Skip to main content
Version: latest

Subscriptions

A subscription is a relationship between a developer's application and an API product that grants the application access to consume the APIs in that product. Subscriptions enforce controlled access: a developer must subscribe before they can create credentials and make authenticated API requests.

Subscription Workflow

The subscription workflow follows these steps:

  1. A developer browses the API Hub and selects an API product.
  2. The developer subscribes one of their applications to the product.
  3. If auto-approval is enabled on the product, the subscription is immediately active.
  4. If auto-approval is disabled, the subscription enters a pending state and an administrator must approve it in the Provider Portal.
  5. Once the subscription is active, the developer can create credentials within the application to authenticate API requests.

Subscription Status

StatusDescription
wait_for_approvalThe subscription request has been submitted and is pending administrator approval.
subscribedThe subscription is active. The developer can create credentials and make API requests.

When an administrator rejects a pending subscription, the subscription record is deleted. When a developer or administrator cancels an active subscription, the subscription record is also deleted.

Auto-Approval

Each API product has a subscription_auto_approval setting:

  • Enabled: Subscriptions are immediately set to subscribed status without administrator intervention.
  • Disabled (default): Subscriptions enter wait_for_approval status. An administrator must review and approve the request.

Approval Process

When a subscription requires approval:

  1. An approval record is created with the event type api_product_subscription and status pending.
  2. If email notifications are configured, approvers (administrators with the appropriate permission) receive an email notification.
  3. If webhook notifications are configured on the API product, the configured endpoints are called.
  4. An administrator reviews the request in the Provider Portal and either accepts or rejects it.
  5. On acceptance, the subscription status changes to subscribed and the developer is notified.
  6. On rejection, the subscription is deleted and the developer is notified.

Batch Subscriptions

Developers can subscribe to multiple API products with multiple applications in a single request. The system creates a subscription for each (application, API product) combination. Each subscription follows the approval workflow independently based on the target API product's configuration.

Constraints

  • Only gateway-type API products support subscriptions. External products cannot be subscribed to because API7 Gateway does not proxy their traffic.
  • Only published API products accept subscription requests. Draft products are not visible to developers.
  • A subscription is unique per (application, API product) pair. Duplicate subscriptions are not allowed.

Additional Resources

API7.ai Logo

The digital world is connected by APIs,
API7.ai exists to make APIs more efficient, reliable, and secure.

Sign up for API7 newsletter

Product

API7 Gateway
API7 AI Gateway
API7 API Portal

Learn

API Gateway Guide
Plugin Hub
API Gateway Comparison
Customers

Resources

API Gateway Docs
Blog
Demo Hub
APISIX vs Kong

Company

About
Contact
Compliance Standards
Partners
Terms & Privacy
SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN PTE. LTD 2019 – 2026. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the Apache Software Foundation