Developer Portal

Self-service API consumption with governance guardrails.

The Hexarch Developer Portal is where teams discover APIs, subscribe to versions, and manage their applications—all within a governed framework that enforces access policies, rate limits, and version compatibility.

API Marketplace

Browse and discover certified APIs across your organization:

Protocol support: REST, WebSocket, GraphQL, gRPC
Lifecycle visibility: Draft, Published, Deprecated, Retired
Version browsing: See all versions of each API with their status
SLA descriptions: Understand what each API guarantees

APIs appear in the marketplace when they’re ready for consumption. Draft APIs are visible but not subscribable. Deprecated APIs show migration guidance.

Version-Locked Entitlements (vLock-v3.1)

This is the architectural guarantee that prevents breaking changes for locked subscriptions.

When an application subscribes to an API version:

The subscription is bound to that specific version
The gateway’s memory lookup table preserves version compatibility
Even if the upstream API releases v2, your subscription stays on v1
Breaking changes don’t reach your application until you explicitly upgrade

Why this matters:

No surprise breaking changes
Upgrade on your timeline, not the API provider’s
Version locks are immutable—once set, they don’t change silently

Access Plans

Each API version can offer multiple access plans with different constraints:

Plan Tier	Typical Limits	Access
Free	100 requests/day, 1 req/s burst	Public
Business	10,000 requests/day, 50 req/s burst	Approval required
Enterprise	1M+ requests/month, 100 req/s burst	Contract required

Plans define:

Quota: Total requests per period
Rate limit: Maximum burst capacity
Billing model: Usage-based, flat-rate, or free
Approval requirement: Self-service or requires review

Application Management

Creating an Application

Assign a name and organization unit
Configure credential types (OAuth2, JWT, API Key)
Track subscriptions across APIs

Managing Subscriptions

Subscribe to API versions
Select access plans
Monitor usage and quota consumption

Credential Lifecycle

Rotate credentials without subscription changes
Track token expiration
View gateway propagation status

Gateway Propagation

When you subscribe to an API, the entitlement propagates to the gateway fleet:

Subscription created — recorded in the control plane
Propagation initiated — pushed to gateway nodes
Synced — gateway acknowledges the entitlement
Active — requests are authorized

The portal shows propagation status in real-time. If sync fails, you see why.

Subscription Lifecycle

Status	Meaning
Pending Approval	Waiting for API owner review
Active	Authorized and synced to gateway
Suspended	Temporarily disabled (e.g., billing issue)
Revoked	Permanently terminated

Transitions are audited. You can see who approved, suspended, or revoked each subscription.

Consumer Identity Context

Applications in Hexarch are formal consumer identities—not just API keys:

Each app has an owner (person or team)
Subscriptions are tied to apps, not individuals
Audit trails attribute actions to app identities
Credential rotation doesn’t break the identity chain

This separates “who owns this” from “what credentials does it use.”

Governance visibility

For each application, you can see:

Entitlements: Which API versions are subscribed
Quotas: Current usage vs. limits
SLA locks: Guaranteed service levels
Gateway status: Verified or pending propagation

Why this matters

Without a governed portal:

API discovery is tribal knowledge
Version compatibility is “hope and pray”
Breaking changes arrive without warning
Quota enforcement is inconsistent

With Hexarch Developer Portal:

APIs are discoverable and documented
Version locks guarantee compatibility
Plans enforce quotas at the gateway
Audit trails show who has access to what

Next steps

Fleet Governance — how entitlements propagate to nodes
API Reference — endpoints for subscription management
Cryptographic Audit Chains — how subscriptions are recorded