9 Frequently Asked Questions for Oracle API Platform Cloud Service

This is a short list of our most frequently asked questions.

How is the Oracle Data Model Superior to its Competitors?

These features make the Oracle data model superior to its competitors:
  • Deployment — One API can be deployed to multiple gateways. The identity of the API is maintained as a single entity making it easier to manage. The iteration history allows you to quickly determine which API iteration is deployed to a specific gateway.

  • Grants — A grant is a relationship between a user and an object. Grants allow you to manage the permissions you assign to users or groups to access specific objects. For example, a user with permissions to issue grants can assign a grant to another user.

  • Plans and OAuth — The Oracle data model supports this relationship: Application <> Registration <> Plan <> APIPlan Contract <> API. This relationship allows the application developer to choose the plan they want to use to access an API. An API can be associated with multiple plans, a plan can be associated with multiple APIs, and an application can be registered to multiple plans. You determine where the Oauth Token is used. This flexibility allows you to create custom solutions to meet your specific requirements.

Are API Manager, API Catalog, and API Gateway used with API Platform?

No. Although API Platform has similar capabilities to the other products, it is a unique application. The only shared component is the Oracle Communications Services Gatekeeper (OCSG) server runtime engine.

Does My Service Stop when the Number of Allowed Requests are Exceeded?

No. Requests will continue to be processed and you will be notified that you have exceeded your subscription limit. If you do not purchase additional subscriptions or credits, management service access is discontinued.

Does API Platform Have API Harvesting Capabilities?

No. With API Platform, you model APIs and services to expose the REST APIs needed to create and manage the API objects and services.

Can I Use APIs to Automate or Extend the Capabilities of API Platform?

Yes. You can use APIs to extend the capabilities of API Platform including modifying the history table, localizing the development portal, customizing the development portal, and managing API iterations.

Are Unknown Developer Portal Users Supported?

No. Support for unknown developer portal users is not supported in this release.

Is API Cloning Supported?

Yes. See Clone an API.

Are SOAP APIs Supported?

SOAP APIs are supported. Gateways handle requests to SOAP services as an HTTP passthrough. You can use any policy with SOAP, but certain policies do not make much sense to use with SOAP.

For example, a method mapping which takes the HTTP resource/verb and maps it to different HTTP resource/verb combination. SOAP is all HTTP POST

The OAuth2 policy is another example. Yes, you can use OAuth2 with SOAP, but the implementation uses a JSON web-token and SOAP is XML. While possible, it would be a bit awkward to mix/match the two.

Interface filtering is yet another because there is only one resource (and verb) combination with SOAP.

You can use rate limits and other policies with SOAP and this follows a best practice.

Can Requests be Routed to the Nearest Gateway or to a Different Instance of the Underlying Service?

No. Requests are routed to the gateway before the API is invoked. To route requests to the nearest gateway or a different instance of the underlying service, use gateway based routing to invoke a configured service for a specific gateway. To enable gateway based routing, deploy a single API to send requests to the specified gateway service.

Can I View a History of User Activity or API Iterations?

Yes. Use the REST API to view a history of user activity. Use the .../apis/{api_id}/iterations/{iteration_id} resource to view API iteration history.

Does the API Gateway Allow Auto Scaling?

No. Auto scaling is not supported in this release.

Is API Runtime Call Traffic Sent from the Gateway to Management Service?

No. If the identity management (IDM) system lacks the library necessary for local gateway authentication, the gateway calls the IDM system to authenticate users.

What Tools are Available to Assist with the Design and Creation of REST, SOAP, and Other APIs?

To simplify API development, Oracle API Platform Cloud Service integrates with Oracle Apiary. You can design APIs in either API Blueprint or Swagger 2.0. Interactive documentation is auto generated and the Oracle API Platform Cloud Service user interface includes a console for accessing the documentation and making API calls. Oracle Apiary also instantiates a mock service which can be used to interact with the examples provided in the API specification file.

How is Documentation Created and Reviewed in the API User Portal?

If the API is configured to use the documentation provided through Oracle Apiary, the Oracle Apiary documentation viewer is available inside the Developer Portal. Documentation is automatically uploaded from Oracle Apiary when the page is loaded. The API Manager who configures the Oracle Apiary documentation must have an Oracle Apiary Pro team account. Users wanting to view documentation in the Developer Portal do not require an Oracle Apiary account.

How Do I Configure Keystores on a Gateway Node?

See Configure Keystores in WebLogic Server Administration Console Online Help for information about configuring keystores on a gateway node.

How Do I Obtain a CA-Signed Certificate for the Management Server OTD?

You can obtain a CA-signed certificate in Oracle Traffic Director. See Obtaining a CA-Signed Certificate in the Oracle Traffic Director Administrator’s Guide for more information.

What Are the Prerequisites for Installing a Gateway Node in Production Mode?

If set the gatewayExecutionMode property is set to Production mode, ensure that the OTD public certificate is CA signed. See Obtaining a CA-Signed Certificate and Installing a Certificate in Oracle Traffic Director Administrator's Guide to import the certificate chain. In addition, ensure that the intermediate and root certificate of the CA-signed certificate installed on OTD is trusted by the trust store configured on the gateway. It is also recommended that the gateway should be configured with custom identity and custom trust or custom identity and Java standard trust. See Configure Keystores for WebLogic Server.