Re: [Apiman-user] apiman suitable for managing end users?

Hi Tim. Interesting scenario. The typical scenario is that the apiman UI is only used by service providers and application developers. End users will typically not use the apiman UI. However, that doesn't mean apiman can't track end users. If authentication is enabled (either BASIC or OAuth2), then rate limiting can be configured on a per-user basis. When you configure the rate limit policy, you can choose "user" as an option and then provide the HTTP header containing the user. When configuring the authentication policy (which must come first in the policy chain) you would need to enable forwarding of the username. In addition, the next version of apiman will also include the authenticated user in the metrics data. This would allow you to query the elasticsearch metrics information by username. We won't have any specific support in the UI for breaking down metrics by user, at least not right away, but it will be in the data at least. Of course, you *can* use apiman the way you are suggesting. But as you observed there are some challenges. We don't currently have a way to assign roles to users automatically when they register. It would need to be a feature request I think: https://issues.jboss.org/browse/APIMAN I think if we added a very generic "user registration" extension point to apiman, then you could write your own custom handler to do whatever you want. Such a handler would be invoked the first time a new user logged into apiman. You could drive off their email address, roles, whatever. You could also provide a handler via a plugin. Thoughts? :) -Eric On 7/19/2015 7:45 AM, Tim Dudgeon wrote: