Cloud API Gateway¶
- Traffic management
- Authorization and access control
- Rate limiting
- API payload processing
The Cloud API Gateway is managed, maintained, and hosted by Harmony and does not require any configuration. API Manager security features are configured at the API level or security profile level and are cached on the API Gateway, which are then referenced during API runtime as described below.
Cloud API Gateway System Architecture¶
This diagram displays the system architecture of a Custom API deployed using a Cloud Agent and the Cloud API Gateway:
An API consumer makes a call to the API located at the Cloud API Gateway.
The Cloud API Gateway references the cached security profiles (if applicable) and API metadata to perform authentication and access control tasks. If access to the API is denied, the Cloud API Gateway will return an appropriate HTTP response and status to the API consumer. If access to the API is granted, the API request is routed to the messaging service, which routes requests for Agent Groups.
The Cloud Agent receives the request from the messaging service.
The Cloud Agent references the API operation specified during the Custom API configuration and triggers the deployed operation.
The API response payload is routed from the Cloud Agent back to the Cloud API Gateway, which extracts the API payload and sets the final HTTP response and status. The HTTP response and status is sent to the API consumer.
Unless the operation being triggered by the API call is using temporary storage, the API response payload will remain on the agent for a maximum of two days. The API response payload will remain on the Cloud API Gateway for no longer than the API Gateway timeout of 15 seconds.
Runtime status information and logs of running operations are sent to the transaction logs database.