The API Gateway User Store contains the configuration data for managing API Gateway user information. This topic introduces the concepts of API Gateway Users, Groups, and Attributes. It explains how to manage these components on the Users screen in the Policy Studio.
![[Note]](../common_oracle/images/admon/note.png) |
Note |
|---|---|
|
API Gateway Users provide access to the messages and services protected by the API Gateway. Whereas Admin Users provide access to the API Gateway configuration management features available in the Policy Studio and API Gateway Manager. For more details, see the Managing Admin Users topic. |
API Gateway Users specify the user identity in the User Store. This includes details such as the user name, password, and X.509 certificate. API Gateway Users must be a member of at least one User Group. In addition, Users can specify optional Attributes, and inherit Attributes at the Group level.
To view all existing Users, select the Users and Groups -> Users node in the Policy Studio tree. The Users are listed in the table on the main panel of the Policy Studio. You can find a specific User by entering a search string in the Filter field.
You can create API Gateway Users on the Users page in the Policy Studio. Click the Add button on the right to view the Add User dialog.
Adding User Details
To specify the new user details, complete the following fields on the General tab:
-
User Name
Enter a name for the new user.
-
Password
Enter a password for the new user.
-
Confirm Password
Re-enter the user's password to confirm.
-
X.509 Cert
Click the X.509 Cert button to load the user's certificate from the Certificate Store.
Adding User Attributes
You can specify optional User Attributes on the Attributes tab, which is explained in the next section.
You can specify Attributes at the User level and at the Group level on the Attributes tab. Attributes specify user configuration data (for example, attributes used to generate SAML attribute assertions).
Adding Attributes
The Attributes tab enables you to configure user attributes as simple name-value pairs. The following are examples of user attributes:
-
role=admin -
email=niall@oracle.com -
dept=eng -
company=oracle
You can add user attributes by clicking the Add button. Enter the
attribute name, type, and value in the fields provided. The Encrypted
type refers to a string value that is encrypted using a well-known encryption
algorithm or cipher.
API Gateway User Groups are containers that encapsulate one or more Users. You can specify Attributes at the Group level, which are inherited by all Group members. If a User is a member of more than one Group, that User inherits Attributes from all Groups (the superset of Attributes across the Groups of which the User is a member).
To view all existing Groups, select the Users and Groups -> Groups node in the Policy Studio tree. The User Groups are listed in the table on the main panel of the Policy Studio. You can find a specific Group by entering a search string the Filter field.
You can create User Groups on the Groups page in the Policy Studio. Click the Add button on the right to view the Add Group dialog.
Adding Group Details
To specify the new group details, complete the following fields on the General tab:
-
Group Name
Enter a name for the new group.
-
Members
Click the Add button to display the Add Group Member dialog, and select the members to add to the group.
Adding Group Attributes
You can specify optional Attributes at the Group level on the Attributes tab. For more details, see the Attributes section.
To edit details for a specific User or Group, select it in the list, and click the Edit button on the right. Enter the updated details in the Edit User or Edit Group dialog.
To delete a specific User or Group, select it in the list, and click the Remove button on the right. Alternatively, to delete all Users or Groups, click the Remove All button. You are prompted to confirm all deletions.
