You can specify whether or not an API operation inherits the security definitions that have been created in the containing API.
About this task
You can choose to inherit all the security definitions, or you can individually select the security definitions that you want to inherit.
For information on creating security definitions in an API, see Creating a security definition.
Note: The API Manager UI also includes the ability to apply security definitions. However, the preferred method for these tasks is by using the API Designer UI, as described here. Any steps that are specific to a particular UI are marked with an icon.
Procedure
To specify the security definition inheritance settings for an API operation, complete the following steps:
-
Click APIs.
The APIs tab opens.
-
If you have not previously pinned the UI navigation pane then
click the Navigate to icon .
The
API Manager UI navigation pane opens. To pin the
UI navigation pane, click the
Pin menu icon
.
-
Click Drafts in the UI navigation pane, and then click APIs.
The APIs tab opens.
-
To specify the security definition inheritance settings for an operation in an existing API, click the API you want to work with. To create a new API and API operation before specifying the security definition inheritance settings, see Creating API definitions and Defining Paths for a REST API.
-
Navigate to the Paths section.
-
In the Paths section, click the required operation to display its details.
-
In the Security subsection, select the security definitions that you
want to apply, or select Use API security definitions to apply all security
definitions.
Note: If you select an OAuth security definition for
protecting a consumer API, you must also include an API key security definition, as the
X-IBM-Client-Id
or client_id
must be included in the security
credentials so that the correct Plan configuration settings can be enforced.
-
Click the Save icon to save your changes.