Help Center> API Gateway> API Reference> Dedicated Gateway APIs (V2)> Gateway Feature Management> Configuring a Feature for a Gateway
View PDF

Configuring a Feature for a Gateway

Function

This API is used to configure a feature for an instance.

The following table lists the supported features and configuration examples.

Feature Name Feature Description Configuration Example Configuration Parameter
Parameter Name Parameter Description Default Value Value Range
lts Reporting of Shubao access logs {"name":"lts","enable":true,"config": "{\"group_id\": ",\"topic_id\":\"\",\"log_group\":\"\",\"log_stream\":\"\"}"} group_id Log group ID.
topic_id Log stream ID.
log_group Log group name.
log_stream Log stream name.
ratelimit Request throttling limit configuration {"name":"ratelimit","enable":true,"config": "{\"api_limits\": 500}"} api_limits Default request throttling limit for APIs. Set this parameter properly to meet service requirements. A small value may constantly throttle your services. 200 calls/second 1–1,000,000 calls/second
request_body_size Configuration of the maximum request body size {"name":"request_body_size","enable":true,"config": "104857600"} request_body_size The maximum body size allowed for a request. 12 MB 1–9536 MB
backend_timeout Maximum backend timeout configuration {"name":"backend_timeout","enable":true,"config": "{"max_timeout": 500}"} max_timeout Maximum timeout allowed for API Gateway to request the backend service. 60,000 ms 1–600,000 ms
app_token app_token authentication {"name":"app_token","enable":true,"config": "{\"enable\": \"on\", \"app_token_expire_time\": 3600, \"app_token_uri\": \"/v1/apigw/oauth2/token\", \"refresh_token_expire_time\": 7200}"} enable Indicates whether to enable app_token authentication. off on/off
app_token_expire_time Validity period of the access token. 3600s 1–72,000s
refresh_token_expire_time Validity period of the refresh token. 7200s 1–72,000s
app_token_uri URI used to obtain a token. /v1/apigw/oauth2/token
app_token_key Encryption key of the token.
app_api_key app_api_key authentication {"name":"app_api_key","enable":true,"config": "on"} off on/off
app_basic app_basic authentication {"name":"app_basic","enable":true,"config": "on"} off on/off
app_secret app_secret authentication {"name":"app_secret","enable":true,"config": "on"} off on/off
app_jwt app_jwt authentication {"name":"app_jwt","enable":true,"config": "{\"enable\": \"on\", \"auth_header\": \"Authorization\"}"} enable Indicates whether to enable app_jwt authentication. off on/off
auth_header app_jwt authentication header. Authorization
public_key public_key backend signatures {"name":"public_key","enable":true,"config": "{\"enable\": \"on\", \"public_key_uri_prefix\": \"/apigw/authadv/v2/public-key/\"}"} enable Indicates whether to enable app_jwt authentication. off on/off
public_key_uri_prefix URI prefix for obtaining a public key. /apigw/authadv/v2/public-key/
backend_token_allow Allowing tenants to transparently transmit tokens to the backend {"name":"backend_token_allow","enable":true,"config": "{\"backend_token_allow_users\": [\"paas_apig_wwx548366_01\"]}"} backend_token_allow_users Whitelist of tenants allowed to transparently transmit tokens to the backend. The value is a regular expression of domain names.
backend_client_certificate Backend two-way authentication {"name":"backend_client_certificate","enable":true,"config": "{\"enable\": \"on\",\"ca\": \"\",\"content\": \"\",\"key\": \"\"}"} enable Indicates whether to enable backend two-way authentication. off on/off
ca Trust certificate for two-way authentication.
content Two-way authentication certificate.
key Private key for two-way authentication.
ssl_ciphers HTTPS cipher suites {"name":"ssl_ciphers","enable":true,"config": "config": "{\"ssl_ciphers\": [\"ECDHE-ECDSA-AES256-GCM-SHA384\"]}"} ssl_ciphers Supported cipher suites. The ssl_ciphers parameter cannot be left blank and can contain only the options in the value range. ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256
real_ip_from_xff Indicates whether to use the X-Forwarded-For header to identify the source IP address during access control and request throttling. {"name":"real_ip_from_xff","enable": true,"config": "{\"enable\": \"on\",\"xff_index\": 1}"} enable Indicates whether to enable this feature. off on/off
xff_index Index of the source IP address in the X-Forwarded-For header. (Negative numbers are allowed and –1 is the last index.) -1 Valid Int32 value

Debugging

You can use API Explorer to debug this API.

URI

POST /v2/{project_id}/apigw/instances/{instance_id}/features

Table 1 Path parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID. For details about how to obtain a project ID, see "Appendix" > "Obtaining a Project ID" in this document.

instance_id

Yes

String

Gateway ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token, which can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token.
Table 3 Request body parameters

Parameter

Mandatory

Type

Description

name

Yes

String

Feature name.

Minimum: 1

Maximum: 64

enable

Yes

Boolean

Indicates whether to enable the feature.

config

No

String

Parameter configuration.

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

id

String

Feature ID.

name

String

Feature name.

Minimum: 1

Maximum: 64

enable

Boolean

Indicates whether to enable the feature.

config

String

Parameter configuration.

instance_id

String

Gateway ID.

update_time

String

Feature update time.

Status code: 400

Table 5 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

Status code: 401

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

Status code: 403

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

Status code: 404

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

Status code: 500

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

Example Requests

{
  "name" : "app_api_key",
  "config" : "on",
  "enable" : true
}

Example Responses

Status code: 200

OK

{
  "config" : "on",
  "enable" : true,
  "id" : "db9a9260cd3e4a16a9b5747a65d3ffaa",
  "instance_id" : "eddc4d25480b4cd6b512f270a1b8b341",
  "name" : "app_api_key",
  "update_time" : "2020-08-24T01:17:31.041984021Z"
}

Status code: 400

Bad Request

{
  "error_code" : "APIG.2000",
  "error_msg" : "unrecognized feature app-api-key"
}

Status code: 401

Unauthorized

{
  "error_code" : "APIG.1002",
  "error_msg" : "Incorrect token or token resolution failed"
}

Status code: 403

Forbidden

{
  "error_code" : "APIG.1005",
  "error_msg" : "No permissions to request this method"
}

Status code: 404

Not Found

{
  "error_code" : "APIG.3030",
  "error_msg" : "The instance does not exist;id:eddc4d25480b4cd6b512f270a1b8b341"
}

Status code: 500

Internal Server Error

{
  "error_code" : "APIG.9999",
  "error_msg" : "System error"
}

Status Codes

Status Code

Description

200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

500

Internal Server Error

Error Codes

See Error Codes.