A process for manually approving new users
Today, you have the possibility to force a manual process for approving a user access to a product. However, if you need to enable simple username-password you have no possibility to have a manual process for approving a user access to the portal.
It would be good for a user to see all products and APIs available in the portal, being able to browse and discover APIs. This means that anyone can create a user and browse APIs, basically spying on a company thru the names of APIs and products.
The other way is to hide all APIs behind Products that users needs to be allowed to see. If you do this, you take away all discoverability.
A better way would be to audit new users manually and allow all users to see all products, and then demanding access to products the same way as always.
Thank you for the feedback! We added this suggestion to the backlog and will update the item when we prioritize it for implementation.