Register an API

You can register an API with Akamai by entering all details manually or by importing an API definition file that contains information about your API. If you choose to import a file, you still need to enter a few API Gateway-specific parameters to complete the registration process.

API: You can also complete this task by using the API Endpoints API. Run the Register an endpoint operation. Learn more about Akamai’s APIs.

How to

  1. On the API Definitions page, click Register an API.
  2. On the Register new API page, in the API endpoint panel, in the API name field, enter a name for your API.
  3. From the Access control group menu, select the access control group that you want to associate with the API.
    An access control group (ACG) is a group of users who can view or edit an API. You can select only the ACGs for which you have a role with at least the API Definitions URL Path Editor permission in Identity and Access Management. The ACG selection impacts the hostname selection in the subsequent steps of API registration. Each ACG has a set of hostnames tied to it via a property configuration. For more information, see Access control group (ACG) model.
  4. Optional: If your API uses GraphQL to describe content and deliver it to clients in a structured form, set the GraphQL API switch to Yes.
    This will enable you to configure GraphQL query and body parameters and set GraphQL-specific caching instructions.
  5. Optional: If your API uses API keys for authentication:
    1. In the API key location area, select the location for your API key.
    2. In the location Name field, enter a name for the API key location.
      where location is either Header, Cookie, or Query parameter.
    Akamai uses API keys for user quota and reports.
    Important: If you decide to use API keys for your API configuration, to make productive use of the security benefits that the keys provide, your API consumers should make only secure (HTTPS) requests to your API.

    API key authentication is one of the two protection methods that API Gateway provides. You can also use JSON web tokens to improve security. To optimize the performance of your system, it’s best to implement one protection method per API configuration.

  6. Optional: In the Description field, enter a description for your API.
  7. Optional: In the Categories field, enter or select categories to serve as API filters on the main page.
  8. Optional: If your API contains non-Bot Manager Premier resources, optionally, turn the Case-sensitive URLs and parameters switch on.
    By default, this switch is set to off. Akamai then disregards the case of the following elements in incoming requests: base path, resource path, parameter name, parameter value.

    For bot management, if an API is case-sensitive and a bot operator changes a path’s or parameter’s case in a request, the API doesn’t match the request format and bot detections don’t apply. This may open an evasion path. Disabling the case-sensitivity helps you avoid these potential bot evasions.

  9. If your API uses versioning, follow Enter API version details.
  10. Follow one of these steps:
    If you want to import API endpoint and resource information from an API definition file, then go through API definition file import.
    If you want to enter API endpoint and resource information manually, then do these steps:
    1. Enter API Endpoint details. Follow Enter API endpoint details.
    2. Optional: If you have access to KSD features, set constraints on the API request body and resources. Follow Set API request body and resource constraints.
    3. Add resources to your API endpoint. Follow Add API resources.
  11. Click Save.