All docs This doc
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

The API Microgateway

The API Manager Microgateway is built using the Ballerina platform and is a specialized form of the WSO2 API Gateway. Its main characteristics are:

  • The ability to execute in isolation without mandatory connections to other components (Key Manager, Traffic Manager, etc).
  • The ability to host only a subset of specific APIs (defined in the API Publisher) instead of all.
  • Immutability; if you update an API, you need to re-create the container/instance and hot deployment is not possible.

Microgateway offers you a proxy that is capable of performing security validations (OAuth, Basic Auth, Signed JWT), in-memory (local) rate limiting and operational analytics.

Generating a Microgateway distribution

Creating and attaching a Microgateway to an API

  1. Log in to the Admin portal ( https://<hostname>:9443/admin). Use admin as the username and password. 

  2. To add a new Microgateway label, click LABELS under MICROGATEWAY, and then click ADD MICROGATEWAY.
  3. Create a new label (e.g. MARKETING_STORE), add a host (e.g. https://localhost:9095) and click Save.
  4. Navigate to the API Publisher (https://<hostname>:9443/publisher). Sign in using admin as the username and password. 
  5. Deploy the sample Pizzashack API by clicking Deploy Sample API.
  6. Choose to edit the created Pizzashack API.
  7. Navigate to the Manage section and click Gateway Environments
  8. Select the newly created label to attach it to the Pizzashack API.
  9. Click  Save & Publish.

Viewing Microgateway details in the API Store

  1. Log in to the API Store ( https://<hostname>:9443/store). Use admin as the username and password.
  2. Any attached Microgateways are shown in the Overview tab of the API.

Generating a Microgateway distribution

  1. Download the Microgateway ToolKit distribution and extract it.
  2. Append the full path of the /bin folder of the extracted Microgateway ToolKit distribution to the PATH environment variable.
  3. Run the initial setup command for the internal label with a preferred workspace folder. A sample command is given below.

    micro-gw setup -l internal --path /home/user/workspace

    From the above command, the tool will connect with API Manager REST APIs and retrieve APIs that are attached to the internal label. The source artifacts will be generated in the specified workspace folder.

    The folder structure will look similar to the following,

    └── micro-gw-resources
        ├── conf
        │   └── config.toml
        └── projects
            └── internal
                ├── conf
                │   └── label-config.toml
                ├── src
                │   ├── endpoints.bal
                │   ├── extension_filter.bal
                │   ├── PizzaShackAPI_1_0_0.bal
                │   └── policies
                │       ├── ...
                │       └── throttle_policy_initializer.bal
                └── target
  4. Build the microgateway distribution for the internal label using the following command:

    micro-gw build -l internal

    Once the above command is executed, the generated source files are built and a Microgateway distribution is created under the target folder.

  5. Next, unzip the and run the inside the bin folder of the extracted zip using the following command:


    The Microgateway starts for the internal label you just created. 

    micro-gw-internal/bin$ bash
    ballerina: initiating service(s) in '/home/user/workspace/micro-gw-resources/projects/internal/target/micro-gw-internal/exec/internal.balx'
    ballerina: started HTTPS/WSS endpoint localhost:9095
    ballerina: started HTTP/WS endpoint localhost:9090
    ballerina: started HTTPS/WSS endpoint localhost:9096

Invoking the API

Once you start the Microgateway, you can use an OAuth2 or JWT token to invoke the API.

Using an OAuth2 token

Invoking the API using an OAuth2 token is similar to the usual API invocation using the standard API Manager Gateway by generating an access token from the API Store. For the invocation URL, you can use either https://localhost:9095 (HTTPS) or http://localhost:9090 (HTTP). A sample cURL command is given below.

curl -k -i -H "Authorization: Bearer 20ac019e-16a7-3ba5-8940-7d42c7e56326" https://localhost:9095/pizzashack/1.0.0/menu

You receive a response similar to the following:

Using a signed JWT token

  1. To invoke the API using a JWT token, you need to have an application created in the Store with a JWT token type. Edit an existing application or create a new application in the API Store, and set the token type to JWT.

  2. Click Regenerate to generate a JWT token, instead of an OAuth2 access token.
  3. Invoke the API using the JWT token. A sample cURL command is given below.

    curl -k -i -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IlVCX0JReTJIRlYzRU1UZ3E2NFEtMVZpdFliRSJ9.eyJhdWQiOiJodHRwOlwvXC9vcmcud3NvMi5hcGltZ3RcL2dhdGV3YXkiLCJzdWIiOiJhZG1pbiIsImFwcGxpY2F0aW9uIjp7ImlkIjoxLCJuYW1lIjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwidGllciI6IlVubGltaXRlZCJ9LCJzY29wZSI6ImFtX2FwcGxpY2F0aW9uX3Njb3BlIGRlZmF1bHQiLCJpc3MiOiJodHRwczpcL1wvbG9jYWxob3N0OjgyNDNcL3Rva2VuIiwia2V5dHlwZSI6IlBST0RVQ1RJT04iLCJzdWJzY3JpYmVkQVBJcyI6W3sibmFtZSI6IlBpenphU2hhY2tBUEkiLCJjb250ZXh0IjoiXC9waXp6YXNoYWNrXC8xLjAuMCIsInZlcnNpb24iOiIxLjAuMCIsInB1Ymxpc2hlciI6ImFkbWluIiwic3Vic2NyaXB0aW9uVGllciI6IlVubGltaXRlZCIsInN1YnNjcmliZXJUZW5hbnREb21haW4iOiJjYXJib24uc3VwZXIifV0sImV4cCI6MTUyODgwMjg3ODExMCwiaWF0IjoxNTI4ODAyODgwMTEwLCJqdGkiOiJlZmQxZGVhZC1iNWI3LTQ0M2MtOTIyMC1iYzJjZTJjY2MwYjEifQ==.b8P2uPRkVai0O7PcbvbjANLuHlJQzX1eHplweDpE6ItbEHRTkN2U_h6b39tz14dKUmigzASinj5LheUWGB7gEDRqlc39ckhRX2qpolQpITZvpzYo8ky9AcxlJXLxrfPwgdht36zfIQwlPN_s2A5nY7c9pDBMu0OOOlYpmK81SrtipFSTAyPiRg5VyY3n-4POnjkEF-LQKCCTq7ef0uLOFTcoCT-gqNsXeKqt15suCYj5QMHJ8VP5bKsKZy9-1o9oFNlwc1QE0qE01fPuGuz-4J22OvkHyrasbjhhGaaDgdpdERl9ElUDuL0C9AdX6Fb1sz54gnAiU3RUBK3RQUDK7Q==" https://localhost:9095/pizzashack/1.0.0/menu

    You receive a response similar to the following:

  • No labels