Console
The Console is the API provider's administration interface. Platform admins and tenant managers use it to control the entire API lifecycle.
URL: console.gostoa.dev
Getting Startedβ
- Navigate to the Console URL
- Sign in via Keycloak (OIDC client:
control-plane-ui) - The dashboard shows an overview of your tenants and APIs
Dashboardβ
The Console dashboard provides:
- Tenant summary: Number of tenants, active APIs, subscriptions
- Recent activity: Latest API publications, subscription requests
- Health status: Platform component health checks
Tenant Managementβ
Creating a Tenantβ
- Navigate to Tenants β Create Tenant
- Enter:
- Name: Unique identifier (lowercase, hyphens allowed)
- Display Name: Human-readable label
- Contact Email: Tenant admin email
- Click Create
This provisions:
- Kubernetes namespace
tenant-{name} - GitLab repository for tenant config
- Keycloak group for tenant RBAC
Tenant Settingsβ
- Members: Add/remove users, assign roles
- Quotas: Set API and subscription limits
- Policies: Default policies applied to all tenant APIs
Tenant Selectorβ
If you have access to multiple tenants, use the tenant selector in the top navigation to switch context. Only resources belonging to the selected tenant are displayed.
API Managementβ
Publishing an APIβ
- Navigate to APIs β Create API
- Fill in:
- Name and Version
- Description
- OpenAPI Specification (upload or URL)
- Configure policies
- Click Publish
The API will appear in the Developer Portal and be synced to the gateway.
API Lifecycle Actionsβ
| Action | Effect |
|---|---|
| Publish | Make API live and discoverable |
| Deprecate | Mark as deprecated (still functional) |
| Retire | Deactivate API, stop traffic |
| Delete | Remove API and all subscriptions |
Monitoring APIsβ
View per-API metrics:
- Request count and error rate
- Latency percentiles (p50, p95, p99)
- Active subscriptions and consumers
- Gateway sync status
Subscription Managementβ
Reviewing Requestsβ
- Navigate to Subscriptions β Pending
- Review the consumer's application details
- Click Approve or Reject
Managing Active Subscriptionsβ
- Suspend: Temporarily disable access
- Revoke: Permanently terminate the subscription
- View usage: Request count and rate limit utilization
User Managementβ
Managed through Keycloak integration:
| Role | What They Can Do |
|---|---|
cpi-admin | Everything β all tenants, all operations |
tenant-admin | Full access within their tenant |
devops | Deploy and promote APIs |
viewer | Read-only access |
Adding a Userβ
- Navigate to Users β Invite
- Enter email address
- Select tenant and role
- The user receives an invitation via Keycloak
Gateway Adaptersβ
The Console shows the sync status between STOA and the target API gateways:
| Status | Meaning |
|---|---|
| Synced | API is live on the gateway |
| Pending | Sync in progress |
| Error | Sync failed β check logs |
| Drift | Gateway state differs from desired state |
The Gateway Adapter reconciliation can be triggered manually from the Console or automatically via ArgoCD.