Supported Features
The following table lists the features that are supported by dedicated gateways.
| Feature Name | Feature Description | Configurable | Feature Configuration Example | Configuration Parameter | Parameter Description | Default Value | Value Range |
|---|---|---|---|---|---|---|---|
| lts | Reporting of Shubao access logs | Yes | {"name":"lts","enable":true,"config": "{\"group_id\": ",\"topic_id\":\"\",\"log_group\":\"\",\"log_stream\":\"\"}"} | group_id | Log group ID. | - | - |
| topic_id | Log stream ID. | - | - | ||||
| log_group | Name of a log group. | - | - | ||||
| log_stream | Name of a log stream. | - | - | ||||
| gateway_responses | Custom gateway responses | No | - | - | - | - | - |
| ratelimit | Request throttling limit configuration | Yes | {"name":"ratelimit","enable":true,"config": "{\"api_limits\": 500}"} | api_limits | Default request throttling value applied to all APIs. Set this parameter properly to meet service requirements. A small value may constantly throttle your services. | 200 calls per second | 1–1,000,000 calls per second |
| request_body_size | Configuration of the maximum request body size | Yes | {"name":"request_body_size","enable":true,"config": "104857600"} | request_body_size | Maximum size of the body allowed in an API request. | 12 M | 1-9536 M |
| backend_timeout | Backend timeout configuration | Yes | {"name":"backend_timeout","enable":true,"config": "{"max_timeout": 500}"} | max_timeout | Maximum timeout duration for APIC to access a backend service. | 60000 ms | 1-600000 ms |
| app_token | app_token authentication | Yes | {"name":"app_token","enable":true,"config": "{\"enable\": \"on\", \"app_token_expire_time\": 3600, \"app_token_uri\": \"/v1/apigw/oauth2/token\", \"refresh_token_expire_time\": 7200}"} | enable | Whether to enable app_token authentication. | off | on/off |
| app_token_expire_time | Validity period of the access token. | 3600 s | 1-72000 s | ||||
| refresh_token_expire_time | Validity period of the refresh token. | 7200 s | 1-72000 s | ||||
| app_token_uri | URI used for obtaining the token. | /v1/apigw/oauth2/token | - | ||||
| app_token_key | Token encryption key. | - | - | ||||
| app_api_key | app_api_key authentication | Yes | {"name":"app_api_key","enable":true,"config": "on"} | - | - | off | on/off |
| app_basic | app_basic authentication | Yes | {"name":"app_basic","enable":true,"config": "on"} | - | - | off | on/off |
| app_secret | app_secret authentication | Yes | {"name":"app_secret","enable":true,"config": "on"} | - | - | off | on/off |
| app_jwt | app_jwt authentication | Yes | {"name":"app_jwt","enable":true,"config": "{\"enable\": \"on\", \"auth_header\": \"Authorization\"}"} | enable | Whether to enable app_jwt authentication. | off | on/off |
| auth_header | app_jwt authentication header. | Authorization | - | ||||
| public_key | Public_key backend signatures | Yes | {"name":"public_key","enable":true,"config": "{\"enable\": \"on\", \"public_key_uri_prefix\": \"/apigw/authadv/v2/public-key/\"}"} | enable | Whether to enable app_jwt authentication. | off | on/off |
| public_key_uri_prefix | URI prefix used for obtaining the public key. | /apigw/authadv/v2/public-key/ | - | ||||
| backend_token_allow | Allowing tenants to transparently transmit tokens to the backend | Yes | {"name":"backend_token_allow","enable":true,"config": "{\"backend_token_allow_users\": [\"paas_apig_wwx548366_01\"]}"} | backend_token_allow_users | Regular expression for transparently transmitting the token to the common tenant whitelist of the tenant to match the domain name of the common tenant. | - | - |
| sign_basic | Basic signature keys | No | - | - | - | - | - |
| multi_auth | Two-factor authentication | No | - | - | - | - | - |
| backend_client_certificate | Backend two-way authentication | Yes | {"name":"backend_client_certificate","enable":true,"config": "{\"enable\": \"on\",\"ca\": \"\",\"content\": \"\",\"key\": \"\"}"} | enable | Whether to enable this feature. | off | on/off |
| ca | CA file of two-way authentication. | - | - | ||||
| content | Two-way authentication file. | - | - | ||||
| key | Private key of two-way authentication. | - | - | ||||
| ssl_ciphers | HTTPS cipher suites | Yes | {"name":"ssl_ciphers","enable":true,"config": "config": "{\"ssl_ciphers\": [\"ECDHE-ECDSA-AES256-GCM-SHA384\"]}"} | ssl_ciphers | Encryption and decryption suites supported. The ssl_ciphers parameter cannot be left blank and can contain only the options in the default value. | - | ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256 |
| real_ip_from_xff | X-Forwarded-For header for identifying IP addresses during access control and request throttling | Yes | {"name": "real_ip_from_xff","enable": true,"config": {"enable": "on","xff_index": -1}} | enable | Whether to enable this feature. | off | on/off |
| xff_index | Sequence number of an IP address in the X-Forwarded-For header. The value of this parameter can be 0 or a positive or negative number. If the value is 0 or a positive number, the IP address of the corresponding index is obtained from the X-Forwarded-For header. If the value is a negative number, the IP address in reverse index order is obtained from the X-Forwarded-For header. For example, assume that the X-Forwarded-For header of a request received by API gateway contains three IP addresses: IP1, IP2, and IP3. If the value of xff_index is 0, IP1 is obtained. If the value of xff_index is 1, IP2 is obtained. If the value of xff_index is –1, IP3 is obtained. | -1 | Valid Int32 value |
Last Article: Error Codes
Next Article: Obtaining a Project ID
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.