Login
    Contents x
    API collection
    • 07 Apr 2025
    • 11 Minutes to read
    • Print
    • PDF
    Contents

    API collection

    • Updated on 07 Apr 2025
    • 11 Minutes to read
    • Print
    • PDF
    Article summary

    Overview

    An Application Programming Interface (API) collection consists of API endpoints that share a common access pattern, allowing them to be managed together. For example, group Salesforce endpoints into an API collection if recipes used by the Sales team will call them.

    The API Platform provides enterprise-grade capabilities for API management. It includes an API gateway, governance, design, security, and monitoring features. The API Platform allows creating API proxies that securely forward traffic to internal APIs. It also enables creating API recipes, which expose Recipe functionality as API endpoints.

    This allows sharing data with partners or using the functionality in other Recipes. Users can create API collections by grouping endpoints, whether Recipe-based or Proxy-based. API publishers controls access to Endpoints, monitor requests, and set usage limits.

    API gateway

    The API gateway provides advanced capabilities for managing APIs. It integrates security, routing, and mediation to ensure performance and reliability.

    API design

    API design simplifies API creation, deployment, and management with intuitive tools. Recipe and proxy endpoints allow building APIs using a low-code or no-code approach. They also allow securely exposing existing APIs. Endpoints, methods, and data structures are defined using built-in tools for API design and documentation.

    API monitoring

    API monitoring tracks and analyzes API usage and performance. The API platform dashboard visualizes real-time data for endpoints and API collections. Metrics such as response times, error messages, and traffic patterns enable proactive API management and optimization.

    API security

    API security ensures secure API exposure with enterprise-grade security measures. The API gateway supports multiple authentication methods. These methods include OAuth 2.0, JWT tokens, and OpenID Connect. They provide flexibility and security in API access and usage.

    API Governance

    API governance ensures that APIs remain secure, compliant, and managed according to best practices. It includes activity auditing, versioning, and lifecycle management. Granular access control and policies help manage usage and access. API access policies enforce rate limiting and quota management. These policies prevent overuse by a single client. They ensure efficient API usage.

    Dashboard

    The API platform Dashboard displays real-time data for endpoints and API collections and a summary of API activity, Performance, and Client usage.

    Monitor the overall performance of the API platform or view detailed data for a specific endpoint collection or requesting customer. Successful requests and errors provide an overview of the health of API endpoints.

    Use the policy violations metric to identify clients or collections that generate abnormal API calls. The API Collections page displays all API collections within a Workspace.

    Filters

    Modify the dashboard output using filter parameters. The dashboard defaults to the last 30 days, all clients, and all collections. Change the filters to customize the dashboard view. Filters reset when you leave the page.

    Figure: API Dashboard Filters

    Date filter

    Client filter

    Collection filter

    Select the timeframe that you want to observe

    Filter by specific clients

    Get more insights by diving into collections and specific endpoints

    API Activity

    The API Activity graph summarizes all processed API requests. The graph provides a visual representation of trends, spikes, or drops in API usage. Use the graph to identify periods of high activity or potential issues with the API.

    Figure: API Activity

    Peak Concurrent API requests

    The Peak Concurrent API Requests graph displays the maximum number of API requests processed simultaneously. The bar height represents the highest number of concurrent requests during peak activity periods.

    Figure: Peak Concurrent API requests/

    This section provides insights into API load at any given time. It helps identify peak usage periods, supporting capacity planning and ensuring the infrastructure can handle high loads without performance issues.

    Top Clients and Endpoints by Request Count

    The Top Clients by Request Count and Top Endpoints by Request Count graphs display the most active API consumers and the most frequently accessed endpoints. The data updates based on the selected filters.

    Figure: Top Clients and Endpoints by request count bar graph

    API Collections

    An API collection includes one of the following:

    The type of collection you create depends on your use case.

    API recipe collection

    An API recipe collection is a set of endpoints, where each endpoint is built from an individual API recipe. Each recipe corresponds to a single endpoint. With an API recipe collection, you can provide powerful API endpoints to internal users, such as team members, and external users, such as your organization's end users. By grouping related API recipe endpoints into a collection, you can easily manage access to the endpoints.

    Prerequisites for API recipe collections

    • Create a new project or select an existing project.

    • Create a folder in the project and add one or more API recipes to it. When you add a new API recipe to the folder, it is automatically included in the collection. It is recommend organizing related API recipes together.

    Create an API recipe collection

    1. Log in to AIW.

      The orchestrate platform displays by default.

    2. Navigate to Integration Hub > API collection.

    3. Click Create New Collection.

      The New API recipe collection page is displayed.

    4. Select Choose Collection type to select API recipe collection.

      Figure: New API recipe collection

    5. Click Next.

    6. Select Choose a configuration type to specify the configuration to use for recipe collection.

      Figure: Choose a configuration type

      1. Choose either Use existing recipes or Import OpenAPI specification.

      2. Select recipe from Recipe folder.

      3. Click Next

    7. Navigate to Customize endpoints and select the checkbox for each endpoint to add to the collection.

      Figure: Customize endpoints

    8. Navigate to Set collection details and enter the following information:

      Figure: Set collection details

      Field Description

      Field

      Description

      Collection name

      Specify the title of the Collection that groups related data or items together

      Version

      Enter the Version of the collection, indicating updates or changes over time

      Description

      Enter brief explanation of the collection’s purpose, contents, or significance

    9. Click Create API Collection.

      Figure: Create API collection.

      The Endpoints are successfully created.  

    Edit an API collection

    To edit an API collection, perform the following steps:

    1. Navigate to Integrations > API collection. The Orchestrate platform displays by default.

    2. Select the API collection you want to edit. The API collection overview page opens.

    3. Click Ellipsis menu, to Rename, Edit, Publish, and Delete endpoints that are available within the collection.

      Figure: Edit API Collections

    API Proxy Collections

    An API proxy collection contains proxy endpoints, which act as intermediaries between an API client and an API server. When a request is sent to a proxy endpoint, forwards it to the corresponding endpoint in the backend API.

    Proxy endpoints enhance security and control for internal APIs. Instead of sending requests directly to the backend API, teammates and external collaborators send them to a secure proxy endpoint. This setup also enables access to the API Platform’s monitoring and access control features.

    Prerequisites for API Proxy Collections

    • Create a new project or select an existing one.

    • Create an HTTP connection in the project to forward requests.

    To access the API Collections page, perform the following steps:

    1. Log in to the AIW application.

    2. Navigate to Integration Hub > API Collections.

    3. Click Create new collection.

      The New API Proxy Collection page is displayed.

    4. Use Choose collection type to select an API proxy collection. Click Next.

      Figure: A

    5. Use Choose a target HTTP connection to forward requests. Select an existing HTTP connection from the list or create New connection.

      Note: Currently, only HTTP connections with No-Auth, Query, Basic, Header, and OAuth 2.0 Client Credentials authentication types are supported.

      Figure: Choose a target HTTP connection

      To create new Target HTTP connection, perform the following steps:

      1. Click New connection. Clicking the New Connection button displays additional fields for configuring a new connection.

      2. Enter all the mandatory fields. Refer to field description.

        Field Description

        Field

        Description

        Connection Name

        A unique name to identify the connection

        Location

        The physical or cloud location where the connection is hosted

        Connection Type

        The type of connection, such as API, database, or external service

        Authentication type

        The authentication method required, such as OAuth, API key, or basic authentication

        Endpoint has case-sensitive headers?

        Specifies whether the API endpoint distinguishes between uppercase and lowercase headers

        Base URL

        The root URL of the API or service being connected to

        Use Custom TLS/SSL certificate settings

        Enables the use of a custom TLS/SSL certificate for secure communication

      3. Click Connect. A new HTTP connection is created.

      Click on existing HTTP connection and choose a configuration type to specify the configuration to use in proxy collection.

      Figure: Configuration types

      Manual Configuration

      1. Creates an empty collection where you can add endpoints later.

      Import OpenAPI specification

      1. Upload an OpenAPI 3.0 specification file in JSON or UTF-8 encoded YAML format

      2. Enter the specification URL.

      3. Use the OpenAPI specification to automatically set up the schema for the endpoints added in the next step.

      Only when an OpenAPI specification is imported: Go to Customize Endpoints and select the checkbox for each endpoint to add to the collection.

    6. To configure an endpoint, select Edit details and update the following information:

      1. Endpoint name: Enter a descriptive name for the proxy endpoint.

      2. Endpoint path: Define the endpoint path appended to both the proxy and target base URLs. The path can include parameters and must follow the required guidelines.

      3. HTTP method: Select the HTTP method for the endpoint.

      4. Request timeout: Required only when Customize timeout is enabled. Set the time limit for a request to complete. The default is 30 seconds, and the maximum is 240 seconds.

    7. Go to Set collection details and enter the following information:

      1. Collection name: Enter a descriptive name for the API collection.

      2. Version: Enter a unique version identifier (1–10 characters). Collections with the same name but different versions are treated as separate objects.

      3. Description (optional): Enter a short description of the API collection.

      The API collection is available only to members with access to the specified project.

      Figure: set collection details

    8. Select Create collection. creates the collection and displays the number of endpoints added.

    Policies

    Policies control how clients use APIs. This helps prevent the overuse of an API by a single client, which could result in degraded performance for the community of API users. While an access policy is optional, if you do not create and associate an access policy with a client, then there is no API usage limits on the client.

    Figure: Policies

    To create a new Policy, perform the following steps:

    1. Click Create New Policy. The Create New Policy page is created.

    2. Enter all the mandatory details such as Name, Rate limit, and Usage quota. Click Create Policy.

      Figure: Create New Policy

    3. The created policies are displayed in the orchestration page.

    Clients

    Clients help enforce security best practices by allowing you to create multiple clients with configurable access to each endpoint. Each API Client request requires a single authentication header.

    Developer and embedded APIs let you automate your workspace. You can deploy recipe manifests from development to production and set up new on-prem agents within your network. API Clients enhance security by provisioning API access tailored to each application's use case.

    Figure: API platform

    API Clients and assignable roles allow you to control API access at different levels:

    • Roles - API clients are assigned roles that define which API endpoints they can interact with.

    • Environments - API clients are assigned to specific environments, such as DEV, TEST, or PROD, where they can make API calls. Environments are available based on specific pricing plans and may not be accessible in all workspaces.

    • Projects - API clients are assigned to projects, limiting their API access to specific assets within those projects.

    You can create individual clients for specific API endpoints and projects in your workspace. Developer API client tokens integrate with GitHub Secret Scanning for enhanced security.

    Create a New Client

    To create a new Client, perform the following steps:

    1. Navigate to Integration Hub > API collection. The Orchestrate platform opens by default.

    2. Navigate to Clients, click Add new client. The Add new client pop-up window appears.

    3. Set up client details:

      To set up new client details, enter the following:

      1. Enter Name for the new client.

      2. Enter Description note for the client.

      3. Upload Client logo.

      4. Under Developer portal access, enable the toggle button of Grant client access to portal.

      5. Enter valid Email address. Click Next.

        Figure: Add new client

    4. Define access configuration:

      1. Select API collections to include from dropdown.

      2. Select the Authentication method for the selected API collection.

        Two methods are available:

        1. Discover URL

        2. Json web key set (JWKS) URL

      3. Enter the Policy, if defined.

        Figure: Define access configuration

    5. Click Next to create a Client.

    Settings

    To configure options for an API Recipe Collection or API Proxy Collection, in the Orchestrate platform, perform the following steps:

    1. Navigate to Integration Hub > API Collections.

    2. Click the Settings tab and then select one of the following interfaces

    API path prefix

    An API path prefix is a unique identifier added to the URL of API endpoints to help organize and differentiate API calls within a system. It serves as a customizable prefix that ensures API endpoints are structured in a way that is specific to your account.

    For example, if you set the prefix as aiw-demo, your API endpoint URL follows this format:

    To configure API path prefix, perform the following steps:

    1. Enter a unique identifier for API path prefix (eg., aiw-demo).

    2. Enter the Endpoint URL preview. The preview shows the full API endpoint structure, including your prefix.

      Figure: API path prefix

    3. Click Save to apply the configuration.

    To configure Developer portal, perform the following steps:

    1. Enter the required details for Set up portal details such as the URL, portal logo, and brand color.  The preview of the portal details are displayed. Click Next.

      Figure: Set up portal details.

    2. Set the collection from Select the API collections to publish to portal list. Click Next.

      Figure: Set up Developer portal

    3. On clicking Next, the portal Make portal live is published.

    API concurrency

    API concurrency defines the number of requests your workspace can handle at the same time. It helps manage high volumes of API traffic by determining how incoming requests are processed when the concurrency limit is reached.

    Figure: API concurrency

    Configuring API Concurrency

    To configure API concurrency settings, perform the following steps:

    1. Navigate to Integration Hu > API Collection > Settings in the Orchestrate platform, and select the API Concurrency tab.

    2. Review the Concurrency limit. This value indicates the number of API requests your workspace can process concurrently. To increase this limit, contact your Customer Success Manager.

    3. Choose how to handle requests that exceed the concurrency limit. By default, excess requests are queued.

      1. Queue requests: Select this option to queue incoming requests that surpass the concurrency limit. These requests are throttled and processed once current requests are completed.

      2. Reject requests: Select this option to reject new requests that exceed the concurrency limit immediately.

    4. If you choose to queue requests, specify the Queue size. This value defines the maximum number of requests that can be queued after reaching the concurrency limit. The allowed range is 1 to 100.

    5. Click Save.



    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout