Consider the following guidelines for managed API groups:
•After you activate the managed API with API-level JSON web token authentication, you can't remove the JSON web token authentication from that particular API group. You must create another managed API group without JSON web token authentication.
•Enabling the API-level JSON web token authentication while creating an API group overrides all the operation-level authentications. You can't change the authentication type while creating a managed API group.
•If an associated rate limit policy is disabled for an operation in an API group, the disabled policy is removed automatically from the operation while activating its managed API group.
•You can't activate a managed API group if its API group contains a disabled API-level rate limit policy. Edit the managed API group to associate a valid API-level rate limit policy and then activate the managed API group.