Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.apinizer.com/llms.txt

Use this file to discover all available pages before exploring further.

The numbering in the diagram below corresponds to the order of operations.
  • Security Manager in Apinizer requests Basic (Base64) type authentication information from API Client. If this authentication is correct, the flow continues.
  • Apinizer makes a request to Backend API.
  • Backend API responds to Apinizer.
  • Apinizer responds to API Client.
Scenario Diagram

Creating API Proxy

Scenario Diagram Access to the REST API named Swagger Petstore can be provided from https://petstore.swagger.io/. Click the API Proxies option under the Development menu.
Since no proxy definition has been made before on the opened page, the text No records found! appears.
Click the Create button in the top right corner and start creating a new proxy. Scenario Diagram In this section, it is necessary to select what type the API Proxy to be created is. Since the type of API to be used in this scenario will be Swagger 2.X, this type is selected. Click on the Enter URL expression to switch to the screen where the address of the API to be used will be entered. Senaryo Diyagramı Enter the address to be accessed in the URL section and click the Parse button. Scenario Diagram After the Parse operation is performed, settings for the API Proxy can be made.
  • The Usage field specifies who will use the created API Proxy. Options such as publisher, consumer, publisher and consumer are available here.
  • The Sharing Type field specifies the sharing type of the created API Proxy. Options such as external, internal, external and internal are available here.
  • One or both of the two API addresses under the Addresses tab can be selected. If both addresses are selected, Apinizer will perform the Load Balance operation itself.
  • Relative Path is the address where the created API Proxy will be opened for access.
  • The Category List field also allows categorization of the created API Proxy.
Scenario Diagram After these settings are made, the API Proxy is saved. After the save operation, click the Develop tab on the opened page. Scenario Diagram
Policies to be added with the All expression above these endpoints can be applied to all endpoints.
The created API Proxy is deployed. For this, click the Deploy button in the middle section above. Scenario Diagram

Creating Credentials

The information for the Credential to be added will be username = apinizer, password = 123123aA. Go to the Identity Management menu. Here, click the Credentials menu under the Credential Management menu. Scenario Diagram Click the Create button in the top right corner on the opened screen. Scenario Diagram Here, the required fields are filled with the previously specified information and the created credential is saved by clicking the Save and Deploy button. Scenario Diagram The proxy that this credential element will provide access to must be selected. Hover over the created credential and click the Edit option from the menu on the side. Scenario Diagram Click the API Proxy ACL tab from the opened screen, and click the button in this tab. Scenario Diagram On the opened page, API Proxies in the project currently being worked on are listed. The proxy named Swagger Petstore is selected. Click the Add button to specify that the created Credential element will have access to this proxy. Scenario Diagram Click the Save and Deploy button in the top right corner and save the operation. Scenario Diagram

Variable Definition

The definition of the variable to be used in the policy must be made. Click the Add button. Scenario Diagram
  • Enter the name of the variable to be created in the Name input field.
  • The Type field specifies the type of variable to be used.
  • The Header Name field expresses what name the variable to be used will be named in the Header.
The changes made are saved by clicking the Save button. Scenario Diagram

Adding Authentication Policy

The Basic (Base64) Authentication policy can now be added. Go to the page where API Proxies are listed and select the proxy named Swagger Petstore from here. Then go to the Develop tab and click the Add Policy button. On the opened page, the Basic Authentication policy is selected. Scenario Diagram The fields on this screen:
  • The value to be selected in the Identity/Role/Group Service field is the Security Manager value. Because credentials control will be performed by Security Manager.
  • In the Variable for authorization field, since the authentication type used is Basic (Base64) and in this authentication type the username-password information used is encrypted, this expression is used. In this scenario, this value will be retrieved from header.
If the Clear Authentication Information option is selected, authentication information in the incoming message is deleted. Activating this setting is always recommended unless there is a special situation.
  • The Add Client Info To Header option specifies whether client information will be present in the Header going to the backend API.
  • If this option becomes active, another parameter named Authenticated User Header Name appears.
  • The X-Authenticated-UserId expression here specifies the header name with which the client information going to the backend API will go.
Scenario Diagram
The relevant icon is seen when the policy is registered.
For the operation to be valid, the proxy must be Deployed. Scenario Diagram

Testing the API Proxy

After selecting the “/pet/ endpoint, click the Test Endpoint button. Scenario Diagram Enter the desired petId value as “2” in the URL, and when the Send button is pressed, it is seen that the returned response is an error message. Scenario Diagram
It is seen that this error is related to the applied Basic (Base64) Authentication. Because no authentication information has been placed in the header in any way.
Since Basic (Base64) Authentication is used in this proxy, the username and password information must be encrypted in this direction.

Performing Base64 Type Encryption

Select the Toolbox menu under the Test menu. Here, there is a tool that can perform encode and decode in Base64 encryption format. This tool is selected. Scenario Diagram Write the expressions you want to encrypt in the decoded data field, and the encrypted data is obtained in the encoded data field. Scenario Diagram The username and password information, which is the Encoded version, is obtained from here and go back to the page where proxies are listed. Select the proxy named Swagger Petstore. Switch to the Develop tab, select the “/pet/ endpoint from the endpoints listed here, and click Test Endpoint. Enter the desired petId value as “2” again in the URL. Enter the Authorization expression in the Headers and enter the encoded username and password information in Base64 format as its value. Click the Send button to perform the data retrieval operation according to the specified id. Scenario Diagram