Before You Import

Review the following before importing an API Service from the Boomi Platform into Cloud API Management.

Prerequisites

For the import to succeed in Cloud API Management, the following conditions must be met in the Boomi Platform:

• Port and Authentication Type Setup:

  Ensure at least one Runtime in the environment associated with the API has the Port and Authentication Type fields (Platform-managed settings) configured correctly. To set this up, configure the Shared Web Server settings to add a port and an authentication type.

  The Port value must match the Authentication Type. For example, on the Shared Web Server page, if you configured the Authentication Type as GATEWAY_BOOMITOKEN, the Port field must also have the gateway port. Refer to Listening Port Configuration for more information.

• Runtime Hostname:

  Cloud API Management does not support localhost or internal hostnames such as 127.0.0.1. If your runtime attachment is configured with these hostnames, the import will fail. Before importing, ensure that effectiveHostName is configured with a publicly reachable host.

Gateway Authentication

Depending on the Gateway Authentication type of your imported API Service, review the following to determine if additional configuration is required or can be skipped in Cloud API Management.

• All REST API Services deployed on the Platform, with or without Gateway Authentication, can be imported and managed in Cloud API Management.

• API Services with Gateway Authentication are shown as "Configured", and those without Gateway Authentication are shown as "Not Configured", in the Import from Boomi Platform wizard.

• If you select a "Not Configured" API Service for import, you must configure the System Domain Authentication Type on the Security Settings page to secure API traffic.

  Also, verify that the Your Endpoint Address field on the Domain & Traffic Routing page matches the Port and host address values (Platform-managed settings) configured on the Shared Web Server page for the selected Authentication Type.

• If you select a "Configured" API Service for import, no additional setup is required to secure API traffic. The authorization header is auto-populated in the Data to make available for pre-processing field on the Call Transformations. Since the Platform manages this header, it is recommended to leave this value unchanged.

What happens during import

Cloud API Management automatically handles the following during import:

• Endpoint Name Handling:

  Endpoint names are automatically cleaned up during import. Specific characters ({}()[]<>;:,?/\|*+=!@#$%^&"'~) are removed and extra spaces are trimmed.

• Domain Name Casing:

  If any imported domain name is in camel case, Cloud API Management converts it to lowercase. The original casing is not preserved.

• Smarter Authentication Selection:

  Cloud API Management supports seven authentication types with priority-based selection. If an imported API has multiple authentication types available across Runtime and Ports, it selects the Runtime with the highest-priority authentication type based on these criteria:

  Priority-based Authentication Type

  Priority	Authentication Type	Description
  1 (Highest)	GATEWAY_BOOMITOKEN	Gateway authentication using Boomi token
  2	BASIC	HTTP Basic Authentication
  3	CLIENT_CERT	Client certificate authentication
  4	CLIENT_CERT_HEADER	Certificate via HTTP header
  5	EXTERNAL_DELEGATE	External authentication delegation
  6	CUSTOM	Custom authentication mechanism
  7 (Lowest)	NONE	No authentication required

• Processor Configuration:

  The outbound authentication processor has been updated to use the Mashery_Proxy_Processor_Chain adapter. This change improves how processor configurations are applied during API Service import and aligns with the latest gateway integration standards.

• OAS Requirement:

  When you create an API Service in Boomi Platform, the OpenAPI Specification (OAS) is automatically generated in the background and stored in the documentation.oas file. Cloud API Management uses this OAS to import endpoint metadata and schemas. If the OAS has not been generated for your API Service, you may encounter errors or an empty endpoint list message during import.

• Pre-configured Settings:

  The settings on the Domain & Traffic Routing, Key & Method Detection, and Call Transformations tabs are pre-configured during import to preserve Platform-managed settings. Although you can modify these settings, it is recommended to leave them unchanged to ensure your API functions as expected.

Next Steps

When you are ready to start importing an API Service from Platform to Cloud API Management, refer to Importing API from Boomi Platform.