İçindekiler

Overview

Portal App (Application) refers to the applications created by API Portal users to access API products. Each application:

  • Is linked to a portal account (Portal Account)
  • Has a unique reference ID
  • May have one or more API Keys
  • May be registered to one or more API Products

Portal App Usage Purposes

  • To provide secure access to APIs
  • To monitor and report API usage on an application basis
  • To manage API Keys
  • To manage API Product subscriptions
  • API Manager'da Portal App Yönetimi

In API Manager, administrators can view and manage all portal applications.

Creating a New Portal App


StepDescription/ Process
Step 1

Click the “+ Create” button in the upper right corner of the Portal App list page.

Step 2

Fill in the following information in the dialog box that opens:

  • Account: Select the portal account to which the application will connect from the drop-down list (Required)
  • Name: Application name (Required, Max: 255 characters)
  • Reference ID: The application's unique ID (Required, automatically generated UUID)
  • Description: Application description (Optional)
Step 3

Click the “Save” button

Step 4

The success message is displayed and the list is updated.

Portal App Details Page

SectionInformationDescription/ Process

Header Section

Information is displayed in card format at the top of the page.

  • Account: Account name (clickable link, goes to account details)

  • Name: Application name

  • Reference ID: Unique application ID

  • Description: Application description

  • Created Date: Creation date (dd/MM/yyyy HH:mm:ss format)

  • Edit Button: To edit application information

API Keys Section


This section lists all API Keys for the application.

  • API Key: The username of the credential (used in API calls)
  • Enabled: Active/Inactive status (indicated by a green/red dot)
  • Created Date: The date the key was created
  • Expire Date: The key's validity period (or “Never Expire” if none)
  • Actions: Revoke button

API Key Creation:

  1. Click the “Generate Key” button in the table header
  2. The system automatically:
    • Generates a unique username (UUID)
    • Generates a unique password (UUID)
    • Creates the credential in active status
    • Assigns the application's account and organization information
  3. The new key is added to the table

Revoke API Key:

  1. Click the “Revoke” button on the row of the key you want to revoke
  2. The key's status becomes inactive (enabled = false)
  3. This key can no longer be used in API calls

API Products Sections

This section lists the API Products that the application is registered with.

API Product: Product name

Description: Product title/description

Plan: Selected plan details (Free, Subscription, Metered, Tiered)

Status: Registration status (APPROVED, WAITING, REJECTED, UNSUBSCRIBED)

Actions: Unregister button

API Product added to API Product statuses

🟢 APPROVED: Approved, in active use

🟡 WAITING: Awaiting approval

🔴 REJECTED: Rejected

 UNSUBSCRIBED: Registration canceled

The statuses are described on the Approval Requests page.

Canceling an API Product Registration:

  • Click the “Unregister” button on the row of the product you wish to cancel.
  • The registration status will be updated to UNSUBSCRIBED.
  • The application will no longer be able to access this API Product.

Note: This process is performed from the API Manager. Portal users cannot cancel their registrations on the details page.

My Applications in the API Portal Interface

In the API Portal, users can only view and manage their own applications.

Creating an Application from the Portal

ScenarioStep

Function

Scenario A: User with No Application

Step 1: If an empty list card and the message “You don't have any apps yet” appear when the My Apps page opens:

Click the “+ Create” button

Fill in the information in the dialog box that opens

Step 2:

Click the “Save” button. Once the registration is complete, your first automatically generated application will be added to the list and your first API Key will be prepared.

Scenario B: Users with Existing Applications


Step 1: If the applications are listed on the list page in a card/table:

The “+ Create” button in the upper right corner is always visible; clicking this button allows you to add a new application.

Step 2:

Select the app and plan, then register.

After the registration process is complete, the steps to be taken based on the status of the API Product are explained in detail in the API Product Access Settings section on the Approval Requests page.

Another way to create an application in the API Portal interface is to use the “My Applications” page. This page is the central hub for all management steps, such as creating new applications, editing existing applications, or deleting them.

On the API Product details screen, you can only add an existing application to the relevant API Product; editing or deleting applications is not possible here.

Additionally, when creating an application on the API Manager side, the Account/Developer section must be entered. However, since the user is already logged in with verified credentials on the Portal side, applications created through the Portal are automatically saved as belonging to the relevant user.

Below is an example of the Portal My Applications page interface.

API Key (Credential) Management in the API Portal Interface

API Key Structure

Each API Key has the following properties:

ÖzellikAçıklama
UsernameKey used in API calls (in UUID format)
PasswordSecret key (in UUID format)
App IdApplication ID it belongs to
Account IdAccount ID it belongs to
Organization IdOrganization ID it belongs to
EnabledActive/Inactive status (true/false)
CreatedCreation date
Expire DateValidity period (optional)
Account CredentialWhether it is an account-based credential (true/false)


API Key Creation Flow

API Key Revocation Flow

1-The user clicks the “Revoke” button. 1-The user clicks the “Generate Key” button.

1-The user clicks the “Revoke” button


2-A username is generated in UUID format for the system.

2-The credential object is updated:

  • enabled: false (inactive)
  • Other information remains the same

3-A password is generated in UUID format for the system.

3-CredentialUpdateDTO is created

4-Credential object is created:

  • username: UUID
  • password: UUID
  • appId: [Application ID]
  • accountId: [Account ID]
  • organizationId: [Organization ID]
  • enabled: true

4-A PUT request is sent to the backend


5-CredentialUpdateDTO oluşturulur:

  • credential: [Credential nesnesi]
  • accessControlList: []
  • accountCredential: true


5-A successful response is received

6-A POST request is sent to the backend

6-Credential list is updated

7-A successful response is received

7-Key appears in passive mode (red dot)

8-Credential list is updated


9-A success message is displayed to the user.


API Product Registration Statuses

Status Descriptions:

StatusAçıklamaBadge RengiKullanım
WAITING

Awaiting approval

Yellow

The registration has been created, awaiting admin approval.

APPROVED

Approved

Green

Application APIs can be used

REJECTED

Rejected

Red

Registration denied, application cannot be used

UNSUBSCRIBED

Registration canceled

Gray

Registration rejected, application cannot be used. User or admin canceled the registration.

Usage Scenarios

ScenarioStep

Scenario 1: Creating a New Application (Portal User)

  1. The user logs into the Portal
  2. Goes to the “My Applications” page from the menu
  3. Clicks the “+ Create” button
  4. Fills out the form:
    1. App Name: “Mobile iOS App”
    2. App Id: Automatic UUID
    3. Description: “API access for iOS application”
  5. Clicks the “Save” button
  6. The system automatically:
    1. Creates the application
    2. Generates the first API Key
    3. Displays a success message to the user
  7. The user sees the new application in the list

Result:

  • The application is ready
  • The first API Key is ready for use
  • API Products can be registered

Scenario 2: Registering and Using the API Product

  1. The user goes to the “API Products” page
  2. Selects the desired API Product
  3. Selects a plan (Free, Subscription, etc.)
  4. Selects their application
  5. Clicks the “Subscribe” button
  6. A registration is created (Status: WAITING)
  7. The admin approves the registration (Status: APPROVED)
  8. The user sees the registration on the application details page
  9. Makes API calls using the API Key

Result:

  • The application can access the API
  • Throttling/Quota limits are applied
  • Usage is monitored and reported

Scenario 3: API Key Management and Rotation

  1. The user goes to the application details page
  2. Sees the current API Keys
  3. Decides to change the key for security reasons
  4. Creates a new key with “Generate Key”
  5. Updates the new key in their code
  6. Tests it and verifies that it works
  7. Revokes the old key with “Revoke”

Result:

  • Security has been enhanced
  • The old key is invalidated
  • The new key is actively in use

Senaryo 4: Uygulama Silme ve Temizlik

  1. The user decides to delete an app they no longer use.
  2. They go to the “My Apps” page.
  3. They click the menu button (⋮) for the app to be deleted.
  4. They click the “Remove” option.
  5. They check the app in the confirmation dialog.
  6. They click the “Delete” button.
  7. System:
    1. Deletes the app.
    2. Revokes all API Keys.
    3. Removes API Product records
  8. A success message is displayed

Result:

  • The application is completely deleted
  • All related resources are cleaned up
  • API calls fail

Scenario 5: Application Management by the Administrator

  1. The Admin logs into the API Manager
  2. Goes to Portal Management > Portal Apps page
  3. Sees all users' applications
  4. Selects an application to go to the details page
  5. Checks API Product records
  6. If necessary:
    1. Creates a new API Key
    2. Revokes existing keys
    3. Approves/rejects the API Product registration
    4. Unregisters the registration
  7. Edits application information
  8. Changes are saved

Result:

  • The Admin can perform central management
  • User applications are monitored
  • Necessary interventions are made

Sık Sorulan Sorular

About

QuestionAnswer

About the Portal App

What is the Portal App and why is it necessary? The Portal App is an application created to access APIs. Each API call is made using an API Key belonging to an application, allowing usage to be tracked and controlled.
 How many applications can a user create?

A user can create as many applications as they want. There is no limit.

Can I create two applications with the same name? Yes, multiple applications with the same name can exist under the same account. The Reference ID is unique in every case.

About the API Key

What happens if I forget my API Key password?The password is displayed once and is not stored in the system. If forgotten, the key must be revoked and a new key generated.
How many API Keys can there be in one application?  You can generate as many API Keys as you want in an application. There is no limit.
Can I reactivate a canceled key?

No, a revoked key cannot be reactivated. A new key must be generated.

About API Product Registrations

Can an application register for more than one API Product? 

Yes, an application can register for as many API Products as it wants.

When will my registration in WAITING status be approved?Registrations are usually manually approved by the admin. The approval time varies according to system policies.
 Can I reapply for a rejected (REJECTED) registration?Yes, you can delete the registration and create it again. However, it is recommended that you contact the admin to find out the reason for the rejection.

About Management and Security

What is the difference between API Manager and API Portal?API Manager is where administrators manage all applications. API Portal is where users manage only their own applications.
Can the Admin interfere with my application?

Yes, the admin can view, edit, and delete all applications.