Requirements for API and Path Management in the API Gateway
  • 07 Mar 2024
  • 1 Minute to read
  • Contributors
  • Dark
    Light
  • PDF

Requirements for API and Path Management in the API Gateway

  • Dark
    Light
  • PDF

Article summary

General requirements for calling API paths

  1. To obtain an API URL for forwarding tasks to Corezoid, you need to create an API entity and a path attached to it;

  2. There are two kinds of API Gateway paths available: private and public. Requests sent to private paths must contain authorization information, while requests to public paths must not as the authorization data is provided by an API admin during a public path creation.
    Requests to private paths must contain HTTP basic authorization scheme information for authorization with Corezoid API key and a secret obtained via UI or API.

Let's assume your proxy domain name is api.the-company.com. You've created an API entity with the foo ID, /bar/baz private path, and selected the POST method. To send a task to this path, you need to use the following request:

curl -X POST -H "Content-Type: application/json" -u "123456:theSecret" -d '{"hello":"world"}' https://foo.api.the-company.com/bar/baz

In case the path you're sending a request to is public, you don't have to provide authorization data:

curl -X POST -H "Content-Type: application/json" -d '{"hello":"world"}' https://foo.api.the-company.com/bar/baz
Data format defined by the Content-Type parameter

The Content-Type parameter allows you to specify the data type to be sent in JSON, XML, or "x-form".

  1. The specified API key must have access to the target process with Task management rights;

  2. The method used for sending requests to an API path (resource) must be the same as selected in the Method API path parameter. For example, if you selected the GET value in the Method parameter for an API path you need to use the GET method only when sending requests to this path. If the selected methods don't match, the API Gateway will not accept requests and you'll get an error.

Specific requirements for Synchronous operation mode

  1. For the API Gateway to receive task processing results from Corezoid in the Synchronous mode (Async disabled), you need to use an API Call node in the process specified;

  2. API path (resource) parameter Method and API Call Request method must be set to POST;

  3. To interact with the API Gateway management server, users must be authenticated via the Account service. After getting the token, a client must provide it via the Authorization: Bearer header in every request to the management server, e.g.:

curl -X GET -H "Authorization: Bearer atn_Hm8ZUSpt3upEOqeGIz70oDxg7rsKC5cY" 'https://apigw.the-compant.com/apis?owner_id=51432'

Was this article helpful?