You can sort managed APIs into logical groups to more easily manage the APIs in the organization. Also, you can add a URL context to a group, and generate a JSON web token for a group of APIs.
For example, create one group for APIs that handle salaries and a second group for APIs that handle HR updates, and generate a token for each group. This ensures that API consumers from the salary department cannot run APIs that handle HR updates, and API consumers from the HR department cannot run APIs that handle salaries.
A managed API can belong to only one group. When you add a URL context to a managed API group,
adds the context to all API URLs of the APIs that belong to the group.
When you create an OAuth 2.0 client, you can choose managed API groups that the OAuth 2.0 client applies to. OAuth 2.0 tokens that you generate for the client can invoke all the managed APIs in the group for which OAuth 2.0 authentication is enabled. When you generate a JSON web token for an API group, you can use the generated token to invoke any managed API in the group for which JSON Web Token (JWT) authentication is enabled. For more information, see
Authentication and authorization.