This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Microgateway Specifying Products without API proxies

Posted on 03-07-2018 12:08 AM
robinm
New Member
Reply posted on --/--/---- --:-- AM

Running through the microgateway doc, I came across this interesting comment :-

Specifying products without API Proxies which notes that

In Apigee Edge, you can create an API product that does not contain any API proxies. This product configuration allows an API key associated with that product to work for with any proxy deployed in your organization. As of version 2.5.4, Edge Microgateway supports this product configuration.

Naturally I rushed off to try it but could not get it going.

The first hurdle is to create a Developer App without a proxy - done by creating one with a proxy (to enable the save function) and then removing the only proxy in the product ... and saving it again.

Trying to use that consumer secret in the x-api-key header gives "access_denied".

plugin:oauth verify apikey access_denied +36s
plugin:oauth auth failure 403 access_denied Internal Server Error { 'x-api-key': 'EqNpAUr1AdBmzX0irgDAo79g3ikzv7Ef',

Should I be using the key in a different authorization header call ?

( Basic Auth doesn't work for me either : Invalid Authorization header)

Has anyone else tried this ... or is the loophole now closed ?

Solved Solved
0 2 222
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
Former Community Member
Not applicable
Reply posted on --/--/---- --:-- AM

I don't think this "The first hurdle is to create a Developer App without a proxy - done by creating one with a proxy (to enable the save function) and then removing the only proxy in the product ... and saving it again" is the intention.

The feature is about how you create API Products, not Developer Apps. Developer Apps are created as they usually are (with at least 1 or more API Products).

When creating an API Product, one can specify API Proxies, Resources paths or both. This feature allows you to define an API Product no API Proxies and only custom resource paths.

You must also specify "productOnly: true" in the "oauth" stanza of config.yaml to enable this feature.

View solution in original post

Jump to Solution
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
Former Community Member
Not applicable
Reply posted on --/--/---- --:-- AM

I don't think this "The first hurdle is to create a Developer App without a proxy - done by creating one with a proxy (to enable the save function) and then removing the only proxy in the product ... and saving it again" is the intention.

The feature is about how you create API Products, not Developer Apps. Developer Apps are created as they usually are (with at least 1 or more API Products).

When creating an API Product, one can specify API Proxies, Resources paths or both. This feature allows you to define an API Product no API Proxies and only custom resource paths.

You must also specify "productOnly: true" in the "oauth" stanza of config.yaml to enable this feature.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
robinm
New Member
In response to Former Community Member
Reply posted on --/--/---- --:-- AM

Hi @srinandans, thanks for the reply.

I rebuilt the Product specifying a custom resource of "/**".
( and required root resource "/" of course )

You must also specify "productOnly: true" in the "oauth" stanza of config.yaml to enable this feature.

I had not come across that in the doc yet.

Thanks for this ... now it works nicely 🙂

I will presume to suggest a doc feedback edit for other users enlightenment.

Jump to Solution
0 Likes