This content is a stepwise instruction on how to develop an API Provider, API Proxy, Product, and Application in SAP API Management. It will provide users with insights on how to safely expose and operate APIs with OAuth and basic authentication schemes. You will get to know how to set up connections, create proxies and make APIs available as products. Also, the blog discusses how to build and maintain apps in the Developer Hub. The guide is aimed at SAP consultants and developers as well as beginners who deal with API Management.

Create API Provider ,API Proxy,Product & Application

Creation of API Provider-:

1. Under Config Section In API’s Navigate to API Provider Sub-Section and Click on Create 

2. In Overview tab enter the description 

3. In the Connection tab Enter the host details,Port Number & Check on Use SSL

4. In Catalog tab keep the default setting and click onSave.

5. Click on Test Connection IT should ping 200 status code now you have setup your API Provider.

Creation of API Proxy-: 1. Main Proxy (token verification & basic auth)
  2. OAuth Proxy (token generation proxy)

We will proceed with OAuth proxy first to create the Bearer token.

1. Navigate to API Proxy sub-tab and click on create as shown below. 

2. Select URL fill the details as shown below & click on create to generate the api proxy.

3. After Clicking on Create an api proxy dialog box will open navigate to proxy end points and fill the details as shown & click on save.

4. Click on Policies and navigate to the Policy Editor.

5. You will see two main sections
Proxy Endpoint: Handles client-side logic (e.g., OAuth, API key validation)
Target Endpoint: Handles backend-side logic (e.g., Basic Auth)
We will create policies on proxy end point.

6. Click on PreFlow under ProxyEndpoint, then add the following policies in order in request and response pipeline :

Request-pipeline policies

JS-Policy

1. On the right pane of the window click on edit and under extension policies group click on javascript policies as shown & click on add.

Now Click on the policy and paste the below xml code.

<!-- this policy allows us to execute java script code during execution of an API Proxy -->

<Javascript async="false" continueOnError="false" enabled="true" timeLimit="200" xmlns='http://www.sap.com/apimgmt'>

    <!-- contains the name of the main code file -->

    <ResourceURL>jsc://ExtractParam.js</ResourceURL>

</Javascript>

Now we have to create the script for this JS policy
On the left pane of the window in scripts section click on + Icon fill the details as shown.

After Clicking on Add Button Paste this Script.

var gr_type_header = context.getVariable("request.header.grant_type");

var gr_type_queryParam = context.getVariable("request.queryparam.grant_type");

var gr_type;

if(gr_type_queryParam)

{

    gr_type = gr_type_queryParam;

}

else if (gr_type_header)

{

    gr_type = gr_type_header;

}

else

{

    gr_type = "";

}

context.setVariable("request.queryparam.grant_type", gr_type);

TargetEndpoint pre-flow policies

Request-pipeline policies

1. KVM Operations -:follow similar steps to add the policy.

Name -: KVM-GetParams

XML Code -:
<KeyValueMapOperations mapIdentifier="TestBasicAuthCreds" async="true" continueOnError="true" enabled="true" xmlns="http://www.sap.com/apimgmt">

<Get assignTo="private.username" index='1'>

<Key>

<Parameter>clientid</Parameter>

</Key>

</Get>

<Get assignTo="private.password">

<Key>

<Parameter>clientsecret</Parameter>

</Key>

</Get>

<Scope>environment</Scope>

</KeyValueMapOperations>

KVM

a.Duplicate the tab & navigate to config section under Apis click on Key Value Maps and hit the create button.

b. Fill the details as shown add the respective key’s encrypt the kvm and save it.

On the right pane of window click on update and navigate to proxy main window and click on save & deploy the proxy as shown.

Product & Application Creation

Publishing the product

1. On left pane of window navigate to engage section in product hit the create icon.

2. In create product dialogue box fill the section as shown and add the respective proxies

1. Fill the mandatory fields in overview section as shown
   
   

   b. Navigate to api’s section and add the proxies and hit the publish button.

   

   Now the product is published and proxies are bundled together next we will create application in developer hub.

Developer Hub

Creating application

Prerequisites-: AuthGroup.API.ApplicationDeveloper
role must be assign to user sub-account if not assign it in sub-account under security section.


1. On the top right pane of window click on Explore Our Ecosystem dots and navigate to developer hub as shown.

2. In developer hub click on register button as shown.

3. Fill the details select select country/region as India.

4. Click on admin center navigate to users.

5. Move to Registered user section and assign developer role to your self by clicking on action.

6. Check box the developer and save it.

7. In Developer Hub Navigate to my workspace tab and hit the create button.

3. Follow the steps as shown.

4. After clicking on save button an application window will open which have client credentials copies 

the key and secret

The end result of this process is operational API set-up within the SAP API Management with an API Provider set to connect to the backend system.The API is packaged and released as a Product, and thus can be consumed.