Welcome to Intergraph Smart API Manager - Intergraph Smart API Manager - 2020 (4.0)

Welcome to Intergraph Smart API Manager - Intergraph Smart API Manager - 2020 (4.0) - Help

Intergraph Smart API Manager Help

Language

English

Product

Intergraph Smart API Manager

Search by Category

Help

Smart API Manager Version

4.0

Welcome to Intergraph Smart® API Manager, an API management system that focuses on registering and securing access to Smart APIs developed by Hexagon.

Smart API is the name for RESTful web APIs developed and delivered by Hexagon.

How Smart APIs are used

Software developers use Smart APIs to write custom software applications called Smart Clients. Smart APIs ensure a consistent development experience by following standards. Smart APIs are:

Consistent in pattern by supporting RESTful principles.
Consistent in operation by supporting the OData v4 protocol.
Secure by supporting the OAuth 2.0 protocol and OpenID Connect.

For more information on these standards and an overview of Smart Client development, see Smart API Developer Documentation.

How access to Smart APIs is managed

Managing Smart APIs focuses primarily on security. Smart Clients must be able to call Smart APIs, but only if the identity of the user can be authenticated and authorized.

A Security Token Service (STS) is bundled with Smart API Manager and handles authorization for all requests to use a Smart API. The STS authenticates callers and validates identity against its own internal identity store, or by delegating to an external identity provider.

Smart API Manager supports CA SiteMinder, Integrated Windows Authentication, and Windows Credentials as external identity providers out-of-the-box. You can also configure custom external identity providers, such as Azure Active Directory and Active Directory Federation Services (ADFS).

So, Smart API Manager focuses on giving you the tools to manage and configure security concerns for Smart APIs. Smart API Manager lets you:

Register Smart APIs. A Smart API must be registered to be usable.
Create and manage groups, for example adding identities and specifying claims.
Authorize a group to access a Smart API.
Manage claims for a group, which are name/value pairs that allow you to control access to a Smart API at a more granular level.
Register Smart Clients. A Smart Client must be registered to call Smart APIs.

Get started with setting up or administering secure access

Whether you are setting up initial access for Smart APIs or managing an existing configuration, you use multiple features of Smart API Manager.

The order in which you perform tasks does not always matter, but sometimes there are prerequisites. For example, a group must exist before it can be authorized for a Smart API.

To get started, see the topics for these features:

Smart APIs
Groups
Smart Clients

For assistance with Smart Client development, click Dev Docs on the left panel.

Change Smart API Manager settings

The following items affect all Smart APIs:

Identity settings - Add or change settings for external applications your company uses to define and manage user credentials, such as Integrated Windows Authentication (IWA).
Token settings - Enable or disable refresh tokens, change the lifetime for identity, access, and refresh tokens, and change the lifetime for authorization codes.

Customer Support
Hexagon Policy Against Software Piracy
Copyright 2016-2024, Hexagon AB and/or its subsidiaries and affiliates
Version 2020 (4.0)
Published Thursday, February 29, 2024 at 10:43 PM