0

Case: I want to expose APIs through the API Manager in a multi-tenant manner. Hope i can explain what i want. So in fact an API key belongs to a particular Tenant.

Example: I want to expose for a GetCustomers API. Because i only want to return customers of that tenant how can i achieve this without the tenant as a parameter (GetCustomers(tenant))?

  1. Is it possible to get the Tenant given an API Key?
  2. Is there another way to achieve this?

Regards Roger

Abimaran Kugathasan
  • 31,165
  • 11
  • 75
  • 105
Roger van de Kimmenade
  • 1
  • Your question isn't clear, Do you want to expose your API throughout different tenant? – Abimaran Kugathasan Jan 21 '15 at 11:31
  • Hello Abimaran, The API itself is available public. However its is used by different Organisations (tenants). Within the API the organisation is able to call GetCustomers. However only customers of that organisation may be returned. The customers are for example stored within a backend database with organisation as an attribute. Hope this helps? – Roger van de Kimmenade Jan 21 '15 at 11:34

1 Answers1

1

If i got correctly, I think i can format your problem as below,

You have an public API, which can be invoked by all users from all tenants. But whenever user belongs to one particular tenant invokes that API, API has to return users belongs to that particular tenant.

Solution

You can define your backend service which can extract user details based on the tenant parameter. Tenant parameter can be passed when request hit APIManager. For this, user does not need to pass what tenant he belongs to it. From the API itself you should be able to extract that value from the address header and pass that to backend.

I think above is the right way to implement. If you do not want to pass 'Tenant' parameter to your backend, then there will be multiple cloned backend services need to be hosted for each tenant to extract customer details belongs to that tenant. It is a bad design.

Ratha
  • 9,434
  • 17
  • 85
  • 163