Manage API collections
API definitions in 42Crunch Platform are organized into API collections. API collections group your APIs into meaningful units that are easier to manage than trying to keep track of individual APIs.
Create API collections
You can create new API collection either when importing an API, or separately for a future need.
- In 42Crunch Platform, click New collection under the main menu on the left.
- Enter a name for your collection.
- Click Add collection.
The API collection is created and added to the list of collections visible to you. You can now start importing APIs to your new collection.
View API collections
API collections are the first step to navigating the platform UI and finding your APIs.
- To view API collections you use often, click on the collection name in the list of recent API collections under the main menu on the left. You can see all the APIs in that collection.
-
To view the full list of API collections visible to you, click API collections in the main menu.
If you have plenty of collections, use the search bar at the top of the page to filter the collection list. You can use either the name or the UUID of the collection you want.
The collections you own are marked with . The collections that are shared with you are marked with or depending on the access level you have.
Organization administrators have access to view and modify all API collections in their organization. This means that all API collections in an organization are visible to all organization administrators like the collections were their own, both on the API Collections page and in the monitoring dashboards. If an organization has several API collections, we recommend using more descriptive collection names that just organization and company name to be able to tell all collections apart.
- To view who owns a particular API collection in your organization, click > Show owner on the collection you want. You can see the name and the email address of the owner.
The collections you own are marked with , the collections that are shared with you are marked with .
If you have plenty of collections, use the search bar at the top of the page to filter the collection list. You can use either the name or the UUID of the collection you want.
Organization administrators have access to view and modify all API collections in their organization. This means that all API collections in an organization are visible to all organization administrators like the collections were their own, both on the API Collections page and in the monitoring dashboards. If an organization has several API collections, we recommend using more descriptive collection names that just organization and company name to be able to tell all collections apart.
Share API collections to other users
All API collections are private by default, meaning that they and the APIs in them are visible only to you. However, you can share API collections with other users in your organization, so they too can access your APIs. Sharing API collections instead of individual APIs makes it easier to keep track of what you have shared and who can see it.
You cannot share API collections if your organization administrator has not given you permission for this function. For more details on user permissions, see Permissions.
- Go to the API collection you want to share.
- Click Share API collection.
- Start typing the user or team name in the search, and select the ones you want to share the collection with.
- Select the access level that the selected users or teams will have on the API collection, and click Add. You can also edit the access levels later in the sharing list.
- If you want to give a user in a team different access level than the rest of the team, search and add that user again, this time granting them the access level you want. The user is now marked to have different access level
than the rest of the team.
Organization administrators and auditors can also export the list of users that an API collection and its APIs are shared with and the access levels that these users have.
- When ready, click Update permissions.
Your API collection has now been shared with the teams or user you selected and they can now access it as you defined. To share the collection with more teams or users, change the access level, or make your collection private again, click Edit sharing.
For more details on the different access levels and what other users can or cannot do, see Sharing APIs and access level.
Export API collection details
Organization administrators and auditors can export the list of API collections in their organization, including details like the UUIDs and names of both the collection and its owner as well as the owner's email address. This allows, for example, organization administrators to communicate to collection owners when actions are required from them.
- In API collections, click Export.
- Select the format (JSON or CSV) for the export.
The list of collections is exported as a file which you can, for example, use for further automation or open in a suitable program.
Change the owner of an API collection
Organization administrators can change the owner of any API collection in their organization to transfer full control of the collection to someone else.
- In API collections, go to the collection you want to transfer to someone else, and click > Change owner.
- Select the new owner for the API collection, and click Confirm.
The ownership of the API collection and all APIs in it is transferred to the user you selected.
Rename API collections
If you want to change the name you have given to your API collection, you can rename it.
- In API collections, go to the collection you want to rename, and click > Rename collection.
- Enter a new name for the collection, and click Rename.
Define a naming convention for API collections
Organization administrators can specify a regular expression that all API collections created in the organization must follow. The naming convention is applied in addition to the pattern already imposed by 42Crunch Platform.
If you have integrated API Security Audit to your CI/CD pipeline with the integration plugin, pay attention that you do not define a naming convention that conflicts with the one that the plugin uses, especially if you have changed the default collection name. This could prevent the integration plugin from working properly, which could disrupt your CI/CD.
- Click next to your username, and click System preferences.
- Under Naming conventions, go to Collection.
- Define the regular expression for the pattern you want to use, and add an example of how the suitable name could look. If you want, you can also add a further description on the pattern.
You can also provide a description for the naming convention on a web page outside 42Crunch Platform. In this case, simply include the URL where users can find more information in the description field; users can follow the link to learn more if the name they entered goes against the set convention.
- When ready, click Apply.
The naming convention is enforced all new API collections created in your organization, and if existing collections are renamed.
For more information on regular expressions, see the following:
- Language-agnostic information on regular expressions at Base Definitions page on regular expressions
- OWASP Validation Regex Repository
- RegExr, an online tool for building and testing regular expressions
Delete API collections
You can delete an API collection you want to remove from 42Crunch Platform. Deleting an API collection also removes the APIs in it from the platform.
Deleting an API collection permanently removes it from 42Crunch Platform. This action cannot be undone.
- Click API collections.
- On the collection you want to remove, click > Delete collection.