policy function to define API security and service level policies in the Policies > Organizational Policies folder (for API Security and Auditing policies), and Policies > QoS Policies folder (for Quota Management and SLA policies) in the SOA Software Open Tenant Organization.
- Use the Modify function on the details page of each policy to complete the custom policy configuration.
Step 4: Verify policies display properly in SOA Software Open
- Launch SOA Software Open.
- Select Add a New API Wizard from the Plus Menu, click Show on the 2. Target page, and confirm that the policies you defined in the SOA Software Open Tenant Organization display in the Operational Policies and Service Level Policies sections. Your screen will look similar to the following:
- You can also verify that the policies that display in the API Access Wizard are what you intended by creating an app, requesting API access to your API.
See How do I create a new app and configure it to consume APIs? for complete instructions. Note that only the Service Level policies will display in this wizard (e.g., SLA policy, quota management).
Back to top