Proxy a secured Restful API

Not applicable

Hi All: I am new to Apigee, I did tutorial and watched some videos. Now, I encounter difficulties when i tried to create a proxy for my target RESTFul Service Endpoint:

1. the target url is https;

2. the target endpoint is protected by an OAuth token and http header;

3. the target url uses query string parameter to provide dynamic results when consumed.

Q1: I tried to create a proxy using the regular reverse proxy. In security page, I tried all options (Pass Through, API Keys, oAuth, etc.) and all failed at the last step (build and deploy) with the on-screen error saying "Unable to upload, Unauthorized"). The behavior makes sense but I just dont know what I should do. If regular reverse proxy is not the right choice, what type of proxy should I use? do i need to do something special to targat https?

Q2: what is the best approach to publish a proxy for a target that involves query string (https://mySvc.host.com/v1/cust?id=123)

Q3: what do you recommend if I want to make this work in edgemicro. I understand that I need to prefix the the proxy name with edgemicro_. at least. as to what plugins to write (in place of policies), I am not too sure yet.

Is there any more sample or documentations that you can recommend for me to refer to?

Thank you.

---Yang

0 2 93
2 REPLIES 2

Hi Yang -

Q1. I'm sorry to hear you're having trouble. I think the "unable to upload, Unauthorized" message is a transient problem, and it should not be occurring for you. Is it still a problem?

Q2. The best approach... depends on what you want. As you know the API Proxy in Apigee Edge can act as a "pass-through", sending the inbound request exactly as received to the target. OR, it can send a different request to the target that it received on inbound. As examples of the latter,

  • a proxy can add or remove HTTP Headers
  • a proxy can add or remove query parameters
  • a proxy can modify the verb, so that an inbound GET is transformed into an outbound POST
  • a proxy can modify the payload or URL path
  • or any combination of the above

You asked "What is the best way of proxying a target that involves a query string?" But that is not enough information to provide an answer. It depends on what you want to do. Do you want to "pass through" the query parameters unchanged? Do you want to "Default" some query parameters? do you want to rename query params? Restrict them? It's up to you.

Q3, As for edge micro, not sure. Again, it depends on your actual goals. It's not enough that you told us the URL shape for the target. We need to know what you want to do with the requests and responses, if anything.

Hi Dino. Thank you for the suggestions. All problems are resolved. Here is what happened:

Q1. the "unable to upload, Unauthorized" error at the last step of creating a proxy was due to the caching issue of my browser. Monday morning, I asked one of my colleagues to go thru the same steps and he was able to create the proxy. That made me think the error was at my local (since we both have the same rights to the same org). My browser has occasional caching issue with javascripts apps. So I decided to clean cache and that was it!

Q2. This question was asked since I couldn't create a proxy in Q1. I thought I might have done something wrong and there are other ways that I didn't know of. After Q1 was resolved I was able to create a pass through proxy as i had been doing. As to the https service, I had to export NODE_TLS_REJECT_UNAUTHORIZED="0" environment variable according to this page .

Q3. For the test that I did, there was no need of any plugin. I was just thinking in general of possible custom plugin needs (and to replace edge policies) if edgemicro doesn't already provide. I will ask specifics when I come across any issue going forward.

Thank you

---Yang