Skip to content
Apiway Docs

Manage APIs I consume

You depend on third-party APIs — payment providers, identity services, shipping calculators. They’re in your critical path but not in your governance.

What you need

Section titled “What you need”
  • An Apiway tenant (register free — £1,000 credit included)
  • The OpenAPI specs of the external APIs you consume (or the ability to describe them)

The pipeline

Section titled “The pipeline”

  1. Register the external API

    Bring the external API into your platform so it’s visible and governed:

    Terminal window
    curl -X POST https://core.api.apiway.net/v1/programmes/consume \
      -H "Authorization: Bearer $TOKEN" \
      -H "Content-Type: application/json" \
      -d '{
        "name": "Stripe Payments API",
        "provider": "stripe.com",
        "specification": "<base64-encoded OAS>"
      }'

    The API is deployed through your tenant’s gateway for metering and compliance tracking. No mocks, no verification — this is a consumption record.

  2. Store the credentials

    Register the API key or OAuth credentials you use with this provider:

    Terminal window
    curl -X POST https://core.api.apiway.net/v1/subscriptions/{id}/credentials \
      -H "Authorization: Bearer $TOKEN" \
      -H "Content-Type: application/json" \
      -d '{
        "type": "api-key",
        "key": "sk_live_...",
        "expiresAt": "2026-12-31"
      }'

    The platform tracks expiry and alerts you before credentials expire. No more 3 AM surprises.

  3. Route through your gateway

    Calls to the external API go through your gateway, which:

    • Meters every request as a resource unit (cost tracking)
    • Enforces your rate limits (protect your quota)
    • Logs the call (audit trail)
    • Injects credentials automatically (no hardcoded keys in your code)

  4. Set a cost guard

    Protect your budget against runaway consumption:

    Terminal window
    curl -X PUT https://core.api.apiway.net/v1/subscriptions/{id}/limits \
      -H "Authorization: Bearer $TOKEN" \
      -H "Content-Type: application/json" \
      -d '{
        "budgetCeiling": 5000,
        "budgetUnit": "GBP",
        "alertThreshold": 80
      }'

    Alert at 80% spend. Hard stop at ceiling. Your CFO will thank you.

  5. See the full picture

    The Wealth Engine shows consumed APIs alongside produced APIs:

    Terminal window
    curl https://core.api.apiway.net/v1/wealth-engine/portfolio \
      -H "Authorization: Bearer $TOKEN"

    Revenue from your APIs minus cost of external APIs = your API P&L. Per API, per consumer, per month.

What you got

Section titled “What you got”
  • Visibility — every external API dependency in one place
  • Cost tracking — metered consumption with budget guards
  • Credential lifecycle — expiry alerts and proactive rotation
  • Audit trail — every outbound call logged
  • P&L — consumed API costs feed into your Wealth Engine

Next steps

Section titled “Next steps”