App Creation

Create an app and manage visibility.

Table of Contents

  1. How do I create a new app?
  2. How do I decide which security mechanism to use?
  3. How does an app consume APIs?
  4. How do I manage app visibility?

How do I create a new app?

To add an app:
  1. From the Plus Menu, select Add a New App. The Add App Info page displays.
  2. To configure your app, specify the following information:
    Name Description
    App Name A descriptive name for your app. When developing an app naming convention, note that your initial app name will be automatically assigned as the App Name for subsequent versions (for example, Version 1.0) and will be "App Name [App Version Name].
    Version ID The app version name. This name will display on the Overview section of the My Apps > Details page.
    Tags Tags or keywords that can be used to search for posts or tickets in the App or API Boards.
    App Runtime ID A custom app identity for the current app definition. If left blank, the app will be randomly assigned an App ID (i.e., identity) in the format <fedmember> - <random-hex>. Note that an App ID cannot be changed after an App ID is assigned. You must create a new app version using the +Version function on the App Details page and issue a custom app identity.
    Shared Secret A custom Shared Secret for the current app definition. If left blank, a shared secret is automatically generated and can be viewed using the Show Keys > Click to View function on the App Details page. Depending on platform settings, the shared secret might be encrypted when displayed. A Shared Secret can be regenerated for a specific app using the Regenerate Key function on the App Details page.
    Visibility Your app's visibility setting: Public, Private, or Registered Users.
    App Description A detailed description of your app.
    Version Description A detailed description of your app version.
    App Website A URL for the website associated with the app.
  3. On the Add App Info page, specify the App Name, Version ID, Tags, App Runtime ID (auto-generated if not specified), Shared Secret (auto-generated if not specified), Visibility (Public/Private), App Description, Version Description,and App Website (optional). Notes:
    • You can optionally upload an icon to uniquely identify your app. See How do I upload and crop icons? for more information.
    • Your App description should include marketing, functional, and use case information.
  4. Click Save. The app information is saved and posted to the App Details page. If you would like to update your app information, click Edit.
  5. To exit this operation, click Cancel.

Back to top

How do I decide which security mechanism to use?

The security mechanism you choose for the messages your app will send to one or more APIs determines the level of security applied to the message. In general, a stronger security mechanism might include more setup or more processing on the part of your app. Your choices will be determined by such factors as the nature of your app and the nature of the messages your app will exchange with the API. For example, an app that processes financial transactions might require greater security than one that returns movie information.

In addition, the requirements or limitations of the specific API or APIs you are using are a key factor.

The platform supports the following security mechanisms:

Although the platform supports all of the above, a specific API hosted on the platform might not support them all. Check the API documentation for specific information about the security mechanisms supported.

For more information about the first three options, refer to App Security Options and Setup. For more information about OAuth options, refer to App Security.

Back to top

How does an app consume APIs?

After you create an app, several tasks must be performed so the app can consume an API.

Task Description
Identify APIs First, you must identify APIs you would like to add to your app. This can be done by performing a search via the Search Menu and browsing the APIs on the APIs > Details page of each API.
Provision App with Authentication Key Next, you must provision the app with an authentication mechanism. When you create your app, an App ID and Shared Secret are automatically assigned. If you prefer to use PKI over Shared Secret to sign your app, you can generate an X.509 Certificate file (CER), or a Certificate Signing Request (CSR) and import it. See How do app credentials work?
Add APIs and gain access to Sandbox environment

After targeting APIs you would like to add, the next step is to submit an API Access Request to license an API and gain access to the app sandbox or production environment.

This task is performed using the API Access Wizard accessible by clicking the Access link on the APIs > Details page of a selected API. Here you select the APIs which you would like to license. For APIs that require license agreement acceptance, you must review and agree to the terms of one or more license agreements before access will be granted. The Policies section allows you to select one or more SLA policies to be used for monitoring API performance and quota management.

Access to sandbox or production environments is, in most cases, automatically approved. The Sandbox or Production endpoints are available and visible in the My Apps > App > APIs page.

Build App The next step is to build your app as per the API requirements in terms of the semantics and security requirements of the API. Refer to the API documentation in the API > Documents section of your API for more information.
Configure OAuth Details and Authorization screen

If the API your app is connected to uses OAuth 1.0a and the Authentication Code and Resource Owner Credentials grant, or OAuth 2.0 and the Authentication Code and Implicit grant, you must specify a Redirect URL and Application Type, then configure an authorization screen.

Complete App Testing in Your Sandbox Set up simulated user accounts and data in your sandbox and test your app.
Request Production Approval When you are finished testing and ready to gain access to our production environment, you request production access using the API Access Wizard. Upon approval, you will be ready to go live and make calls to our production environment.
Update Application with Production Endpoint When the status of your Production Endpoint is "Activated" you must then update your app with the Production Endpoint URL.
Activate After the Production Endpoint is updated in your app, you can select Activate.

Back to top

How do I manage app visibility?

When you create an app using Create a New App, you can control whether visibility of the app is Public or Private via the "Visibility" option. You can change app visibility based on your requirements using the Edit function on the App Details page.

Back to top