Introduction
The Administration section in ApiShare is accessible from the main menu and provides tools for managing platform-wide configurations. This section is available only to Owners and allows administration of entities such as Tags, Categories, Integration Patterns, Roles, and Notifications.
Managing tags
Creating a tag
Prerequisites:
Owner permissions.
Steps:
Navigate to Administration > Classification & Taxonomy > Tags.
Click Add to create a new tag.
Complete the following fields:
name (required),
description (optional).
Click Save.
Post-Conditions:
The tag is created and can be assigned to various entities.
Editing a tag
Steps:
Select a tag from the list.
Click Edit and modify the details.
Click Save.
Post-Conditions:
The tag updates immediately across the platform.
Deleting a Tag
Steps:
Select a tag from the list.
Click Delete and confirm.
Post-Conditions:
The tag is permanently removed from all associated entities.
Managing categories
Creating an API/App/Organization/Documentation category
Prerequisites:
Owner permissions.
Steps:
Navigate to Administration > Classification & Taxonomy > Categories.
Choose API/App/Organization/Documentation category.
Click Add to create a new category.
Complete the following fields:
name (required),
description (optional),
visibility (required): Full access or Custom access.
Click Save.
Post-Conditions:
The category is created and can be assigned to
API Products, API Assets
Apps
Organizations
Documentation
Editing a category
Steps:
Select a category from the list.
Click Edit and update the details.
Click Save.
Post-Conditions:
The category is updated and immediately reflected in the platform.
Deleting a category
Steps:
Select a category from the list.
Click Delete and confirm.
Post-Conditions:
The category is permanently removed from all associated entities.
Managing integration patterns
Creating an integration pattern
Prerequisites:
Owner permissions.
Steps:
Navigate to Administration > Classification & Taxonomy > Integration Patterns.
Click Add to create a new integration pattern.
Enter the integration pattern metadata
name (required),
description (optional),
is productizable: if checked the new integration pattern grants the ability to productize the asset.
Click Save.
Post-Conditions:
The integration pattern is created and can be assigned to API Assets.
Editing an integration pattern
Steps:
Select an integration pattern from the list.
Click Edit and update the details.
Click Save.
Post-Conditions:
The integration pattern updates immediately in the platform.
Deleting an integration pattern
Prerequisites:
The integration pattern must not be assigned to any API Asset.
Steps:
Select an integration pattern from the list.
Click Delete and confirm.
Post-Conditions:
The integration pattern is permanently removed.
Cloning an integration pattern
Steps:
Select an integration pattern from the list.
Click Clone.
Enter the new name and description.
Click Save.
Post-Conditions:
A duplicate of the integration pattern is created.
Create a parameter
Steps:
Select an integration pattern from the list. A list of parameters should be visible
Click Add to create a new parameter
Change the parameter metadata
label (required),
placeholder (required),
info (required),
description (required),
insertion mode (required): the selection of one of these options branches to 5 different scenarios, where in each one a new set of controls is added to the platform
SCENARIO “Multi select”
cardinality (required),
available values (required),
default values
SCENARIO “Single-file upload”
cardinality (required),
extension (required)
SCENARIO “Single select”
cardinality (required),
available values (required),
default values
SCENARIO “Text box”
cardinality (required),
regex,
regex explanation
SCENARIO “Text input” (same as “text box”)
Click save
Post-Conditions:
The integration pattern updates immediately in the platform.
Editing a parameter
Steps:
Select an integration pattern from the list. A list of parameters should be visible.
Click on the edit button.
Modify the desired fields.
Click save
Post-Conditions:
The integration pattern updates immediately in the platform.
Deleting a parameter
Steps:
Select an integration pattern from the list. A list of parameters should be visible.
Click Delete and confirm.
Post-Conditions:
The parameter is permanently removed.
Managing roles and permissions
Creating a role
Prerequisites:
Owner permissions.
Steps:
Navigate to Administration > Access Management > Roles.
Click + to create a new role.
Complete the following fields:
name (required),
description (required),
role type (required).
permissions
Click Save.
Post-Conditions:
The role is created and available for assignment.
Editing a role
Steps:
Select a role from the list.
Click Edit and update the details.
Click Save.
Post-Conditions:
The role updates immediately in the platform.
Assigning roles to users
Steps:
Navigate to Organizations.
Select the Organization.
Click the Role Dropdown next to the user’s name.
Select a new role.
Post-Conditions:
The user’s role is updated immediately.
Managing notifications
Viewing notifications
Steps:
Navigate to Administration > Notifications.
Select an entity from the list to see related notifications.
Post-Conditions:
The notifications for the selected entity are displayed.
Enabling or disabling a notification receiver
Steps:
Select a notification from the list.
Click Edit to modify receiver settings.
Enable or disable push/email notifications.
Click Save.
Post-Conditions:
The notification settings for the receiver are updated.
Pausing or resuming notifications
Steps:
Select a notification from the list.
Click Pause to stop notifications or Play to resume.
Confirm the action.
Post-Conditions:
The notification is paused or resumed accordingly.
Adding a notification reminder
Steps:
Select a notification related to a deadline (e.g., API deprecation).
Click Edit.
Add a new Reminder Slot.
Click Save.
Post-Conditions:
A reminder notification is set before the main event.
Deleting a notification reminder
Steps:
Select a notification.
Click Edit.
Remove a Reminder Slot.
Click Save.
Post-Conditions:
The reminder notification is removed.
Managing visibility settings
Configuring API visibility
Steps:
Navigate to Administration > Access Management > Visibility.
Select API visibility settings.
Choose access type:
Full Access (public, including guests),
Custom Access (restricted by organization type, category, or specific organizations).
Set API Visibility by Organizations & by Statuses and Environments.
Post-Conditions:
API visibility is updated based on the selected criteria.
Configuring documentation visibility
Steps:
Navigate to Administration > Access Management > Visibility.
Select Documentation visibility settings.
Choose access type:
Full Access (public, including guests),
Custom Access (restricted by organization type, category, or specific organizations).
Set Documentation Visibility by Organizations.
Post-Conditions:
Documentation visibility is updated.
Managing policy templates
Administrators can define and maintain policy templates to standardize how Key Sets behave across the platform. These templates control expiration, rotation, and regeneration rules for credentials used in API subscriptions.
Creating a Policy Template
Preconditions
Owner permissions.
At least one supported authentication method must be configured on the platform.
Steps
Navigate to Administration > Security Governance > Keyset policy.
Click Create Policy Template.
Complete the following fields:
Name (required): A meaningful name. Cannot start with a space.
Authentication Type (required): Choose from the dropdown.
Description: Minimum two characters. Cannot start with a space.
Configure Expiration Period:
Enable or disable the setting.
Enter a duration (minimum 1 day).
Select a time unit (Days, Weeks, Months).
Configure Rotation Frequency:
Enable or disable the setting.
Enter a duration (minimum 1 day).
Select a time unit (Days, Weeks, Months).
If both expiration and rotation are enabled:
Grace Period is automatically calculated as: Expiration Period − Rotation Frequency.
Max Simultaneous Keys is calculated as: Expiration Period / Rotation Frequency.
(Optional) Enable Manual Regeneration by checking the corresponding box.
Define the Ruleset:
Select a field (API Tags or API Categories).
Choose a function (Contains / Not Contains).
Select one or more values.
All rule fields must be completed; otherwise, saving will be disabled.
Click Save.
Post-conditions
The policy template is saved.
All future Key Sets created through API subscriptions will comply with the configured security rules.
Tips
The Expiration Period must be greater than the Rotation Frequency.
For security reasons, the maximum number of simultaneous keys must not exceed two.
Editing a Policy Template
Preconditions
At least one policy template already exists.
Steps
Navigate to Administration > Security Governance > Keyset policy.
Select the policy template to edit.
Click Edit.
Modify the desired fields.
Click Save.
Post-conditions
The updated template will apply to future Key Sets generated with that template.
A confirmation message will confirm the successful update.
Deleting a Policy Template
Preconditions
The policy template must not be in use by any active Key Set.
Steps
Navigate to Administration > Security Governance > Keyset policy.
Select the policy template to delete.
Click Delete and confirm.
Post-conditions
The policy template is permanently removed and no longer available for assignment.
Managing subscriptions lifecycle settings
Configuring API approvability
In this section, you can define the default approval lifecycle that will be applied to all API Products that do not specify their own approvability settings.
These rules act as the global baseline for subscription governance across the platform.
Steps
Navigate to Administration > Security Governance > Subscriptions Lifecycle.
Locate the Business Approval and Technical Approval toggles.
Enable or disable each step based on your governance needs:
If both steps are disabled, all new subscriptions (for API Products without custom settings) will be automatically approved.
If one or both steps are enabled, subscriptions must pass these approval steps.
For each enabled approval step, define the criteria for skipping that step.
You may configure auto-approval rules based on:
Organization Type
Organization Category
Specific Organization
Confirm that the default lifecycle configuration reflects your desired baseline for all API Products that do not define custom approvability settings.
Click SAVE to apply the new default approval lifecycle and exception rules.
Post-conditions
The platform’s default subscription approvability rules are updated.
Any API Product without its own approval configuration will automatically inherit these default settings.
Existing API Products that already define custom settings are not affected.
Tips
If you want a fully automated subscription flow for all API Products unless otherwise specified, simply disable both approval steps in the default configuration.
Managing Core System configuration
Administrators can define and maintain core system configurations to standardize the platform’s operating environment. These settings control global application behavior, content governance limits, and outbound email server connectivity.
Managing general properties
Prerequisites:
Owner permissions.
Steps
Navigate to Administration > System > General
Review system information and configure the available properties to establish the platform's identity, privacy standards, and user governance rules:
Property | Description | Constraints & Behavior |
Platform Version | Displays the current version of the installed platform. This field is for informational purposes only. | Read-only. Cannot be modified. |
Platform Title (required) | Defines the global application title visible in the browser tab and as the homepage title. | Must contain at least 3 characters. |
Default Language (required) | Sets the primary language used across the platform interface for unauthenticated users or users who have not selected a personal preference. | Choose from the dropdown. |
Cookie Content (required) | Configures the legal disclaimer text displayed within the cookie consent modal upon a user's first visit. | Cannot be empty. |
Username Configuration (required) | Determines how the username is rendered in the user info sidebar. | Choose from the dropdown. |
Invitation Expiration Days (required) | Establishes the validity window (in days) for new user invitation links. Once this period elapses, the link becomes invalid. | Non-retroactive. New rules apply only to invitations generated after the configuration update. |
Post-conditions
The system updates and enforces the modified properties.
Managing documentation properties
Prerequisites:
Owner permissions.
Steps
Navigate to Administration > System > Documentation
Configure the properties listed below to regulate documentation versioning and enforce storage limits:
Property | Description | Constraints & Behavior |
Enable Versions Limit | Activates the storage retention policy for documentation history. | When enabled, the system enforces a specific cap on the number of historical versions retained for each document. |
Maximum Number of Stored Versions (required) | Defines the exact limit of documentation versions that can be stored concurrently. This setting is mandatory when "Enable Versions Limit" property is active. | Non-retroactive. New limits apply only to versions generated after the configuration update. Must be greater than 0 and less than 100. |
Post-conditions
The new retention limit will be applied to documentation versions generated after the configuration update.
Managing SMTP properties
Prerequisites:
Owner permissions.
Steps
Navigate to Administration > System > SMTP
Configure the following properties to establish connectivity with the outbound email server and define authentication credentials:
Property | Description | Constraints & Behavior |
Server Host (required) | Identifies the network address (domain or IP) of the outbound mail server. | Cannot be empty. |
Server Port (required) | Specifies the communication port used to connect to the mail server. | Must be a value between 1 and 65535. |
Username (required) | The account identifier required to authenticate the platform against the SMTP server. | Cannot be empty. |
Password | The credential secret used for server authentication. | Must be at least 8 characters long and contain at least one uppercase letter. |
Server SMTP Protocol (required) | Selects the transmission standard for email delivery. | Choose from the dropdown. Recommendation: SMTPS is the recommended protocol for secure transmission. |
Enable SSL Protocol | Enforces Secure Sockets Layer (SSL) encryption for the connection to the mail server. | Recommendation: Enabling SSL is recommended to ensure encrypted communication and protect credentials. |
Post-conditions
The system updates and enforces the modified properties for the SMTP server configuration.