How To Get Started with API Management and Express Serverless Platform

In our last post, we discussed API Management and the key role that an API Gateway could play. API Gateways can enable secure access to its API endpoints. Features in an API Gateway are often categorized in three broad categories:

  •         Authentication: Who is allowed to access (Access Control)
  •         Authorization: Who is allowed to perform operations of exposed APIs (Permissions / Privileges)
  •         Audit: Analyzing sufficient information for each client request 

How does this work? How can developers and DevOps teams get started? We’ve broken out a step-by-step guide on how to get started with API Management with Express Serverless Platform including best practices on API Management along the way.

Here’s a quick diagram of what that looks like:

API Management in the Enterprise

Setting Up The Service And API Endpoint in Express Serverless Platform

We will have to complete a few pre-requisite steps before configuring authentication, authorization and audit.

  1. First we have to set up a Service Endpoint using the Canvas
  2.  Then we have to set up a Gateway instance

Before setting up a pipeline within this Gateway, it will be helpful to create a ‘scope’ (which may be later associated with API endpoints and API users)

  1. Then, we will create two users with credentials to access the APIs. For the purpose of this blog, we will work with Key-based Authentication.
  2. Finally we will set up a pipeline in our Gateway instance that is configured for authentication, authorization and audit

We have an existing service (worldclockapi.com) that we want to expose an API with appropriate rate limits. So, we need to drop in a ‘Service Endpoint’ from the Canvas (on to the ‘Private’ quadrant). This component only needs one configuration information: the base URL of the service (http://worldclockapi.com/api/json/utc/).

API Mangement - Setting up the Services

API Mangement - Setting up the Services

The Service Endpoint can be front-ended by an API Gateway, just like other services (model-based microservices and serverless functions) in the Express Serverless Platform. So, next, we drop in a Gateway instance on the Gateway quadrant.

API Management - Setting up the Services

 

Before we jump into creating a pipeline, we will create a scope, and two users by clicking on the ‘Consumer Management’ button on the Gateway element on our Canvas.

To create a new scope, we will navigate to the ‘Scopes’ tab under Consumer Management.

API Management - Setting up the Services

 

Now we will create a scope named ‘timewatchers’. we just need to type in the scope name and hit ‘Enter’.

 

API Management - Setting up the Services

 

Now we will create a new user with user id ‘bob’ and set up the following:

  1.     Allocate a API key for key-based authentication for this user
  2.     Associate this user with the ‘timewatchers’ scope

First we create a user ‘bob’ from the ‘User’ tab under Consumer Management.

 

API Management - Setting up the Services

 

To allocate an API key, expand the information on user bob from the ‘User’ tab under Consumer Management.

 

API Management - Setting up the Services

API Management - Setting up the Services

Scroll down the pop-up showin the user details for ‘bob’, and focus on the Key-based authentication section. Click on the ‘Create’ button.

 

API Management - Setting up the Services

 

This will generate a Key id and secret for the user ‘bob’. We need to take note of these credentials in order to access API endpoints.

API Management - Setting up the Services

 

Finally, we will associate the ‘timewatchers’ scope with the user ‘bob’.

 

API Management - Setting up the Services

 

We will actually create one more user ‘alice’ and allocate API keys in a similar fashion. However, we will not assign any scope to this user.

 

API Management - Setting up the Services

 

Now we are ready to set up a pipeline in our Gateway instance with key-based authentication enabled.

 

API Management - Setting up the Services

 

Now that we’ve covered how to set up the ServiceEndpoint, we’ll move on to Authentication. Authentication is an important key aspect to API Management. To enable key-based authentication, we’ll add policies to our pipeline and provide a complete easy-to-follow guide written by developers for developers on how to set this up.

 

If you’re interested in more of these topics, join the live discussion on twitter (@lunchbadger) or (@express_gateway).


Next Post