Skip to content

How to use a shared resource in an API

By using a shared resource(TLS certificate), you can ensure security for the communication established between the API and the client. To learn more, visit Shared Resources.

In this tutorial, you’ll learn how to use a Shared Resource in an unpublished API. If you have published an API and need to change the resources or add one if you haven’t already, then first unpublish the API and follow the below steps.

Note

To proceed with the following instructions, ensure you’re a user with the platform-admin, api-product-manager or api-developer role.

Steps to use a shared resource

To begin with, you need to access the API in which you need to use a shared resource(TLS certificate), so to do that:

  • Go to Manage APIsMy APIs.

Accessing My APIs

  • Then, click for the API you need to use a shared resource.

Accessing API Edit Options

Now, in order to enforce the shared resource to any of the API backend environments:

Info

Configuring TLS requires authorized certificates. If you haven’t created one, learn how to do it in this article.

  • Click on the Configure TLS button for the respected environment.

Accessing TLS Configuration

  • In the SSL/TLS Certificates popup shown, first, select the Cert Type:
    • PFX P12
    • Or, Cert Key CA

Selecting TLS Certificate

  • If you select PFX P12 → then select the created shared resource in the Selected PFX field.
  • If you select Cert Key CA, then:
    • First, select the shared resource for the Selected Certificate
    • Then, for the Selected Key
    • Finally, for the Selected CA

Selecting Cert Key

  • Once done, click Save.

This will enforce the selected shared resource on your API backend URL, ensuring safety and security.

How to stop using a shared resource (Detach a Shared Resource)

If you have attached a TLS certificate (shared resource) to an API, you can easily detach it as well. This could be done for various necessary reasons; for example, you need to change the certificate key or utilize a shared resource which has not been used before. Or the current API’s particular backend environment no longer needs it. Therefore, in that case, you can stop using the shared resource (TLS certificate.) To do that, follow the below steps:

  • Go to Manage APIsMy APIs.

Accessing MY APIs

  • Then, click for the API you need to detach/stop using the shared resource.

Shared Resources Edit Options

  • In the Configure Environments, click on the Configure TLS button for the respected environment.

Detach TLS

  • In the popup shown, turn the toggle to Detach from Attach.
  • Then, click Save.

This will detach/stop using the shared resource for the selected backend environment of the API, and you get a successful notification.