API Gateway

About API Gateway

API Gateway is a reverse proxy component built with Spring Cloud Gateway. It routes requests to different backend microservices based on the request path.

Docker Environment Variables

The table below provides a comprehensive overview of the Docker environment variables available for configuring the API Gateway container. You can customize the environment variables to match your specific configuration.

Name Possible Values Required Description

Name	Possible Values	Required	Description
`GATEWAY_ENDPOINTS_KEYCLOAK_ENABLED`	true/false default: true	No	If keycloak is enabled
`GATEWAY_ENDPOINTS_KEYCLOAK_URL`	URL	Yes if(`GATEWAY_ENDPOINTS_KEYCLOAK_ENABLED=true`)	URL of keycloak
`GATEWAY_ENDPOINTS_KEYCLOAK_PATH`	string default: `/auth/**`	No	Path of keycloak
`GATEWAY_ENDPOINTS_ORGANIZATION_MANAGER_ENABLED`	true/false default: false	No	If Organization Manager is enabled
`GATEWAY_ENDPOINTS_ORGANIZATION_MANAGER_URL`	URL	Yes if(`GATEWAY_ENDPOINTS_ORGANIZATION_MANAGER_ENABLED=true`)	URL of the Organization Manager.
`GATEWAY_ENDPOINTS_ORGANIZATION_MANAGER_PATH`	string default: `/api/organizations/**`	No	Path of the Organization manager
`GATEWAY_ENDPOINTS_PLATFORM_MANAGER_ENABLED`	true/false default: true	No	If the Platform Manager is enabled
`GATEWAY_ENDPOINTS_PLATFORM_MANAGER_URL`	URL	Yes if(`GATEWAY_ENDPOINTS_PLATFORM_MANAGER_ENABLED=true`)	URL of the Platform Manager
`GATEWAY_ENDPOINTS_PLATFORM_MANAGER_PATH`	string default: `/api/**`	No	URL of the Platform Manager
`GATEWAY_ENDPOINTS_PLATFORM_UI_ENABLED`	true/false default: true	No	If the Self Service UI is enabled
`GATEWAY_ENDPOINTS_PLATFORM_UI_URL`	URL	Yes if(`GATEWAY_ENDPOINTS_PLATFORM_UI_ENABLED=true`)	URL of the Self Service UI
`GATEWAY_ENDPOINTS_PLATFORM_UI_PATH`	URL default: `/**`	No	Path of the Self Service UI
`GATEWAY_ENDPOINTS_TOPIC_BROWSE_ENABLED`	true/false default: true	No	If the Topic browse is enabled
`GATEWAY_ENDPOINTS_TOPIC_BROWSE_URL`	URL	Yes if(`GATEWAY_ENDPOINTS_TOPICBROWSE_ENABLED=true`)	URL of the Topic browse
`GATEWAY_ENDPOINTS_TOPIC_BROWSE_PATH`	string default: `/api/stream_configs/*/browse`	No	URL of the Topic browse
`GATEWAY_ENDPOINTS_METRICS_EXPOSER_ENABLED`	true/false default: true	No	If the Metrics Exposer is enabled
`GATEWAY_ENDPOINTS_METRICS_EXPOSER_URL`	URL	Yes if(`GATEWAY_ENDPOINTS_METRICSEXPOSER_ENABLED=true`)	URL of the Metrics Exposer
`GATEWAY_ENDPOINTS_METRICS_EXPOSER_PATH`	string default: `/api/metrics/**`	No	Path of the Metrics Exposer
`PERMISSIONS_API_URL`	URL	Yes if(`GATEWAY_ENDPOINTS_TOPICBROWSE_ENABLED=true`)	Endpoint to validate permissions
`TOPICBROWSE-CONFIG-API_URL`	URL	Yes if(`GATEWAY_ENDPOINTS_TOPICBROWSE_ENABLED=true`)	Endpoint to retrieve topic browse configuration
`SSO_KEYCLOAK_ADVERTISED_BASE_URL`	URL	No	URL of Keycloak to be accessed outside the cluster
`SSO_KEYCLOAK_INTERNAL_BASE_URL`	URL	No	URL of Keycloak to be accessed within the cluster
`SSO_KEYCLOAK_USE_INSECURE_TRUST_MANAGER`	true/false default: false	No	Allow accessing Keycloak without TLS chain validation
`LOCAL_AUTH_ISSUER_URL_FOR_VALIDATION`	URL	Yes	Endpoint of the Local Authentication Server Issuer URI (e.g. `https://idp.example.com` )
`LOCAL_AUTH_JWK_SET_URI`	URL	Yes	Endpoint of the Local Authentication Server JWK Set URI (e.g. `https://idp.example.com/.well-known/jwks.json` )
`LOCAL_AUTH_USE_INSECURE_TRUST_MANAGER`	true/false default: true	No	Allow accessing the Local AuthenticationServer (Auth0 or Keycloak) without TLS chain validation
`SPRING_APPLICATION_NAME`	string default: `gateway`	No	Name of the application
`LOGGING_FILTER_ENABLED`	true/false default: true	No	If Logging Filtering is enabled
`MANAGEMENT_SERVER_PORT`	true/false default: 8086	No	Port on which to access Management API
`MANAGEMENT_ENDPOINT_HEALTH_PROBES_ENABLED`	true/false default: true	No	If the Health probes on the Actuator should be enabled
`MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE`	string	No	Actuator Endpoint IDs that should be included or '*' for all
`MANAGEMENT_TRACING_ENABLED`	true/false default: true	No	Tracing is enabled
`MANAGEMENT_TRACING_SAMPLING_PROBABILITY`	number	No	Probability in the range from 0.0 to 1.0 that a trace will be sampled

GATEWAY_ENDPOINTS_KEYCLOAK_ENABLED

true/false
default: true

If keycloak is enabled

GATEWAY_ENDPOINTS_KEYCLOAK_URL

URL

Yes
if(GATEWAY_ENDPOINTS_KEYCLOAK_ENABLED=true)

URL of keycloak

GATEWAY_ENDPOINTS_KEYCLOAK_PATH

string
default: /auth/**

Path of keycloak

GATEWAY_ENDPOINTS_ORGANIZATION_MANAGER_ENABLED

true/false
default: false

If Organization Manager is enabled

GATEWAY_ENDPOINTS_ORGANIZATION_MANAGER_URL

URL

Yes
if(GATEWAY_ENDPOINTS_ORGANIZATION_MANAGER_ENABLED=true)

URL of the Organization Manager.

GATEWAY_ENDPOINTS_ORGANIZATION_MANAGER_PATH

string
default: /api/organizations/**

Path of the Organization manager

GATEWAY_ENDPOINTS_PLATFORM_MANAGER_ENABLED

true/false
default: true

If the Platform Manager is enabled

GATEWAY_ENDPOINTS_PLATFORM_MANAGER_URL

URL

Yes
if(GATEWAY_ENDPOINTS_PLATFORM_MANAGER_ENABLED=true)

URL of the Platform Manager

GATEWAY_ENDPOINTS_PLATFORM_MANAGER_PATH

string
default: /api/**

URL of the Platform Manager

GATEWAY_ENDPOINTS_PLATFORM_UI_ENABLED

true/false
default: true

If the Self Service UI is enabled

GATEWAY_ENDPOINTS_PLATFORM_UI_URL

URL

Yes
if(GATEWAY_ENDPOINTS_PLATFORM_UI_ENABLED=true)

URL of the Self Service UI

GATEWAY_ENDPOINTS_PLATFORM_UI_PATH

URL
default: /**

Path of the Self Service UI

GATEWAY_ENDPOINTS_TOPIC_BROWSE_ENABLED

true/false
default: true

If the Topic browse is enabled

GATEWAY_ENDPOINTS_TOPIC_BROWSE_URL

URL

Yes
if(GATEWAY_ENDPOINTS_TOPICBROWSE_ENABLED=true)

URL of the Topic browse

GATEWAY_ENDPOINTS_TOPIC_BROWSE_PATH

string
default: /api/stream_configs/*/browse

URL of the Topic browse

GATEWAY_ENDPOINTS_METRICS_EXPOSER_ENABLED

true/false
default: true

If the Metrics Exposer is enabled

GATEWAY_ENDPOINTS_METRICS_EXPOSER_URL

URL

Yes
if(GATEWAY_ENDPOINTS_METRICSEXPOSER_ENABLED=true)

URL of the Metrics Exposer

GATEWAY_ENDPOINTS_METRICS_EXPOSER_PATH

string
default: /api/metrics/**

Path of the Metrics Exposer

PERMISSIONS_API_URL

URL

Yes
if(GATEWAY_ENDPOINTS_TOPICBROWSE_ENABLED=true)

Endpoint to validate permissions

TOPICBROWSE-CONFIG-API_URL

URL

Yes
if(GATEWAY_ENDPOINTS_TOPICBROWSE_ENABLED=true)

Endpoint to retrieve topic browse configuration

SSO_KEYCLOAK_ADVERTISED_BASE_URL

URL

URL of Keycloak to be accessed outside the cluster

SSO_KEYCLOAK_INTERNAL_BASE_URL

URL

URL of Keycloak to be accessed within the cluster

SSO_KEYCLOAK_USE_INSECURE_TRUST_MANAGER

true/false
default: false

Allow accessing Keycloak without TLS chain validation

LOCAL_AUTH_ISSUER_URL_FOR_VALIDATION

URL

Yes

Endpoint of the Local Authentication Server Issuer URI (e.g. https://idp.example.com )

LOCAL_AUTH_JWK_SET_URI

URL

Yes

Endpoint of the Local Authentication Server JWK Set URI (e.g. https://idp.example.com/.well-known/jwks.json )

LOCAL_AUTH_USE_INSECURE_TRUST_MANAGER

true/false
default: true

Allow accessing the Local AuthenticationServer (Auth0 or Keycloak) without TLS chain validation

SPRING_APPLICATION_NAME

string
default: gateway

Name of the application

LOGGING_FILTER_ENABLED

true/false
default: true

If Logging Filtering is enabled

MANAGEMENT_SERVER_PORT

true/false
default: 8086

Port on which to access Management API

MANAGEMENT_ENDPOINT_HEALTH_PROBES_ENABLED

true/false
default: true

If the Health probes on the Actuator should be enabled

MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE

string

Actuator Endpoint IDs that should be included or '*' for all

MANAGEMENT_TRACING_ENABLED

true/false
default: true

Tracing is enabled

MANAGEMENT_TRACING_SAMPLING_PROBABILITY

number

Probability in the range from 0.0 to 1.0 that a trace will be sampled

Running the Docker Container

The following Docker run command starts the API Gateway container with minimum essential environment variables and volume mounts.

Example:

docker run --rm --name example-api-gw-container \
[IMAGE_REGISTRY]/axual/api-gateway:[IMAGE_TAG]