Portal and security zones

Document ID : KB000096750
Last Modified Date : 17/05/2018
Show Technical Document Details
Question:

We are sharing  API gateway 9.2 between our companies in a multicoutntry installation.
For isolatng the APIs between them we are using security zones, I mean, since we dont want a country to have access to other countries APIs, we have created a security zone per country and asigned users to the security zone. It works fine but now we are facing the adoption of API Dev portal. In the same way we have done into the gateway we need to publish our APIs into the portal isolating the APIs between countries, let's say, between security zones.

How could we do that? I need the answer for both dev portal 3.5 and 4.2 

Environment:
Portal 3.5
Answer:
The developers from each region can be separated into organizations, and you'll want to manage the access to the APIs by: 
- ensuring the APIs are all private 
- The APIs are in API Groups that correspond to the regions 
- Account plans are created that correspond to the regions, which each account plan only containing the appropriate API Group 
- The regional organizations are then assigned the appropriate account plan. 

Using the account plans to manage private APIs is a key point here as it will help to keep the 3.5 portal in a migration compatible state should you choose to migrate from 3.5 to 4.x in the future.