An API is the interface that you publish to your end customer. They can, and should, include an OpenAPI or AsyncAPI specification or additional documentation to help users get started with your API.
Additionally, you can link your API to a Gateway Service to allow developers to register applications for your specific APIs.
To create an API, do one of the following:
Navigate to Dev Portal > APIs in the sidebar, and then click New API.
When you create your API, you can choose to keep it unversioned or version it using a free text string. This allows you to follow the versioning system of your choice:
Each API is identified using the combination of name+version. For example, if your API is named My Test API and it has a version of v3, then it will be accessible via the API as my-test-api-v3 in your list of APIs. If a version isn’t specified, then name is used as the unique identifier.
To version an API, do one of the following:
Navigate to Dev Portal > APIs in the sidebar, and then click New API. Enter a version in the API version field. You can also add a version on existing APIs by editing them.
All API specification files are validated during upload, although invalid specifications are permitted. If specifications are invalid, features like generated documentation and search may be degraded.
To upload a spec to an API, do one of the following:
Navigate to Dev Portal > APIs in the sidebar and click your API. Click the API specification tab, and then click Upload Spec.
API documentation is content in Markdown that you can use to provide additional information about your API.
While you are creating or editing an API document, you can also choose to publish it and make it available in your Dev Portal (assuming all parent pages are published as well). Keep the following in mind:
The visibility of an API document is inherited from the API’s visibility and access controls.
If a parent page is unpublished, all child pages will also be unpublished.
If no parent pages are published, no API documentation will be visible, and the APIs list will navigate directly to generated specifications.
To create a new API document, do one of the following:
Navigate to Dev Portal > APIs in the sidebar and click your API. Click the Documentation tab, and then click New document. You can either upload your documentation as an existing a Markdown file or create a new document.
The slug and parent fields create a tree of documents, and build the URL based on the slug/parent relationship.
This document structure lives under a given API:
Page name: The name used to populate the title in the front matter of the Markdown document
Page slug: The slug used to build the URL for the document within the document structure
Parent page: When creating a document, selecting a parent page creates a tree of relationships between the pages. This allows for effectively creating categories of documentation.
For example, if you had a document configured like the following:
API slug: routes
API version: v3
Page 1:about, parent null
Page 2:info, parent about
Based on this data, you get the following generated URLs:
Generated URL for about page: /apis/routes-v3}/docs/about
Generated URL for info page: /apis/routes-v3}/docs/about/info
You can link to a Konnect Gateway Service to allow developers to create applications and generate credentials or API keys. This is available to data planes running Kong Gateway 3.6 or later.
This will install the Konnect Application Auth (KAA) plugin on that Service. The KAA plugin can only be configured from the associated Dev Portal and its published APIs.
The visibility of pages and menus is configured independently from APIs, maximizing your flexibility.
v3.6+ An API must be linked to a Konnect Gateway Service to be able to restrict access to your API with authentication strategies.
With the appropriate security and access and approval settings, you can publish an API securely to the appropriate audience. The following table describes various Dev Portal access control scenarios and their settings:
Anyone can view the API’s specs and documentation, but must sign up for a developer account and create an Application to generate credentials and API keys.
RBAC is disabled if fine-grained access management is not needed, configured in security settings.
Viewable by anyone, self-service credentials with RBAC
Public
key-auth (or any other appropriate Authentication strategy)
Anyone can view the API’s specs and documentation, but must sign up for a developer account and create an Application to generate credentials and API keys.
A Konnect Admin must assign a developer to a Team to provide specific role-based access. RBAC is enabled to allow Teams assignments for developers, granting credentials with the API Consumer role.
Sign up required to view API specs and/or documentation
Private
key-auth (or any other appropriate Authentication strategy)
Once published, the API appears in the selected Portal. If user authentication is enabled, developers can register, create applications, generate credentials, and begin using the API. If RBAC is enabled, approved developers must be assigned to a team to access the API.
When you upload a spec for your API to Dev Portal, you can use the Try it! feature to allow developers to try your API right from Dev Portal. Try it! enables developers to add their authentication credentials, path parameters, and request body from the spec renderer in Dev Portal and send the request with their configuration.
The Try it! feature is enabled by default for published APIs. You can disable it by sending a PATCH request to the /v3/portals/{portalId}/customization endpoint. You must also enable the CORS plugin for this feature to work. Use the table below to determine the appropriate CORS configuration based on the Routes associated with your APIs:
Add a new Route at the same path with methods: OPTIONS configured.
Add a global Route (a Route that isn’t associated with a Service) at the Control Plane-level with methods: OPTIONS configured (no path needs to be specified).
You can filter and categorize published APIs on your Dev Portals with custom attributes. By assigning attributes to an API, this allows users to filter APIs in the Dev Portal sidebar. For an API, you can define one or more custom attributes, and each attribute can have one or more values. For example, if you had a Billing API, you could label it with "visibility": ["Internal"] and "platform": ["Web", "Mobile"].
For more information about how to use custom attributes for filtering APIs displayed in your Dev Portal, see the MDC documentation.
If the published API has an authentication strategy configured for it, you must include your key in the request. All requests without a key to the Service linked to the API are blocked if it is published with an auth strategy.
If you recently viewed the related content, your browser might be serving a cached version of the page. To fix this, you can clear your browser cache and refresh the page.
API Products were used to create and publish APIs to classic (v2) Dev Portals. When the new (v3) Dev Portal was released, the API Products menu item was removed from the sidebar navigation of any Konnect organization that didn’t have an existing API product. If you want to create and publish APIs, you can create a new (v3) Dev Portal. To get started, see Automate your API catalog with Dev Portal.