Packages and Plans
An API package refers to a logical grouping of multiple APIs from a single API provider. A package can contain one or more APIs and an API can belong to more than one package. You must have the Manage packages and plans functional privilege assigned to manage API packages and plans.
An API Plan is the contract proposal presented to consumers who are about to subscribe to APIs. Plans are offered as tiered offerings with varying availability guarantees, SLAs or cost structures associated with them. An API package can be associated with multiple plans at a time. This helps the API providers in providing tiered access to their APIs to allow different service levels and pricing plans. Though you can edit or delete a plan that has subscribers, it is recommended not to do so.
Note:
Package and plan subscriptions can be done only through Developer Portal.
You can create packages and plans, associate a plan with a package, associate APIs with a package, view the list of packages, package details, and APIs and plans associated with the package in the API Gateway user interface.
When you add an API with no previously configured IAM policy to a package for monetization, the API key authentication mechanism is automatically added to the IAM policy at API level.
If the API already contains an IAM policy that has two authentication mechanisms with the AND condition, then the existing conditions and identification types are preserved.
You can change the condition type to OR condition if the API contains more than one identification mechanism within a single IAM policy. This ensures that the API can be accessed either using an application or a subscription.
If a scope-level IAM policy is applied to a subset of resources, the API Key identification type is added to the API-level policy with condition type set to OR.
Note:
To reflect these changes on the Developer Portal, you must configure either the API subscription or corresponding IAM policy authentication of the API in the API Gateway UI based on the authetication mechanism. The following table lists the authentication mechanisms and the configurations in API Gateway UI.
Authentication Mechanisms | Visible in Developer Portal | Configuration Location | Action |
API Key | Yes | API Gateway UI | Configure corresponding IAM Policy |
HTTP Basic Auth | No | API Gateway (Subscription Level) | Configure API subscription |
IP-based Authentication | No | API Gateway (Subscription Level) | Configure API subscription |
You can revert this behavior by configuring the extended setting useIAMPolicyWithSubscrptions in API Gateway UI. This setting automatically enables the API Key authentication mechanism to the IAM policy at the API level when you add an API to a package for monetization. If the API already contains an IAM policy that has two authentication mechanisms with the AND condition, then the condition is switched to OR.