Apigee - Setting up a New App

Question

I created a new account on Apigee. I can successfully run the sandbox app, but I am having difficulty setting up a new app.

I created the new app in the admin panel and downloaded the SDK (Javascript). The new-project-template however contains the code for sandbox (not my new app). When I change the code in index.html to reflect my new app and attempt to run it, I get the "fail" callback. Also, I see no activity in the Admin Panel under "Monitoring" for this app.

How do I properly setup a new app?

Thank you, -Russ

Answer 1

I think you are having a problem because your users, role and permissions are not setup correctly in your new app. The user trying to access App Services does not have permission for that collection, so it cannot query it. See https://apigee.com/docs/app-services/content/managing-access-defining-permission-rules. You can create a new role that has permissions on that collection and then assign that role to users as you like. Alternatively, you can add permissions to the collection to the Guest role. If you add the permissions to the Guest role, you would not need to assign the role to users.

Answer 2

If you were using the sandbox app before, it has all permissions wide open (/** on Guest). When you created a new app, it does not have this. So you can either add said permissions as Mike Mallow suggests, or, you can start using oauth to allow users of your app to log in. Once they log in, they will get a token that can be used for all future calls to the API. This section explains this in more detail:

http://apigee.com/docs/app-services/content/app-security

This section tells about how to add the code to your app so your users can log in and get tokens:

http://apigee.com/docs/app-services/content/authenticating-users-and-application-clients

And this section tells about how to use the tokens (although, if you are using the SDK, that part will be handled for you):

http://apigee.com/docs/app-services/content/authenticating-api-requests

Answer 3

Each app in App Services (API BaaS) has its own set of API keys (client_id, client_secret). It's likely that you'll need to update these as well, which is the cause of the errors.

You can find these keys on the "Getting Started" tab of your new app. The docs explain how you can update these in your app.

Bear in mind too though, server app credentials shouldn't be used on the client-side (like index.html) in any production environment; if someone were to get ahold of those, they could have unrestricted access to your app. Instead, look at implementing user-based authentication and limit use of the app-level (or org-level) credentials to server-side services.