I have some REST APIs my backend server listens for (I used node express).
I want to use my friendly url api.mywebsite.com to forward all routes to horribleuglybackendname.aws.com, e.g.
api.mywebsite.com/some/route -> horribleuglybackendname.aws.com/some/route
I want to use API gateway to simply forward any routes to my backend. If I create a HTTP API (not REST) this seems easy to do but if I create a REST API I cannot see how to configure it. Perhaps you can't? If you can't why not? What is the alternative?
Thanks
So it seems $default is for HTTP APIs only. The UI is different between HTTP and REST API configuration. If you want to do a catch-all route for REST APIs you need to use {proxy+}.
This is good (ctrl-f for catch-all and you should be set)
https://aws.amazon.com/blogs/aws/api-gateway-update-new-features-simplify-api-development/
Related
We are using apigee API gateway and exposing a REST endpoint. We understand apigee supports various options for securing the endpoint.
Our use case is that this REST endpoint should call another REST API provided by a software vendor. Software vendor have their own authentication and authorisation mechanism. Basically they have users and roles concept.
My question what is the best practise in this case? Should we authn and authz at gateway level Or at vendor REST API level or both ?
In any case, there is no escaping authn and authz at vendor REST API level.
Please suggest. Thank you.
In your case it first depends on whether you are simply presenting a proxy in front of the vendor API, or if your own API provides distinctive services and the vendor's API is only one of perhaps several "call outs" your middleware makes to offer its overall value. Another way to look at it is to ask: are the customers of your API endpoint uniquely your customers, or are they really just customers of the vendor's underlying API? You might choose to use your own layer of API client AuthN/AuthZ if this is uniquely your own API 'product' or you may choose to pass-through credentials directly to the vendor API if your endpoint is really just a thin and light abstraction. Net-net, it depends on your end-to-end use-case.
We have multiple API's running for an enterprise. As per our limitation client will allow only one static IP to receive all Inbound/Outbound requests.
So, we need to expose a single API as a bridge between the client system and API's running behind.
How to approach this design?
How to design the URL for this proxy API?
What edge functions does this API need to provide?
Any help would be highly appreciated. Thanks!
You do not need to use web services consumer, yet will need to create a POC.
Define A RAML with required path and RAML, scaffolding should give you API took kit, and connect an HTTP request
use HTTP request
Examples:
Define Headers --- attributes.headers.id etc
queryParams ---- attributes.queryParams.date
if you are sending JSON payload across from ex: postman, change Mime type to application/json
sample http properties for request
http.host=myHost
http.port=8872
http.base.path=/myproxy/services
i have a requirement, i want to call list of REST services which have different security mechanisms, like, some may have HTTPS and others may have naked HTTP, few others may have basic authentication and remaining may require a "Authorization header" . i want to call all these REST services with different service mechanism from a single HTTP OUT BOUND END POINT . how can i configure the HTTP endpoint to accomplish this ? or should i use different end points to accomplish my requirement .
You can't do that. Some of the attributes of the Http connector/endpoints can be configured as an expression but not all of them.
You'll have to leverage a choice-router and a number of http and https endpoints.
Different service mechanism requires different configuration...
If you want to do it in a single flow, as Victor said you need to use choice router and based on certain condition it will call the rest service it required...
and in each Choice block, you have to configure the calling of each type of rest service with it's security mechanism
I have to create 2 different websites that would use REST api to interact with a single MySQL database.
I know how to create website with forms..etc using PHP.
How would I use REST api for my websites.I searched and found out that there are libraries for android to use REST api but how to do so in case of a website ?
REST is a architectural pattern, it is not (by itself) an API. APIs can implement REST.
Just like any other API out there, you have to get the documentation for the API and then call it from your source.
Depending on what your requirements are, you may be calling it from javascript or from your PHP backend.
REST is an architecture pattern (you can read more about it at wikipedia) which aims to use HTTP verbs like PUT, POST and DELETE to execute commands against endpoints which represent a resource.
To use REST, your backend server will send normal HTTP requests to the API service; so in PHP this means using the various curl libraries to send requests.
Responses are generally in json; but they could be in any other format (or even in binary) - check with the API documentation that you have to consume.
If all you want is interacting with a REST API, then you need a HTTP client, probably cURL (PHP has a cURL lib). After that you have to check whether your API violates the HATEOAS constraint. If not, then it is called hypermedia API. In that case you have to follow hyperlinks provided by the API in the responses. If it violates the constraint, then it is called web API, and you have to build the method, URL, etc... on the client side again, so your client will break easily by any structural changes of the API. Everything else depends on the message format and the semantic annotations the API uses.
If you want to build a REST API, I strongly suggest you to learn more about the topic. First read the Fielding diessertation and check some existing solutions like HAL or Hydra+JSON-LD. Forget the tutorials. Most information available on the web about how to implement a REST API is flawed.
I have a webapp implemented in TurboGears 1.1 that's kind of a front-end for a REST API. I'm trying to expose a URL path on my webapp that's a proxy to the original REST API, so I can access "http://MY_APP/rest_api/foo" and have it work the same as "http://REST_API/foo".
Is there a simple way to set that up with TurboGears, or do I have to expose a normal controller and write all the code to handle GETs and POSTs and params and redirects myself?