Via REST API

Before you begin¶

You can use the below sample apk-conf file to create an API. For reference follow Quick Start Guide documentation.

name: "Interceptor API"
basePath: "/interceptor-api"
version: "1.0.0"
type: "REST"
defaultVersion: false
endpointConfigurations:
 production:
   endpoint: "http://backend-svc.ns:9082"
operations:
- target: "/books"
  verb: "POST"
  secured: true
  scopes: []
- target: "/offers"
  verb: "POST"
  secured: true
  scopes: []

Adding API-level interceptors¶

Sample code snippets

The following is a sample code snippet that defines how you can attach Interceptor API Policies at the API-level within an API APK configuration file.

name: "Interceptor API"
basePath: "/interceptor-api"
version: "1.0.0"
type: "REST"
defaultVersion: false
endpointConfigurations:
 production:
   endpoint: "http://backend-svc.ns:9082"
operations:
- target: "/books"
  verb: "POST"
  secured: true
  scopes: []
- target: "/offers"
  verb: "POST"
  secured: true
  scopes: []
apiPolicies:
  request:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"
        headersEnabled: true
        bodyEnabled: true
        trailersEnabled: true
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"
  response:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"       
        headersEnabled: true       
        bodyEnabled: true      
        trailersEnabled: true      
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"

Attach an Interceptor API Policy to the Request Flow Only

apiPolicies:
  request:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"
        headersEnabled: true
        bodyEnabled: true
        trailersEnabled: true
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"

Attach an Interceptor API Policy to the Response Flow Only

apiPolicies:
  response:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"
        headersEnabled: true
        bodyEnabled: true
        trailersEnabled: true
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"

Attach an Interceptor API Policy to Request and Response Flows

apiPolicies:
  request:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"
        headersEnabled: true
        bodyEnabled: true
        trailersEnabled: true
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"
  response:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"
        headersEnabled: true
        bodyEnabled: true
        trailersEnabled: true
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"

Adding operation-level interceptors¶

Sample code snippets

The following is a sample code snippet that defines how you can attach Interceptor API Policies at the Operation-level within an API APK configuration file.

name: "Interceptor API"
basePath: "/interceptor-api"
version: "1.0.0"
type: "REST"
defaultVersion: false
endpointConfigurations:
 production:
   endpoint: "http://backend-svc.interceptor:9082"
operations:
- target: "/books"
  verb: "POST"
  secured: true
  scopes: []
  operationPolicies:
    request:
      - policyName: "Interceptor"
        policyVersion: v1
        parameters:
          backendUrl: "https://interceptor-svc.ns:9081"
          headersEnabled: true
          bodyEnabled: true
          trailersEnabled: true
          contextEnabled: true
          tlsSecretName: "interceptor-cert"
          tlsSecretKey: "ca.crt"
    response:
      - policyName: "Interceptor"
        policyVersion: v1
        parameters:
          backendUrl: "https://interceptor-svc.ns:9081"
          headersEnabled: true
          bodyEnabled: true
          trailersEnabled: true
          contextEnabled: true
          tlsSecretName: "interceptor-cert"
          tlsSecretKey: "ca.crt"
- target: "/offers"
  verb: "POST"
  secured: true
  scopes: []

Attach an Interceptor API Policy to the Request Flow Only

operationPolicies:
  request:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"
        headersEnabled: true
        bodyEnabled: true
        trailersEnabled: true
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"

Attach an Interceptor API Policy to the Response Flow Only

operationPolicies:
  response:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"
        headersEnabled: true
        bodyEnabled: true
        trailersEnabled: true
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"

Attach an Interceptor API Policy to Request and Response Flows

operationPolicies:
  request:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"
        headersEnabled: true
        bodyEnabled: true
        trailersEnabled: true
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"
  response:
    - policyName: "Interceptor"
      policyVersion: v1
      parameters:
        backendUrl: "https://interceptor-svc.ns:9081"
        headersEnabled: true
        bodyEnabled: true
        trailersEnabled: true
        contextEnabled: true
        tlsSecretName: "interceptor-cert"
        tlsSecretKey: "ca.crt"

Configuration definitions¶

The following are the configurations that you need when attaching API Policies to an API when working with the REST API interface.

Configuration	Description
`operationPolicies`	This defines that the API Policy will be applied as an operation Policy, which will be only applicable to the specific operation within the API.
`apiPolicies`	This defines that the API Policy will be applied as an API-level Policy, which will be global to all the operations within the specific API.
`request`	Defines that the API Policies should be attached to the Request Flow.
`response`	Defines that the API Policies need to be attached to the Response Flow
`policyName`	Defines the default policy names. For interceptor API policies this should equal to `Interceptor`.
`policyVersion`	Defines the version of the API policy.
`parameters`	This defines the request/response interceptor parameters
`headersEnabled`	Indicates whether request/response header details should be sent to the interceptor service
`bodyEnabled`	Indicates whether request/response body details should be sent to the interceptor service
`contextEnabled`	Indicates whether context details should be sent to the interceptor service
`trailersEnabled`	Indicates whether request/response trailer details should be sent to the interceptor service
`backendUrl`	Backend URL of the interceptor service
`tlsSecretName`	Optional parameter which indicates the reference name for Kubernetes `ConfigMap` resource which contains the tls information
`tlsSecretKey`	Optional parameter which Indicates the tls key name

Deploy APK configuration¶

Refer Quick Start Guide to deploy the API using APK configuration.