Skip to main content

API Management

API Management provides a comprehensive API gateway solution for managing, securing, and monitoring API routes and consumers in your MIP system. Built on Apache APISIX, it offers advanced routing, load balancing, authentication, and plugin capabilities.

Overview

The API Management module enables you to:

  • Create and manage API routes
  • Configure upstream services and load balancing
  • Manage API consumers and authentication
  • Apply plugins for security, rate limiting, and more
  • Monitor API traffic and performance

Key Features

Routes Management

API routes define how incoming requests are forwarded to upstream services.

Route Configuration

Each route includes:

  • Route ID: Unique identifier for the route
  • Route Name: Descriptive name for the route
  • URI: Request path pattern (e.g., /api/users/*)
  • HTTP Methods: Allowed HTTP methods (GET, POST, PUT, DELETE, etc.)
  • Upstream Configuration: Backend service configuration

Upstream Services

Configure how requests are forwarded to backend services:

  • Load Balancing Type:

    • Round Robin: Distribute requests evenly across nodes
    • Consistent Hashing: Route based on request characteristics
    • Least Connections: Route to node with fewest active connections
    • Weighted Round Robin: Distribute based on node weights

  • Upstream Nodes: Backend service endpoints

    • Host: Backend service address (IP or hostname with port)
    • Weight: Node weight for load balancing (higher weight = more traffic)

Route Plugins

Enhance routes with plugins for additional functionality:

  • Authentication: Secure routes with various auth methods
  • Rate Limiting: Control request rates
  • CORS: Configure cross-origin resource sharing
  • Request/Response Transformation: Modify requests and responses
  • Logging: Enhanced logging capabilities
  • Caching: Cache responses for improved performance

Consumer Management

Consumers represent API clients that access your routes.

Consumer Configuration

Each consumer includes:

  • Consumer ID: Unique identifier
  • Username: Consumer username for identification
  • Plugins: Consumer-specific plugin configurations

Authentication Methods

Configure authentication for consumers:

Basic Authentication

Traditional username/password authentication:

  • Username: Consumer username
  • Password: Secure password
  • Credential Management: Create, update, and delete credentials
API Key Authentication

Token-based authentication:

  • API Key: Unique key for the consumer
  • Key Location: Header, query parameter, or cookie
  • Key Name: Custom key parameter name
OAuth2 Authentication

OAuth2 protocol support:

  • Client ID: OAuth2 client identifier
  • Client Secret: OAuth2 client secret
  • Grant Types: Supported OAuth2 grant types
  • Scopes: Authorized scopes
JWT Authentication

JSON Web Token authentication:

  • Secret/Public Key: Key for token verification
  • Algorithm: Signing algorithm (HS256, RS256, etc.)
  • Claims Validation: Validate token claims

Use Cases

API Gateway

Use API Management as a central gateway for all API traffic, providing a single entry point for clients and routing to appropriate backend services.

Microservices Architecture

Route requests to different microservices based on URI patterns, enabling a unified API surface for distributed services.

Security and Authentication

Secure APIs with various authentication methods and apply security policies consistently across all routes.

Load Balancing

Distribute traffic across multiple backend instances for high availability and performance.

Rate Limiting and Throttling

Protect backend services from overload by limiting request rates per consumer or globally.

API Versioning

Manage multiple API versions by routing to different upstream services based on URI patterns or headers.

Route Management

Creating a Route

  1. Navigate to API Management → Routes
  2. Click "Create Route"
  3. Configure route details:
    • Enter Route ID and Name
    • Specify URI pattern
    • Select HTTP methods
  4. Configure upstream:
    • Select load balancing type
    • Add upstream nodes (host and weight)
  5. (Optional) Add plugins
  6. Save the route

Editing a Route

  1. Locate the route in the Routes table
  2. Click the edit icon
  3. Modify route configuration
  4. Update plugins if needed
  5. Save changes

Deleting a Route

  1. Locate the route in the Routes table
  2. Click the delete icon
  3. Confirm deletion

Adding Plugins to Routes

  1. Edit an existing route or create a new one
  2. Click "Add Plugin"
  3. Select plugin type
  4. Configure plugin parameters
  5. Save plugin configuration

Consumer Management

Creating a Consumer

  1. Navigate to API Management → Consumer
  2. Click "Create Consumer"
  3. Enter consumer username
  4. (Optional) Configure plugins
  5. Save the consumer

Adding Authentication to Consumer

  1. Edit an existing consumer
  2. Click "Add Basic Auth" (or other auth method)
  3. Configure authentication credentials:
    • For Basic Auth: Enter username and password
    • For API Key: Generate or enter API key
    • For OAuth2: Configure client credentials
    • For JWT: Configure secret/public key
  4. Save authentication configuration

Managing Consumer Credentials

View and manage all authentication credentials for a consumer:

  • View Credentials: See all configured auth methods
  • Update Credentials: Modify existing credentials
  • Delete Credentials: Remove authentication methods
  • Multiple Auth Methods: Configure multiple authentication methods per consumer

Deleting a Consumer

  1. Locate the consumer in the Consumer table
  2. Click the delete icon
  3. Confirm deletion (this will remove all associated credentials)

Plugin Types

Security Plugins

  • Basic Auth: Username/password authentication
  • API Key: Token-based authentication
  • OAuth2: OAuth2 protocol support
  • JWT: JSON Web Token authentication
  • IP Restriction: Allow/deny based on IP addresses
  • CORS: Cross-origin resource sharing configuration

Traffic Control Plugins

  • Rate Limiting: Limit requests per time period
  • Request Size Limiting: Limit request body size
  • Response Rate Limiting: Control response rate

Transformation Plugins

  • Request Transformation: Modify incoming requests
  • Response Transformation: Modify outgoing responses
  • Header Manipulation: Add, remove, or modify headers

Observability Plugins

  • Logging: Enhanced request/response logging
  • Prometheus: Export metrics to Prometheus
  • Zipkin: Distributed tracing

Best Practices

  1. Use Descriptive Names: Give routes and consumers meaningful names
  2. Secure All Routes: Apply appropriate authentication to all routes
  3. Implement Rate Limiting: Protect backend services with rate limits
  4. Monitor Performance: Track API metrics and performance
  5. Version Your APIs: Use URI patterns for API versioning
  6. Load Balance Properly: Configure appropriate weights for upstream nodes
  7. Test Before Production: Test route configurations before deploying
  8. Document APIs: Maintain documentation for all routes and consumers
  9. Rotate Credentials: Regularly update consumer credentials
  10. Use HTTPS: Always use HTTPS for secure communication
  11. Implement CORS Carefully: Configure CORS policies appropriately
  12. Monitor Logs: Review API logs regularly for issues

Integration with MIP Features

API Management integrates with:

  • Integration Flows: Expose integration flows as APIs
  • Monitoring: Track API performance and usage
  • Alert Configurations: Alert on API issues
  • Security: Centralized authentication and authorization

Advanced Configuration

Custom Load Balancing

Configure advanced load balancing strategies:

  • Health Checks: Monitor upstream node health
  • Failover: Automatic failover to healthy nodes
  • Sticky Sessions: Route requests from same client to same node
  • Weighted Distribution: Fine-tune traffic distribution

Plugin Chaining

Apply multiple plugins to a route in sequence:

  1. Authentication plugins (execute first)
  2. Rate limiting plugins
  3. Transformation plugins
  4. Logging plugins (execute last)

Dynamic Routing

Configure dynamic routing based on:

  • Request Headers: Route based on header values
  • Query Parameters: Route based on query params
  • Request Body: Route based on request content
  • Client IP: Route based on client location

Troubleshooting

Route Not Working

  • Verify URI pattern matches request path
  • Check HTTP methods are configured correctly
  • Ensure upstream nodes are accessible
  • Review plugin configurations

Authentication Failures

  • Verify consumer credentials are correct
  • Check authentication plugin is enabled on route
  • Ensure consumer has necessary permissions
  • Review authentication method configuration

Performance Issues

  • Check upstream node health
  • Review load balancing configuration
  • Analyze rate limiting settings
  • Monitor backend service performance

API Management

From there, you can manage routes, consumers, and configure API gateway settings.