API Gateway server acts as an API front-end that receives API requests which enforces throttling.
Configure Gateway using API Key Controlled Authentication
It also enforces security policies, allows requests to the back-end service and then passes the response back to the requestor
Boomi API Management supports both internal and external authentication types. Internal authentication uses the atom-controlled authentication that is present in the Boomi Platform. The API users are managed by the Platform.
Below is the step by step procedure to create Gateway, Plan, and Application setup in Dell Boomi Platform.
1. Under Configure Server click on Gateway add and install Gateway on a windows machine.
Once Installed Gateway status should be Online as below.
2. Attach an Environment to Gateway, click on Environment Migration.
3. Click on Create a New Migration, select environment and click on Create Migration.
4. Select a destination atom to which environment needs to be attached, click Save and Continue.
5. Define Endpoints and click on Save and Continue.
6. Summarize step 1 Basic information and click on Save and Continue.
7. Destination Atom will be selected click on Save and Continue.
8. Summarize step 2 Atom configuration, click on Save and Continue.
9. Review Deployed APIs an entry for Employee_API_Service appears, click on Save and Continue.
10. Summarize step 3 and click on Migrate.
11. Migration Successful, click on Close.
12. Click on Gateway & Environments, we can see Environment is attached to Gateway as below.
13. Click on Configure APIs and Applications and click on Deployed APIs.
Modify Shared Web Server Authentication Type setting to Gateway
1. Below warning for localAtom Environment.
Note: As we are configuring Gateway for the exposed API, the Authentication type for localAtom should be updated to Gateway.
2. Navigate to Manage _ Atom management _ Shared Web Server, Updated Authentication Type from Basic _ Gateway.
3. Click on Save and Yes, restart plugin now.
4. Navigate to API Management -> Deployed APIs
The warning is removed at localAtom as the Authentication Type was updated.
Create a Plan
1. Deployed API status says Requires Configuration as Plans status is Incomplete.
2. Click on Incomplete plans.
3. Click on the Create a new Plan link. And click on Create a Plan.
Plan Name – Employee
Message Size – Unlimited
Rate Limit – Unlimited
Quota Limit – Unlimited
And click on Save.
Route back to Deployed APIs and click on Incomplete Plan
4. Search for the created plan and select Employee Plan and click on Save.
5. Click on Add to API Deployment.
6. Deployed APIs status is now reflect as Sent to the Gateway.
Create an Application and Subscription
1. Navigate to Configure APIs and Applications _ Appications
2. Click on Create an Application, with below details.
Status – Enabled
Application Name – Employee_App
Application Owner Name – xxxxxxxxxx
Application Owner Email – xxxxxxxxx
Click on Save.
3. Click on Application Subscription and click on Subscribe.
4. Choose deployed Employee_API_Service API and click on Next.
5. Choose Employee plan which is created earlier and click on Next.
6. Set Subscription Enable and Disable Details and click on Finish.
7. A subscription was created, and the API key is generated (Copy to the Text editor for later use).
8. Copy URI for the deployed API service through Gateway.
Navigate to Deployed APIs _ click on APIs by URL.
Click on View _ Click on REST
Copy the Endpoint Path – http://localhost:8077/ws/rest/v1/employee-service/employee_details/ (Copy to a Text editor for later use)
Testing the Employee API Service using Postman
1. Click on New.
2.Configure request as below.
URL: http://localhost:8077/ws/rest/v1/employee-service/employee_details/ (From Text editor)
Click on Authorization Tab
Type: API key
Value: xxxxxxxxxxxx (API-Key from Text editor)
Add to: Header
Click on Body – > select raw and type XML.
<Employee> <Id>123</Id> </Employee>
Click on Send.
In Blog 4, will discuss on external authentication by setting up External Broker as Gateway and its configuration and testing of API service using Postman.