Skip to main content
Portal App Usage Purposes
  • Providing secure access to APIs
  • Tracking and reporting API usage on an application basis
  • Managing API Keys
  • Managing API Product subscriptions

Portal App Management in API Manager

In API Manager, administrators can view and manage all portal applications.

Creating New Portal App

New Portal App Creation Screen
1

Step 1

Click the ”+ Create” button in the top right on the Portal App list page
2

Step 2

Fill in the following information in the opened dialog:
  • Account: Select the portal account the application will be linked to from the dropdown list (Required)
  • Name: Application name (Required, Max: 255 characters)
  • Reference ID: Unique ID of the application (Required, UUID is automatically generated)
  • Description: Application description (Optional)
3

Step 3

Click the “Save” button
4

Step 4

Success message is displayed and list is updated

Portal App Detail Page

Portal App Detail Screen
SectionInformationDescription/Function
Header SectionInformation is displayed in card form at the top of the page* Account: Account name (clickable link, goes to account detail)
* Name: Application name
* Reference ID: Unique application ID
* Description: Application description
* Created Date: Creation date (in dd/MM/yyyy HH:mm:ss format)
* Edit Button: To edit application information
API Keys SectionAll API Keys belonging to the application are listed in this section.* API Key: Username of the credential (used in API calls)
* Enabled: Active/Passive status (with green/red dot)
* Created Date: Key creation date
* Expire Date: Key validity period (or “Never Expire” if none)
* Actions: Revoke (Cancel) button

API Key Creation:
1. Click the “Generate Key” button in the table header
2. System automatically:
* Generates a unique username (UUID)
* Generates a unique password (UUID)
* Creates the credential in active status
* Assigns the application’s account and organization information
3. New key is added to the table

API Key Revocation:
1. Click the “Revoke” button on the row of the key you want to cancel
2. Key’s status becomes passive (enabled = false)
3. This key can no longer be used in API calls
API Products SectionAPI Products the application is registered to are listed in this section.API Product: Product name
Description: Product title/description
Plan: Selected plan details (Free, Subscription, Metered, Tiered)
Status: Registration status (APPROVED, WAITING, REJECTED, UNSUBSCRIBED)
Actions: Unregister (Cancel Registration) button
For API Product statuses added to API Product:🟢 APPROVED: Approved, actively in use 🟡 WAITING: Waiting for approval 🔴 REJECTED: Rejected ⚫ UNSUBSCRIBED: Registration cancelledstatuses are explained on the Approval Requests page.
Cancelling API Product Registration:
  • Click the “Unregister” button on the row of the product you want to cancel
  • Registration status is updated to UNSUBSCRIBED
  • Application can no longer access this API Product
This operation is done from API Manager. Portal users cannot cancel their registrations on the detail page.

My Applications in API Portal Interface

On API Portal, users can only see and manage their own applications.

Creating Application from Portal

Application Creation from Portal Application List on Portal
Step 1: When the My Applications page opens and an empty list card and “You don’t have any applications yet” message appears:
  • Click the ”+ Create” button
  • Fill in the information in the opened dialog
Step 2:
  • Click the “Save” button
  • When registration is completed, your first automatically created application is added to the list and your first API Key is prepared
For the steps to be taken according to the API Product’s status after the registration process is completed, it is explained in detail in the API Product Access Settings section on the Approval Requests page.
Another method of creating an application on the API Portal interface is to perform operations through the “My Applications” page. This page is the central area where all management steps such as creating new applications, editing or deleting existing applications are performed. On the API Product detail screen, only adding an existing application to the relevant API Product is possible; application editing or deletion operations are not performed here. Additionally; when creating an application on the API Manager side, the Account / Developer section must be entered. However, since the user is already logged in with verified identity on the Portal side, applications created through Portal are automatically saved as belonging to the relevant user. Below, the interface of the Portal My Applications page is shown as an example. My Applications Page on Portal

API Key (Credential) Management in API Portal Interface

API Key Structure Each API Key has the following properties:
PropertyDescription
UsernameKey used in API calls (in UUID format)
PasswordSecret key (in UUID format)
App IdID of the application it belongs to
Account IdID of the account it belongs to
Organization IdID of the organization it belongs to
EnabledActive/Passive status (true/false)
CreatedCreation date
Expire DateValidity period (optional)
Account CredentialWhether it is an account-based credential (true/false)

API Key Creation and Revocation Flow

API Key Flow Diagram
  1. User clicks “Generate Key” button
  2. Username in UUID format is generated in the system
  3. Password in UUID format is generated in the system
  4. Credential object is created:
    • username: UUID
    • password: UUID
    • appId: [Application ID]
    • accountId: [Account ID]
    • organizationId: [Organization ID]
    • enabled: true
  5. CredentialUpdateDTO is created:
    • credential: [Credential object]
    • accessControlList: []
    • accountCredential: true
  6. POST request is sent to backend
  7. Successful response is received
  8. Credential list is refreshed
  9. Success message is shown to user

API Product Registration Statuses

Status Descriptions:
StatusDescriptionBadge ColorUsage
WAITINGWaiting for approvalYellowRegistration created, waiting for admin approval
APPROVEDApprovedGreenApplication can use APIs
REJECTEDRejectedRedRegistration rejected, application cannot use
UNSUBSCRIBEDRegistration cancelledGrayUser or admin cancelled registration

Usage Scenarios

  1. User logs into Portal
  2. Goes to “My Applications” page from menu
  3. Clicks ”+ Create” button
  4. Fills out the form:
    • App Name: “Mobile iOS App”
    • App Id: Automatic UUID
    • Description: “API access for iOS application”
  5. Clicks “Save” button
  6. System automatically:
    • Creates the application
    • Generates the first API Key
    • Shows success message to user
  7. User sees the new application in the list
Result:
  • Application is ready
  • First API Key is ready to use
  • Can register to API Products
  1. User goes to “API Products” page
  2. Selects the desired API Product
  3. Selects a plan (Free, Subscription, etc.)
  4. Selects their application
  5. Clicks “Subscribe” button
  6. Registration is created (Status: WAITING)
  7. Admin approves registration (Status: APPROVED)
  8. User sees registration on application detail page
  9. Makes API calls using their API Key
Result:
  • Application can access API
  • Throttling/Quota limits are applied
  • Usage is tracked and reported
  1. User goes to application detail page
  2. Sees existing API Keys
  3. Decides to change key for security reasons
  4. Creates new key with “Generate Key”
  5. Updates new key in their code
  6. Tests and verifies it works
  7. Revokes old key with “Revoke”
Result:
  • Security increased
  • Old key invalidated
  • New key actively in use
  1. User decides to delete an application they no longer use
  2. Goes to “My Applications” page
  3. Clicks menu button (⋮) of the application to be deleted
  4. Clicks “Remove” option
  5. Checks the application in the confirmation dialog
  6. Clicks “Delete” button
  7. System:
    • Deletes the application
    • Revokes all API Keys
    • Removes API Product registrations
  8. Success message is shown
Result:
  • Application completely deleted
  • All related resources cleaned up
  • API calls fail
  1. Admin logs into API Manager
  2. Goes to Portal Management > Portal Apps page
  3. Sees all users’ applications
  4. Selects an application and goes to detail page
  5. Checks API Product registrations
  6. If necessary:
    • Creates new API Key
    • Revokes existing keys
    • Approves/rejects API Product registration
    • Cancels registration (unregister)
  7. Edits application information
  8. Changes are saved
Result:
  • Admin can perform centralized management
  • User applications are monitored
  • Necessary interventions are made

Frequently Asked Questions

Portal App is an application created to access APIs. Each API call is made with an API Key belonging to an application, thus usage can be tracked and controlled.
A user can create as many applications as they want. There is no limit.
Yes, there can be multiple applications with the same name under the same account. Reference ID is unique in all cases.
Password is shown once and is not stored in the system. If forgotten, the key should be revoked and a new key should be created.
You can create as many API Keys as you want in an application. There is no limit.
No, a revoked key cannot be reactivated. A new key must be created.
Yes, an application can register to as many API Products as desired.
Registrations are usually manually approved by admin. Approval time varies according to system policies.
Yes, you can delete the registration and create it again. However, it is recommended to contact admin to learn the rejection reason.
API Manager is where administrators manage all applications. API Portal is where users manage only their own applications.
Yes, admin can view, edit, and delete all applications.