This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Authorizing based on proxy endpoint

Posted on 02-18-2022 02:45 PM
jaredk
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

I have a proxy with two proxy endpoints to represent the mock and non-mock versions of my API

Mock API base path: /mock/people

Non-mock API base path: /people

I want to have two different API products: One to only access the mock API, and one to access the mock and non-mock APIs. However, I'm not sure how to configure this in the API product. It seems like "Path" for an operation in an API product refers to the path suffix (the path that comes after the base path). Is there a way to have the API product consider the base path and path suffix when authorizing an API call?

Solved Solved
0 4 200
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
dknezic
Staff
Reply posted on --/--/---- --:-- AM

A totally different approach would be to have an API Proxy with a single endpoint ie /people.

You would have two separate environments in Apigee - Prod, Mock (or sandbox or whatever you want to call it). Each of these environments would have a different virtual host eg api.company.com for prod and mockapi.company.com

You would then deploy your API Proxy to both the prod and mock environments. You can then have separate API Products that are scoped to different environments.

This will make it easier if inspecting Analytics based on environments to better understand performance, errors, usage of production vs mock APIs. 

Another benefit of this approach is, assuming you have different servers for the mock and the production API, instead of having to hardcode the server host in the API Proxy with some condition, you can use target servers which will effectively allow your API Proxy to refer to the Server via a label, and you then configure a separate Target Server definition in each environment. 

https://docs.apigee.com/api-platform/deploy/load-balancing-across-backend-servers

View solution in original post

Jump to Solution
4 REPLIES 4

Posted on --/--/---- --:-- AM
API-Evangelist
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

Go thru below document and it will help you better understand on the usage..

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
jaredk
Bronze 5
Bronze 5
In response to API-Evangelist
Reply posted on --/--/---- --:-- AM

I forgot to mention, I am using Apigee X. I believe the behaviors are a little different. Do you know if authorizing based on the base path of a proxy in Apigee X is possible?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dknezic
Staff
Reply posted on --/--/---- --:-- AM

A totally different approach would be to have an API Proxy with a single endpoint ie /people.

You would have two separate environments in Apigee - Prod, Mock (or sandbox or whatever you want to call it). Each of these environments would have a different virtual host eg api.company.com for prod and mockapi.company.com

You would then deploy your API Proxy to both the prod and mock environments. You can then have separate API Products that are scoped to different environments.

This will make it easier if inspecting Analytics based on environments to better understand performance, errors, usage of production vs mock APIs. 

Another benefit of this approach is, assuming you have different servers for the mock and the production API, instead of having to hardcode the server host in the API Proxy with some condition, you can use target servers which will effectively allow your API Proxy to refer to the Server via a label, and you then configure a separate Target Server definition in each environment. 

https://docs.apigee.com/api-platform/deploy/load-balancing-across-backend-servers

Jump to Solution

Posted on --/--/---- --:-- AM
jaredk
Bronze 5
Bronze 5
In response to dknezic
Reply posted on --/--/---- --:-- AM

Thanks, thinking about this more, I think your suggestion makes the most sense. We'll do this instead.

Jump to Solution
0 Likes