Supported Features
The following table lists the features that are supported by dedicated gateways.
If the gateway you use does not have specific features, contact technical support to upgrade your gateway.
|
Feature Name |
Feature Description |
Configurable |
Feature Configuration Example |
Configuration Parameter |
Parameter Description |
Default Value |
Value Range |
|---|---|---|---|---|---|---|---|
|
lts |
Reporting of Shubao access logs |
Yes |
{"name":"lts","enable":true,"config": "{\"group_id\": ",\"topic_id\":\"\",\"log_group\":\"\",\"log_stream\":\"\"}"} |
group_id |
Log group ID. |
- |
- |
|
topic_id |
Log stream ID. |
- |
- |
||||
|
log_group |
Name of a log group. |
- |
- |
||||
|
log_stream |
Name of a log stream. |
- |
- |
||||
|
gateway_responses |
Custom gateway responses |
No |
- |
- |
- |
- |
- |
|
ratelimit |
Request throttling limit configuration |
Yes |
{"name":"ratelimit","enable":true,"config": "{\"api_limits\": 500}"} |
api_limits |
Default request throttling value applied to all APIs. Set this parameter properly to meet service requirements. A small value may constantly throttle your services. |
200 calls per second |
1–1,000,000 calls per second |
|
request_body_size |
Configuration of the maximum request body size |
Yes |
{"name":"request_body_size","enable":true,"config": "104857600"} |
request_body_size |
Maximum size of the body allowed in an API request. |
12 MB |
1–9536 MB |
|
backend_timeout |
Backend timeout configuration |
Yes |
{"name":"backend_timeout","enable":true,"config": "{"max_timeout": 500}"} |
max_timeout |
Maximum timeout duration for APIC to access a backend service. |
60,000 ms |
1-600,000 ms |
|
app_token |
app_token authentication |
Yes |
{"name":"app_token","enable":true,"config": "{\"enable\": \"on\", \"app_token_expire_time\": 3600, \"app_token_uri\": \"/v1/apigw/oauth2/token\", \"refresh_token_expire_time\": 7200}"} |
enable |
Whether to enable app_token authentication. |
Off |
On/Off |
|
app_token_expire_time |
Validity period of the access token. |
3600s |
1–72,000s |
||||
|
refresh_token_expire_time |
Validity period of the refresh token. |
7200s |
1–72,000s |
||||
|
app_token_uri |
URI used for obtaining the token. |
/v1/apigw/oauth2/token |
- |
||||
|
app_token_key |
Token encryption key. |
- |
- |
||||
|
app_api_key |
app_api_key authentication |
Yes |
{"name":"app_api_key","enable":true,"config": "on"} |
- |
- |
Off |
On/Off |
|
app_basic |
app_basic authentication |
Yes |
{"name":"app_basic","enable":true,"config": "on"} |
- |
- |
Off |
On/Off |
|
app_secret |
app_secret authentication |
Yes |
{"name":"app_secret","enable":true,"config": "on"} |
- |
- |
Off |
On/Off |
|
app_jwt |
app_jwt authentication |
Yes |
{"name":"app_jwt","enable":true,"config": "{\"enable\": \"on\", \"auth_header\": \"Authorization\"}"} |
enable |
Whether to enable app_jwt authentication. |
Off |
On/Off |
|
auth_header |
app_jwt authentication header. |
Authorization |
- |
||||
|
public_key |
Public_key backend signatures |
Yes |
{"name":"public_key","enable":true,"config": "{\"enable\": \"on\", \"public_key_uri_prefix\": \"/apigw/authadv/v2/public-key/\"}"} |
enable |
Whether to enable app_jwt authentication. |
Off |
On/Off |
|
public_key_uri_prefix |
URI prefix used for obtaining the public key. |
/apigw/authadv/v2/public-key/ |
- |
||||
|
backend_token_allow |
Allowing tenants to transparently transmit tokens to the backend |
Yes |
{"name":"backend_token_allow","enable":true,"config": "{\"backend_token_allow_users\": [\"paas_apig_wwx548366_01\"]}"} |
backend_token_allow_users |
Regular expression for transparently transmitting the token to the common tenant whitelist of the tenant to match the domain name of the common tenant. |
- |
- |
|
sign_basic |
Basic signature keys |
No |
- |
- |
- |
- |
- |
|
multi_auth |
Two-factor authentication |
No |
- |
- |
- |
- |
- |
|
backend_client_certificate |
Backend two-way authentication |
Yes |
{"name":"backend_client_certificate","enable":true,"config": "{\"enable\": \"on\",\"ca\": \"\",\"content\": \"\",\"key\": \"\"}"} |
enable |
Whether to enable this feature. |
Off |
On/Off |
|
ca |
CA file of two-way authentication. |
- |
- |
||||
|
content |
Two-way authentication file. |
- |
- |
||||
|
key |
Private key of two-way authentication. |
- |
- |
||||
|
ssl_ciphers |
HTTPS cipher suites |
Yes |
{"name":"ssl_ciphers","enable":true,"config": "config": "{\"ssl_ciphers\": [\"ECDHE-ECDSA-AES256-GCM-SHA384\"]}"} |
ssl_ciphers |
Encryption and decryption suites supported. The ssl_ciphers parameter cannot be left blank and can contain only the options in the default value. |
- |
ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256 |
|
real_ip_from_xff |
X-Forwarded-For header for identifying IP addresses during access control and request throttling |
Yes |
{"name": "real_ip_from_xff","enable": true,"config": {"enable": "on","xff_index": -1}} |
enable |
Whether to enable this feature. |
Off |
On/Off |
|
xff_index |
Sequence number of an IP address in the X-Forwarded-For header. The value of this parameter can be 0 or a positive or negative number. If the value is 0 or a positive number, the IP address of the corresponding index is obtained from the X-Forwarded-For header. If the value is a negative number, the IP address in reverse index order is obtained from the X-Forwarded-For header. For example, assume that the X-Forwarded-For header of a request received by API gateway contains three IP addresses: IP1, IP2, and IP3. If the value of xff_index is 0, IP1 is obtained. If the value of xff_index is 1, IP2 is obtained. If the value of xff_index is –1, IP3 is obtained. |
-1 |
Valid Int32 value |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
