Supported Features
The following table lists the features that are supported by dedicated gateways.
|
Feature Name |
Feature Description |
Configurable |
Feature Configuration Example |
Configuration Parameter |
Parameter Description |
Default Value |
Value Range |
|---|---|---|---|---|---|---|---|
|
lts |
Reporting of Shubao access logs |
Yes |
{"name":"lts","enable":true,"config": "{\"group_id\": ",\"topic_id\":\"\",\"log_group\":\"\",\"log_stream\":\"\"}"} |
group_id |
Log group ID. |
- |
- |
|
topic_id |
Log stream ID. |
- |
- |
||||
|
log_group |
Name of a log group. |
- |
- |
||||
|
log_stream |
Name of a log stream. |
- |
- |
||||
|
gateway_responses |
Custom gateway responses |
No |
- |
- |
- |
- |
- |
|
ratelimit |
Request throttling limit configuration |
Yes |
{"name":"ratelimit","enable":true,"config": "{\"api_limits\": 500}"} |
api_limits |
Default request throttling value applied to all APIs. Set this parameter properly to meet service requirements. A small value may constantly throttle your services. |
200 calls per second |
1–1,000,000 calls per second |
|
request_body_size |
Configuration of the maximum request body size |
Yes |
{"name":"request_body_size","enable":true,"config": "104857600"} |
request_body_size |
Maximum size of the body allowed in an API request. |
12 M |
1-9536 M |
|
backend_timeout |
Backend timeout configuration |
Yes |
{"name":"backend_timeout","enable":true,"config": "{"max_timeout": 500}"} |
max_timeout |
Maximum timeout duration for APIC to access a backend service. |
60000 ms |
1-600000 ms |
|
app_token |
app_token authentication |
Yes |
{"name":"app_token","enable":true,"config": "{\"enable\": \"on\", \"app_token_expire_time\": 3600, \"app_token_uri\": \"/v1/apigw/oauth2/token\", \"refresh_token_expire_time\": 7200}"} |
enable |
Whether to enable app_token authentication. |
off |
on/off |
|
app_token_expire_time |
Validity period of the access token. |
3600 s |
1-72000 s |
||||
|
refresh_token_expire_time |
Validity period of the refresh token. |
7200 s |
1-72000 s |
||||
|
app_token_uri |
URI used for obtaining the token. |
/v1/apigw/oauth2/token |
- |
||||
|
app_token_key |
Token encryption key. |
- |
- |
||||
|
app_api_key |
app_api_key authentication |
Yes |
{"name":"app_api_key","enable":true,"config": "on"} |
- |
- |
off |
on/off |
|
app_basic |
app_basic authentication |
Yes |
{"name":"app_basic","enable":true,"config": "on"} |
- |
- |
off |
on/off |
|
app_secret |
app_secret authentication |
Yes |
{"name":"app_secret","enable":true,"config": "on"} |
- |
- |
off |
on/off |
|
app_jwt |
app_jwt authentication |
Yes |
{"name":"app_jwt","enable":true,"config": "{\"enable\": \"on\", \"auth_header\": \"Authorization\"}"} |
enable |
Whether to enable app_jwt authentication. |
off |
on/off |
|
auth_header |
app_jwt authentication header. |
Authorization |
- |
||||
|
public_key |
Public_key backend signatures |
Yes |
{"name":"public_key","enable":true,"config": "{\"enable\": \"on\", \"public_key_uri_prefix\": \"/apigw/authadv/v2/public-key/\"}"} |
enable |
Whether to enable app_jwt authentication. |
off |
on/off |
|
public_key_uri_prefix |
URI prefix used for obtaining the public key. |
/apigw/authadv/v2/public-key/ |
- |
||||
|
backend_token_allow |
Allowing tenants to transparently transmit tokens to the backend |
Yes |
{"name":"backend_token_allow","enable":true,"config": "{\"backend_token_allow_users\": [\"paas_apig_wwx548366_01\"]}"} |
backend_token_allow_users |
Regular expression for transparently transmitting the token to the common tenant whitelist of the tenant to match the domain name of the common tenant. |
- |
- |
|
sign_basic |
Basic signature keys |
No |
- |
- |
- |
- |
- |
|
multi_auth |
Two-factor authentication |
No |
- |
- |
- |
- |
- |
|
backend_client_certificate |
Backend two-way authentication |
Yes |
{"name":"backend_client_certificate","enable":true,"config": "{\"enable\": \"on\",\"ca\": \"\",\"content\": \"\",\"key\": \"\"}"} |
enable |
Whether to enable this feature. |
off |
on/off |
|
ca |
CA file of two-way authentication. |
- |
- |
||||
|
content |
Two-way authentication file. |
- |
- |
||||
|
key |
Private key of two-way authentication. |
- |
- |
||||
|
ssl_ciphers |
HTTPS cipher suites |
Yes |
{"name":"ssl_ciphers","enable":true,"config": "config": "{\"ssl_ciphers\": [\"ECDHE-ECDSA-AES256-GCM-SHA384\"]}"} |
ssl_ciphers |
Encryption and decryption suites supported. The ssl_ciphers parameter cannot be left blank and can contain only the options in the default value. |
- |
ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256 |
|
real_ip_from_xff |
X-Forwarded-For header for identifying IP addresses during access control and request throttling |
Yes |
{"name": "real_ip_from_xff","enable": true,"config": {"enable": "on","xff_index": -1}} |
enable |
Whether to enable this feature. |
off |
on/off |
|
xff_index |
Sequence number of an IP address in the X-Forwarded-For header. The value of this parameter can be 0 or a positive or negative number. If the value is 0 or a positive number, the IP address of the corresponding index is obtained from the X-Forwarded-For header. If the value is a negative number, the IP address in reverse index order is obtained from the X-Forwarded-For header. For example, assume that the X-Forwarded-For header of a request received by API gateway contains three IP addresses: IP1, IP2, and IP3. If the value of xff_index is 0, IP1 is obtained. If the value of xff_index is 1, IP2 is obtained. If the value of xff_index is –1, IP3 is obtained. |
-1 |
Valid Int32 value |
Last Article: Error Codes
Next Article: Obtaining a Project ID
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.