API Product With Multiple Proxy and Limited Resource

rkundalya
Participant I

Hello Team,

I have two proxies: Contacts and Investors

with the endpoints /metadata, /refdata, /{externaId}/accounts in both of them.

I want to create a product which gives access to all the endpoints within the proxy contacts and only /metadata endpoint access in the Investors proxy.

Any help will be highly appreciated.

0 5 524
5 REPLIES 5

Hi Kumar -

If I'm understanding your request, you have 2 proxies, both with these endpoints:

/metadata
/refdata
/{id}/accounts

And you want Product 1 to have all 3

/metadata
/refdata
/{id}/accounts

And you want Product 2 to have only 1
/metadata


Le'ts first talk a little bit about best practice and maybe a better way to configure this. Let's actually start with the products, and then define how we would build this.

You may want to start by having your two products, we'll call them Contacts and Investors.

Within the Contacts Product, you would have proxies for metadata, refdata and accounts.
Within the Investors Product, you would have the proxy for metadata

I'm guessing that each of these proxies are going to bring in different data. For example your metadata for contacts should be different than your metadata for investors, correct?

I would start with a proxy called contacts, and a proxy called investors, which would then live in each of your products. You're endpoints could then look like this:

/accounts
/investors

From there you can create any number of variations or calls for these. For example:

/accounts - give me all data for all accounts

/accounts/refdata - give me the refdata for all accounts

/accounts/{id} - give me all data for account that matches {id}

/accounts/{id}/refdata - give me refdata for a specific account that matches {id}

/investors - give me all data for all investors

/investors/{id} - give me all data for a specific investor that matches {id}

/investors/locations/{zipcode} - give me all investors in a location.

Now that we have our structure, you can build the proxies (accounts, investors).

Once you have the proxies built, you can create the products (also accounts, investors)

When you create your products, you can pick and choose which proxies are available in each product, however, if you structure it like this, than you are only building the proxies that you need for the products.

Ultimately though, when you create products, you can pick which proxies go into that product. So with your original example, you can have a Accounts product that only has metadata, refdata and accounts, and then create another product called Investors that only has the metadata proxy in it.

Make sense?

Hello Chris,

Thanks a lot for the detailed explanation.

But, I dont prefer to create two products.

I want a to create a single product which has Accounts proxies all the endpoint and only metadata endpoint of Investors.

In other way, I want to restrict access to other endpoints within the Investors proxy.

Products is the best way to approach this. But even if you have separate proxies, just limit the endpoints that you want inside of each proxy. So for the investors proxy, you should only have a single endpoint that you want them to have access to.

You can then group both proxies into a single Product.

Keep in mind that basepath would still control how people access those endpoints.

Accounts proxy with 3 endpoints

/accounts/metadata

/accounts/refdata

/accounts/{id}/accounts

Investors proxy with 1 endpoint

/investors/metadata

If you are looking for tighter access controls for the proxy, then you'd need to look at an auth policy or restrict access based on API key.

Thanks for the answer. But, then I will have to create multiple proxy with same base path and different endpoint.

I was hoping to a common proxy with all endpoints and then have multiple products with endpoint access restriction.

In that case, when you create your product, you have 3 options when you add a proxy.

Add API resource

* API proxy
* Path
* API proxy & path

Create Product 1 and add only the proxies and endpoints (paths) you want for product 1, and then repeat for Product 2, and limit the proxies and endpoints that you only want that product to have.

Hope this helps answer your use case.