(Optional) Authorizing Credentials to Call APIs

Credentials need to be authorized to call APIs that use App authentication. When calling an API, a user is authenticated using the key and secret of a credential.

An API's integration application can directly call the API.

Constraints

The security authentication mode of the API is set to App.

Prerequisites

The API has been published in an environment. Otherwise, publish the API first.

Procedure

Log in to the ROMA Connect console. On the Instances page, click View Console next to a specific instance.
In the navigation pane on the left, choose API Connect > APIs. Choose More > Authorize Credentials of an API.
On the page displayed, click Select Credentials.

Configure authorization information and click OK.

After the authorization is complete, a list of authorized credentials will be displayed.

**Table 1** Authorization configuration
Parameter	Description
Environment	Select the environment the API has been published in.
Credentials	Select the credentials you want to authorize.
Access Parameters	Set access parameters for the selected credentials to be authorized. The access parameters will be added to the backend signature authentication information and sent to a backend service. The backend service then returns different response parameters based on the carried access parameters.
Green Channel	Enabling Green Channel allows whitelisted clients to call the API without authentication.
Whitelist	Mandatory only when Green Channel is enabled. Enter the IP addresses or IP address segments to be added to the whitelist. Whitelisted clients can call the API without authentication.
Blacklist	Available only when Green Channel is enabled. Enter the IP addresses or IP address segments to be added to the blacklist. Blacklisted clients are not allowed to call the API.