Hello SAP Community,
I hope this message finds you well. I'm currently working on a project merge multiple SAP CPI integrations for different clients that have similar functionality. We aim to use SAP API Management to expose this merged integration while implementing specific requirements.
Here are the main objectives we are trying to achieve:
Different Credentials for the Same API for Different Users: We want to ensure that different users can access the same API with unique credentials. What is the best approach to manage this? Should we create separate applications for each user, or is there a more efficient method, such as using OAuth-based authentication?
Different Endpoints for the Same API: We aim to provide different endpoints for the same API based on the user's role or client ID. How can we configure API Management to handle multiple virtual paths while ensuring appropriate routing policies? What are the best practices for setting this up?
Restricting Response Fields Based on the User: It's essential for us to restrict certain response fields based on the user accessing the API. What methods are available in SAP API Management to modify the response dynamically? Can we utilize JavaScript policies or transformation policies for this purpose?
API Call Quota and Rate Limiting: Lastly, we need to enforce quotas on API calls to prevent abuse and manage usage effectively. What options do we have in API Management to implement these restrictions? How can we configure these quotas per user or application?
I would greatly appreciate any insights, best practices, or resources from the community to help us achieve these goals. Your expertise will be invaluable as we work to streamline our integrations and ensure robust API management.
Thank you in advance for your help!
Best regards,
Sathesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.