Pre requisites for this blog
- Activate - Manage API capability (if not activated yet)
- Setup API Business Hub Enterprise and add your user as Developer
Introduction
In this blog, I am going to use a public calculator SOAP service as an example and create a SOAP API as CPI artifact then call the same SOAP API from SAP API Management. So, let's begin.
Step # 1: Create a SOAP API
- Create a new package or edit an existing one (I am creating a new package with name "Calculator")
- Add a new artifact, choose API as artifact type.
- A popup window will appear, asking for the runtime profile information choose Cloud Integration and click Next
- On the next screen, select "SOAP API" as API type and click Next
- Choose New and click Next
- Give API an name (in my case, i name it as "Calculator API" ) and click Create
A new SOAP API will be created inside the package, open the API in edit mode and delete Content Modifier from Handle Request - Local Integration Process.
Step # 2: Edit the Calculator API
Note: I am going to use dneonline (open the link and save the WSDL in your local drive for later use)web service in this example.
- edit the "SOAP" as sender adapter setting
- give an address to the SOAP API
- select WSDL in "Service Definition" and browse the WSDL you have save earlier. Once you select the WSDL choose operation you want to perform.
- Add "Request-Reply" step in Internal integration process and connect it with receiver and choose "SOAP" as receiver adapter type.
- Open SOAP setting (as receiver adapter) and edit as below
- Save and Deploy the SOAP API
Step # 3: Test SOAP API
Once API is deployed, download the WSDL definition from Monitor > Integrations & APIs. Go to SoapUI and browse the newly saved WSDL definition. Choose Add operation and test the service. (Note: for authentication use integration-flow type service key credentials)
Step # 4: Create a Provider as Type "Cloud Integrations"
Note: Copy the "API" type service key information (open BTP Cockpit and go to subscription page there locate "Instances" table, download/copy the key information.
First, we need to create an API Provider for that:
- go-to "Configure >> APIs"
- then go-to "API Providers" tab
- and click "Create"
- Type name as "CPI Provider" and move to next tab "Connection"
- Select "Cloud Integrations"
- Open the downloaded key file and copy the URL
- Paste it in "Cloud Integration Management Host" field
- select Authentication type as "OAuth2ClientCredentials"
- Copy ClientID and Client-Secret and paste respectively.
- Save and Test the connection
Step # 5: Create a API Proxy using CPI Provider
- Go to Configure > APIs, this time select "API Proxies" tab
- Click "Create"
- A new popup window will appears, select API Provider in radio list
- and choose the newly created CPI Provider from the drop-down list and click "Discover"
- A new dialog will open, where you will find the Calculator API we created in Step 1, choose it and click "Next"
- For authentication choose "Basic" and input the credentials which you have use to test the SOAP API in step 3 and click "Done"
- Once you back to the API Create window you will see few fields are already filled in, you can change the text if wish to but keep the URL value as it is, i am keeping them as it is.
- Click "Create" to create the Proxy
- On the next screen, click "Save" and then "Deploy".
Step # 6: Test the API Proxy
- Open SoapUI and edit the endpoint on the request we testing in Step 3
- set the authentication to "No Authentication" and click "Submit"
Step # 7: Apply Policy to Secure the API
- Edit the API Proxy created step 5
- and go to Policies
- On the next screen select "Edit"
- On the left hand side Policy Edit expand the "Proxy Endpoint" and select "PreFlow"
- Then choose Verify API Key policy (click plus sign) from right hand side of the side menu
- Give a name to the policy and click "Add"
- update the variable reference name to "request.header.apikey"
- click "Update" button
- and then Save and Deploy again
Step # 8: Create a Product and Subscribe it
- To create a product go to Engage
- Keep on Products Tab and click "Create"
- Type name and title and move to "APIs" tab
- Click "Add" and select the Calculator API Proxy from the list and Click OK
- Publish the Product
- Now go to API Business Hub Enterprise
- You will see the product you created earlier there
- select the product and go to next page
- To subscribe choose New application from the drop-down list
- Give a name and click Create
- Now, copy the key for testing
Step #9: Test API with API Key
- Go to SoapUI again
- add a header as "apikey" and paste the copied key in value field
- now submit the request you will receive the response
Conclusion
In this way, you can secure your CPI artifacts from direct access. SAP API Management offers lot of different policies which help developer built a security layer around the backend services. I just added the authentication mechanism, but it offers much more such as Traffic Management Policies, Security Management Policies, Mediation Policies.