Creates an API product in an organization. You create API products after you have proxied backend services using API proxies. An API product is a collection of API resources combined with quota settings and metadata that you can use to deliver customized and productized API bundles to your developer community. This metadata can include: - Scope - Environments - API proxies - Extensible profile API products enable you repackage APIs on the fly, without having to do any additional coding or configuration. Apigee recommends that you start with a simple API product including only required elements. You then provision credentials to apps to enable them to start testing your APIs. After you have authentication and authorization working against a simple API product, you can iterate to create finer-grained API products, defining different sets of API resources for each API product. WARNING: - If you don't specify an API proxy in the request body, any app associated with the product can make calls to any API in your entire organization. - If you don't specify an environment in the request body, the product allows access to all environments. For more information, see What is an API product?


You will need authorization for the scope to make a valid call.

If unset, the scope for this method defaults to You can set the scope for this method like this: apigee1 --scope <scope> organizations apiproducts-create ...

Required Scalar Argument

  • <parent> (string)
    • Required. Name of the organization in which the API product will be created. Use the following structure in your request: organizations/{org}

Required Request Value

The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely.

For example, a structure like this:

  api-resources: [string]
  approval-type: string
  created-at: string
  description: string
  display-name: string
  environments: [string]
    operation-config-type: string
  last-modified-at: string
  name: string
    operation-config-type: string
  proxies: [string]
  quota: string
  quota-counter-scope: int64
  quota-interval: string
  quota-time-unit: string
  scopes: [string]

can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time.

  • -r . api-resources=lorem
    • Comma-separated list of API resources to be bundled in the API product. By default, the resource paths are mapped from the proxy.pathsuffix variable. The proxy path suffix is defined as the URI fragment following the ProxyEndpoint base path. For example, if the apiResources element is defined to be /forecastrss and the base path defined for the API proxy is /weather, then only requests to /weather/forecastrss are permitted by the API product. You can select a specific path, or you can select all subpaths with the following wildcard: - /**: Indicates that all sub-URIs are included. - /* : Indicates that only URIs one level down are included. By default, / supports the same resources as /** as well as the base path defined by the API proxy. For example, if the base path of the API proxy is /v1/weatherapikey, then the API product supports requests to /v1/weatherapikey and to any sub-URIs, such as /v1/weatherapikey/forecastrss, /v1/weatherapikey/region/CA, and so on. For more information, see Managing API products.
    • Each invocation of this argument appends the given value to the array.
  • approval-type=eos
    • Flag that specifies how API keys are approved to access the APIs defined by the API product. If set to manual, the consumer key is generated and returned in "pending" state. In this case, the API keys won't work until they have been explicitly approved. If set to auto, the consumer key is generated and returned in "approved" state and can be used immediately. Note: Typically, auto is used to provide access to free or trial API products that provide limited quota or capabilities.
  • created-at=labore
    • Response only. Creation time of this environment as milliseconds since epoch.
  • description=sed
    • Description of the API product. Include key information about the API product that is not captured by other fields.
  • display-name=duo
    • Name displayed in the UI or developer portal to developers registering for API access.
  • environments=sed
    • Comma-separated list of environment names to which the API product is bound. Requests to environments that are not listed are rejected. By specifying one or more environments, you can bind the resources listed in the API product to a specific environment, preventing developers from accessing those resources through API proxies deployed in another environment. This setting is used, for example, to prevent resources associated with API proxies in prod from being accessed by API proxies deployed in test.
    • Each invocation of this argument appends the given value to the array.
  • graphql-operation-group operation-config-type=no

    • Flag that specifies whether the configuration is for Apigee API proxy or a remote service. Valid values include proxy or remoteservice. Defaults to proxy. Set to proxy when Apigee API proxies are associated with the API product. Set to remoteservice when non-Apigee proxies like Istio-Envoy are associated with the API product.
  • .. last-modified-at=stet

    • Response only. Modified time of this environment as milliseconds since epoch.
  • name=kasd
    • Internal name of the API product. Characters you can use in the name are restricted to: A-Z0-9._\-$ %. Note: The internal name cannot be edited when updating the API product.
  • operation-group operation-config-type=et

    • Flag that specifes whether the configuration is for Apigee API proxy or a remote service. Valid values include proxy or remoteservice. Defaults to proxy. Set to proxy when Apigee API proxies are associated with the API product. Set to remoteservice when non-Apigee proxies like Istio-Envoy are associated with the API product.
  • .. proxies=sed

    • Comma-separated list of API proxy names to which this API product is bound. By specifying API proxies, you can associate resources in the API product with specific API proxies, preventing developers from accessing those resources through other API proxies. Apigee rejects requests to API proxies that are not listed. Note: The API proxy names must already exist in the specified environment as they will be validated upon creation.
    • Each invocation of this argument appends the given value to the array.
  • quota=et
    • Number of request messages permitted per app by this API product for the specified quotaInterval and quotaTimeUnit. For example, a quota of 50, for a quotaInterval of 12 and a quotaTimeUnit of hours means 50 requests are allowed every 12 hours.
  • quota-counter-scope=-68
    • Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.
  • quota-interval=vero
    • Time interval over which the number of request messages is calculated.
  • quota-time-unit=erat
    • Time unit defined for the quotaInterval. Valid values include minute, hour, day, or month.
  • scopes=sed
    • Comma-separated list of OAuth scopes that are validated at runtime. Apigee validates that the scopes in any access token presented match the scopes defined in the OAuth policy associated with the API product.
    • Each invocation of this argument appends the given value to the array.

About Cursors

The cursor position is key to comfortably set complex nested structures. The following rules apply:

  • The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o .
  • The cursor position is set relative to the top-level structure if it starts with ., e.g. -r .s.s
  • You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar.
  • You can move the cursor one level up by using ... Each additional . moves it up one additional level. E.g. ... would go three levels up.

Optional Output Flags

The method's return value a JSON encoded structure, which will be written to standard output by default.

  • -o out
    • out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.

Optional General Properties

The following properties can configure any call, and are not specific to this method.

  • -p $-xgafv=string

    • V1 error format.
  • -p access-token=string

    • OAuth access token.
  • -p alt=string

    • Data format for response.
  • -p callback=string

    • JSONP
  • -p fields=string

    • Selector specifying which fields to include in a partial response.
  • -p key=string

    • API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.
  • -p oauth-token=string

    • OAuth 2.0 token for the current user.
  • -p pretty-print=boolean

    • Returns response with indentations and line breaks.
  • -p quota-user=string

    • Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
  • -p upload-type=string

    • Legacy upload protocol for media (e.g. "media", "multipart").
  • -p upload-protocol=string

    • Upload protocol for media (e.g. "raw", "multipart").