The Business API Access Request Approver is the person that will review the requests for usage of their APIs. This person is typically a unit or department head and should have the authority to say that other offices can use this data. Their review can come with extra restrictions around the expected usage of the data and time frames for usage. But the most important factor for this person is that they are someone who has been officially assigned the responsibility of custodianship of the data and they have the final sign-off.
Frequently Asked Questions
Where in the process am I supposed to be involved and what information do I need to be paying attention to?
The Business API Access Request Approver will receive an email after an Application Approval Request has been submitted and has had an initial review by one of the API Administrators. After logging into the API Developer Portal (https://developer.ucsb.edu/user/login) and heading to Forms > View API Access Requests, you will be able to see the details for the submitted request, including an Application Description, its audience, the requested API and data elements, narrative about its authentication and security as well as the business and technical contacts. You can use this information, as well as discussion outside of the system, in order to determine if you would like to grant or deny access to your API.
What information am I approving and who are the target audiences?
You are approving that the requestor should have access to the data that your API is providing, and utilize it in their application for their target audience as they described in the API Access Request Form.
What avenues of communication am I supposed to be used outside of the workflow to ascertain the information and what coordination do I need with the development teams?
You can use meetings, email, phone calls, etc. to gather the information you need in order to make an informed decision.
What do Auto-Approval, Approval Required, and Private have to do with the API Publishing?
APIs flagged for Auto-Approval will have access automatically granted for the requester. Approval Required APIs will route through the Business API Access Request Approver for approval. Private APIs listed on the developer portal are developed for specific purposes and functionalities. Generally, requests for access to Private APIs will not be granted.