Setting up the service authorization for IBM Cloud Secrets Manager

If you are using IBM Cloud Secrets Manager to manage the gateway certificates, set up service authorization between IBM® API Connect and IBM Cloud Secrets Manager.

Before you begin

If you are using the API Connect built-in certificate management tool to manage your certificates, skip this task.

About this task

Authorize your V10 Reserved service to communicate with your IBM Cloud Secrets Manager service so that your gateway certificates can be accessed by IBM API Connect.

1. Open the IBM Cloud Dashboard.
2. Click Manage > Access (IAM).
3. In the Access (IAM) navigation list, click Authorizations.
4. On the Manage authorizations page, click Create.
5. On the Grant a service authorization page, select the following settings:
   1. In the Source service list, select API Connect.
   2. In the Source service instance list, select your reserved instance service.
   3. In the Target service list, select Secrets Manager.

      Scope the access to Resources based on selected attributes.

   4. For the Instance ID attribute, select your instance of the Secrets Manager service from the list (select the instance that contains the certificates for your gateways).
   5. In the Service access field, select the Reader, Writer, and Manager roles.
6. Click Authorize.

What to do next

Proceed to Configuring DataPower API Gateway or Configuring DataPower Gateway (v5 compatible) as appropriate.