
In SAP API Management, managing API Products and their associated proxies is a critical task. A common issue developers face is a 401 Unauthorized Error when multiple API proxies are added to a single API Product with mismatched or inconsistent resource whitelisting.
This blog explains why this happens and how to correctly configure API Products to avoid such errors.
When multiple API proxies are assigned to a single API Product in Apigee, the product enforces access control rules based on the resources defined in the product configuration. Here's what happens under the hood:
Let’s say you create an API Product called "Product A", and assign two proxies:
In this case:
Error 1 :
{
"fault": {
"faultstring": "Invalid API call as no apiproduct match found",
"detail": {
"errorcode": "keymanagement.service.InvalidAPICallAsNoApiProductMatchFound"
}
}
}
Error 2 :
{
"fault": {
"faultstring": "Invalid ApiKey for given resource",
"detail": {
"errorcode": "oauth.v2.InvalidApiKeyForGivenResource"
}
}
}
Before assigning multiple proxies to a product, carefully review the resource paths for each proxy. Ensure that the resources are consistent and align where necessary.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
7 | |
7 | |
7 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |