How to use a shared resource in an API¶
By using a shared resource(TLS certificate), you can ensure security for the communication established between the API and the client. To learn more, visit Shared Resources.
In this tutorial, you’ll learn how to use a Shared Resource in an unpublished API. If you have published an API and need to change the resources or add one if you haven’t already, then first unpublish the API and follow the below steps.
Note
To proceed with the following instructions, ensure you’re a user with the platform-admin, api-product-manager or api-developer role.
Steps to use a shared resource¶
To begin with, you need to access the API in which you need to use a shared resource(TLS certificate), so to do that:
- Go to Manage APIs → My APIs.
- Then, click for the API you need to use a shared resource.
Now, in order to enforce the shared resource to any of the API backend environments:
Info
Configuring TLS requires authorized certificates. If you haven’t created one, learn how to do it in this article.
- Click on the Configure TLS button for the respected environment.
- In the SSL/TLS Certificates popup shown, first, select the Cert Type:
- PFX P12
- Or, Cert Key CA
- If you select PFX P12 → then select the created shared resource in the Selected PFX field.
- If you select Cert Key CA, then:
- First, select the shared resource for the Selected Certificate
- Then, for the Selected Key
- Finally, for the Selected CA
- Once done, click Save.
This will enforce the selected shared resource on your API backend URL, ensuring safety and security.
How to stop using a shared resource (Detach a Shared Resource)¶
If you have attached a TLS certificate (shared resource) to an API, you can easily detach it as well. This could be done for various necessary reasons; for example, you need to change the certificate key or utilize a shared resource which has not been used before. Or the current API’s particular backend environment no longer needs it. Therefore, in that case, you can stop using the shared resource (TLS certificate.) To do that, follow the below steps:
- Go to Manage APIs → My APIs.
- Then, click for the API you need to detach/stop using the shared resource.
- In the Configure Environments, click on the Configure TLS button for the respected environment.
- In the popup shown, turn the toggle to Detach from Attach.
- Then, click Save.
This will detach/stop using the shared resource for the selected backend environment of the API, and you get a successful notification.