AWS API Gateway connection errors out some times - aws-api-gateway

I'm invoking a private API Gateway endpoint authentivated by cognito in my application but when I hit it multiple times or send request one after the other, sometimes it returns me the expected response some times it doesn't saying 401 unauthorized.
I checked the documentations saying there might be vpc issue but of vpc was the case, it shouldn't have connected in the first place right? Please help me what to do next?

Related

REST API random 404 error when a server is down on load balancer

We have a REST based API project. The project is hosted in IIS on multiple servers on a load balancer.It works great except when a server goes down on the load balancer, we receive a 404 Bad Request error for few seconds and then it resolves itself. How do we resolve this? Are there any changes that need to be done in IIS or on the REST API project itself?
As far as I know, if you use IIS ARR's loadbalance there is no need to add the specail setting to check the server's status. The IIS ARR healthy test will auto send the request to check the server is work well or not. If the IIS ARR find the server is down or return error, it will not redirect the request to the server.
Besides, as far as I know, the 404 error means the page not found not the bad request. Normally, 400 is the bad request status code.
If you find a server is down in your server farms, I suggest you could try to access the server directly through the brwoser to know the details error message.
If the server return 404 error, that means your browser couldn't access the server, it is a network issue normally. You should check the DNS server setting or make sure the IIS web application is running.
If the server return 400 error, you should troublshooting according to the details 400 error message. Normall, it shows when the request contains the wrong header.

Accessing IBM API Connect endpoint through Postman

I just created an REST API in API Connect and the endpoint works when I test it in the APIC assemble tab. It requires a client id and client secret. When I send a request through Postman, I currently get a “Could not get any response” message from when I try to add them as header values or OAuth authorization. I’m using the request endpoint that’s displayed when I hit the debug button from the successful response on the Assemble tab. Is this the correct endpoint to use? How do I properly include the client id and client secret in a Postman request?
If you get a "Could not get any response in Postman", that means that Postman can't reach the destination of the request.
There are several reasons for that:
Is it an intranet or internet endpoint?
Are you using a proxy? (check proxy config)
Is the hostname resolvable? (try ip)
If it is an https
endpoint, with a self signed certificate, check if you have SSL
Certificate verification enabled (Settings-> general)
On the other hand, to send the client-id and client-secret headers, just click on Headers tab and add both (see the following picture)
Please check the below things to get access to API Connect published services.
Service needs to be allowed to invoke from postman(System from which you are invoking.)
Please check the web-api MPGW service titled in DataPower default domain created when you configure your API connect with DataPower have you created an access control list in the front-side-handler.
Please disable the SSL configuration in the postman, sometime this may create a problem(since the service exposed from API Connect will be with SSL)
From the error you are getting, I suspect there is no connection or only one-way traffic is enabled which means you are blocking response. If there is an issue with the request parameters you are sending, an error will be different saying, wrong client id or client secret.
Testing API which is on-boarded from API Connect will be straightforward or same we invoke other rest services.
Thx Srikanth
I needed to include the client id and client secret in the headers using the correct name for them, which is specified when creating/editing the api under the 'Security Definitions' category as 'Parameter Name'.
I was also hitting the wrong endpoint. To find the correct endpoint click the hamburger icon in the upper left of api connect website, select dashboard, click on the environment you want such as sandbox or dev, click settings, click gateway, then you'll see the endpoint.

REST API with Single Page Application over HTTPS on Firefox only

I am developing a web service using REST API. This REST API is running on port 6443 for HTTPS. Client is going to be a Single page application running on port 443 for HTTPS on same machine. The problem I am facing is:
While I hit the url say: https://mymachine.com/new_ui I get certificate exception for an invalid certificate because I use a self signed one, so mymachine.com:443 gets added to server exception. But still requests doen't go to REST API as they are running on https://mymachine.com:6443/restservice. If I manually add mymachine.com:6443 to server exception on firefox it works but it will not be the case in production for customers.
Some options that I thought are:
1. Give another pop up and ask to add REST server on port 6443 exception too.But this doesn't look proper as why an end user should accept the cerf for same domain twice. Also REST api server port can change.
Can we programmatically add exception for domain and both the ports in one shot? Ofcourse with the consent of the user. 3. Use a reverse proxy. But then its going to have memory footprint on our system. Also it will be time consuming.
Please suggest some options. How do I deal with it. Thank you

AWS Classic Load Balancer + EC2: web API requests returns 404

I have an AWS EC2 Jira instance running behind an AWS Classic load balancer. The site loads in the browser fine, but all API requests are returning 404 for some reason. It is not a Jira 404, but a generic 404 response with no body and minimal headers. Only response useful header seems to be Server: nginx.
Tried white-listing my client IP, opening up all ports, sending request to the LB and directly to the instance with proper security group settings, etc., but same 404 response is returned. I'm using Postman to test the API. I noticed when I load the EC2 instance directly in the browser, it redirects to the load balancer.
Returns 200 with HTML. Basic auth works, too.
GET http://jira (home page)
Returns 404:
GET http://jira/rest/api/2/issue/ticket-num (or any other /rest/ endpoints)
Where should I start looking to debug this 404 issue? I feel like I'm missing something basic. I'm not seeing any Jira configuration for setting up its rest API. I feel like perhaps it's a server configuration issue, although I've never come across manual web server configuration while installing Jira, so maybe on the AWS's side?
EDIT: still waiting to get ssh access to the instance, so I'll update as I get more info and access.
This HTTP 404 responses with very limited set of headers could be from the default (the bottom one) rule in ELB. I experienced similar issue getting HTTP 404 because instead of host header I set path and provided the host domain name in one of ELB rules. So the rule did not work and default rule returned 404 because there is no such path exists on the instance.
I would recommend to try to use Redirect to or Return fixed response options for default rule to check out if it goes to the default rule.

nodered http request node not completing for a particular url - stuck in requesting state

I have a node-red flow on bluemix which calls an api endpoint (drupal site on ibm container) a few times a day based on some processing. It was working fine till 3 days back. There was a networking issue with the drupal site, and http requests (default http request node with basic auth and GET) were not completing - the state was stuck at 'requesting'.
The container issue was resolved a day ago but requests from node-red are still not completing. The drupal site is accessible via browser and the api is working when tested with curl. Interestingly, if I give the IP address of site instead of the name in the url field, then the request completes. Since i am using virtual hosts, giving IP is not an option. What could be the problem, please help!!