How to make devportal use different environments in edge

Hi,


I wonder if it's possoble to configure the dev portal (on drupal) in such a way that when I connect to https://dev-company.devportal.apigee.io/ I can create users (and applications) only in the "dev" environment on the Edge server?

Likewise, for https://live-company.devportal.apigee.io/ and the production environment on Edge?

I have looked through the settings on the devportal, and apparently, I am able to adjust which user is supposed to "connect" between the two, but this will fail if I migrate my database between drupal environments (in Pantheon).

Have I understood this correctly? That I need to create users with rights to create applications for separate environments in Edge, and then connect to the edge servers with different credentials from the different drupal environments?

0 10 862
10 REPLIES 10

The drupal devportal connects to a single Edge org, it is (almost) entirely unaware of the different environments in Edge.

You mention Pantheon - it is possible to have the different devportals (Pantheon's dev/test/live) connect to different Edge orgs, but not recommended. These credentials are actually stored in a file, not the database, so moving DBs around will not affect which Edge org you're connected to - but copying files over *will*.

Generally, the devportal is *not* for testing out Edge functionality. You can test new proxies/products using Edge mgmt API calls directly. It's recommended that all Pantheon devportals point to the same Edge org, usually production. The three Pantheon environments are for testing out new Drupal functionality, like installing new modules or theme changes.

Hope that helps, I know it's a little confusing. Especially with both Edge and Pantheon using the term "environment" to mean different things.

Doesn't this mean that it's impossible to test the effect of drupal plugins on a non-live API product without there being a chance of messing about with a production setting?

I must admit I'm a little hesitant on testing out plugins in drupal when I know they connect to a "live" edge server. Some of the plugins (from apigee) gives me the impression that they might alter the edge server in some way, for instance when importing or deleting smartdocs.

A couple things for you.

a drupal module that filters API products by environment. You can set it to show only non-prod products in dev/test portals, and prod products in "live" portals.

https://github.com/DinoChiesa/Edge-DevPortal-Filter-ApiProducts

a module that groups products in the dropdown box, by environment

https://github.com/DinoChiesa/Edge-DevPortal-ApiProducts-GroupBy-Env

Do we have any recommendations on this?

We are using Drupal Portal to showcase Edge Proxies and Products. How would the Portal differentiate between the Edge environments and display the Proxies from different environments like Sandbox, Q/A, Staging, Prod?

The portal connects to an Edge org, so it will show public Products from all environments. You can modify the list of products displayed by implementing hook_apiproduct_list_alter() defined in devconnect_developer_apps.api.php.

The portal does not show Proxies from Edge, it just renders OpenAPI specs as documentation. The OpenAPI specs contain a host url and port, which corresponds to a particular environment.

Thank you. Yes I understand that the Portal displays the Products from Edge and not the Proxies. But we have customized it to show the Proxies through Management API calls.

What I need to understand is how the PORTAL can differentiate between the Proxies coming from different environments (Test, Prod).

Even if I create an API through Smartdocs using the spec from the Edge proxy, the PORTAL API would still point to a single endpoint even though the proxy might be deployed to two environments (Test, Prod). How is that API endpoint decided?

Here's an example of a Drupal module that implements that list_alter, to filter the set of visible API Products.

https://github.com/DinoChiesa/Edge-DevPortal-Filter-ApiProducts

If I have multiple products linked to an App, and revoke access to one Product on Edge, it shows revoked for all products on Portal. Why is that?

Also how can i create separate credentials (different consumer key & secret) for each product that is linked with the app when using this module?

Because the default logic in the devportal is naive about how it evaluates the "approved" status of an API Key.

To fix that you need to update the php code that evaluates the status of API Products, OR (BETTER) Just attach a single API Product to an API Key.

People often use API Products incorrectly.

The idea of the product is to package a set of APIs that can be used for a scenario. Often I see people expose every API proxy as its own product. This is wrong-headed and confusing for users. Don't do this.

If your developers need access to 8 proxies to get their jobs done, then package those API proxies into a single product, and authorize keys on that single product.

(The devportal does the right thing in this simplified case)

If you really need a single key with N products, then you need to crack open the devportal code and fix the template that displays the API Key status.

"how the PORTAL can differentiate between the Proxies coming from different environments" - this information can be returned via Management API calls. It took me a while to find the right ones though, its not very obvious. The "Get APIProxy" call where I would expect to see this does not include deployed environment information.

Instead, use the Deployments Management API calls "Get API Proxy Deployment Details" to get environment info for 1 proxy, or "Get deployments for an organization" for the entire org.

"How is that API endpoint decided?" This comes solely from the uploaded OpenAPI file (SmartDoc). There's a "host" field that will be used. This can contain both a url and a port, which corresponds to an environment.