Vendor API
STACKIT Marketplace defines several APIs that can be integrated by providers:
- Resolve customers
- List all subscriptions
- Retrieve a subscription
- Approve a subscription
- Reject a subscription
API authorization
Section titled “API authorization”STACKIT Marketplace uses STACKIT Identity and Access Management (IAM). IAM is a central authorization system that is based on the Resource Manager and enables fine-grained access management to your STACKIT resources.
Permissions
Section titled “Permissions”STACKIT Marketplace defines several authorizations for the provider API:
-
marketplace.subscription.list -
marketplace.subscription.get -
marketplace.subscription.approve -
marketplace.subscription.rejectThese authorizations are linked to the basic roles of STACKIT:
owner,editor, andviewer. If the provider project and a STACKIT service account have been successfully prepared, these authorizations are assigned implicitly.
STACKIT Marketplace resource hierarchy areas
Section titled “STACKIT Marketplace resource hierarchy areas”The project resource is used to enforce API access - for both customers and providers. For STACKIT customers, STACKIT Marketplace purchases (subscriptions) are linked to the consumer project (STACKIT Marketplace customer). This grants API access via the STACKIT Portal and resolves the billing reference. For STACKIT Marketplace providers, this will grant API access to the provider domain, including access to subscriptions, audit logging and other STACKIT service access relevant to fulfill business requirements.
Providers are never authorized for any resource in the customer’s organization - and vice versa.
If access to the customer’s organization is required to fulfill the functionality of the product, please contact the STACKIT Marketplace team at marketplace@stackit.cloud.