{"id":37951,"date":"2020-06-18T09:45:21","date_gmt":"2020-06-18T09:45:21","guid":{"rendered":"https:\/\/www.polarising.com\/?p=37951"},"modified":"2022-04-14T10:38:13","modified_gmt":"2022-04-14T10:38:13","slug":"an-entire-new-experience-with-apigee-edge","status":"publish","type":"post","link":"https:\/\/polarising.com\/techinside\/an-entire-new-experience-with-apigee-edge\/","title":{"rendered":"An entire new experience with Apigee Edge."},"content":{"rendered":"<p>Recently, I started working with a new platform called <strong>Apigee Edge<\/strong>. Edge is an API Gateway, and it is intended to mediate API calls between client applications and the backend system. By doing this, Edge can:<\/p>\n<ul>\n<li>Offer a single point-of-access to an organization APIs;<\/li>\n<li>Leverage security across different APIs;<\/li>\n<li>Implement monetization, throttling and quota management policies;<\/li>\n<li>Monitor and analyze API traffic;<\/li>\n<li>Translate between different protocols and message formats;<\/li>\n<li>Route dynamically between different endpoints;<\/li>\n<li>Enrich messages with extra data.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-37953 size-full alignright\" src=\"https:\/\/www.polarising.com\/site\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-1.png\" alt=\"\" width=\"480\" height=\"389\" srcset=\"https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-1.png 480w, https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-1-300x243.png 300w\" sizes=\"auto, (max-width: 480px) 100vw, 480px\" \/><br \/>\nApigee was bought by Google in 2016 and Edge is now the <em>de facto<\/em> official API Gateway for Google Cloud Platform (GCP). Edge can run either on a private cloud or a public one: GCP, off course, but also AWS and others.<\/p>\n<h3><\/h3>\n<h3><\/h3>\n<h3><\/h3>\n<h3><\/h3>\n<h3><\/h3>\n<h3><\/h3>\n<h3>So, how does it work?<\/h3>\n<p>To understand how Edge works, you first need to get familiar with a few key concepts:<\/p>\n<ul>\n<li>A <strong>proxy endpoint <\/strong>(PE) is the endpoint that you\u2019ll expose to your client apps. It\u2019s what your clients will see and what they will \u201cunderstand\u201d as your API. A proxy endpoint is the entry point for messages in Apigee.<\/li>\n<li>A <strong>target endpoint <\/strong>(TE) represents the endpoints that your API will connect to, the backend systems. They are the exit points of messages.<\/li>\n<li>A <strong>policy <\/strong>is a logic implementing unit that represents some action within Edge, for example, enforcing OAUTH authentication, transforming the message from XML to JSON, updating a variable, etc. In other words, a policy is a mediator that will process your message.<\/li>\n<li>The <strong>request\/response<\/strong> <strong>flow<\/strong> (or simply \u201cflow\u201d) represents the path a message goes through within Edge. Every message is received by a proxy endpoint and may pass through a number of policies before being forwarded to the target endpoint. Any response from the TE will also be processed before being sent back to the client app \u2013 those phases are logically known as the <strong>request<\/strong> and <strong>response<\/strong> phases.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-37954 size-full\" src=\"https:\/\/www.polarising.com\/site\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-2.png\" alt=\"\" width=\"783\" height=\"545\" srcset=\"https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-2.png 783w, https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-2-300x209.png 300w, https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-2-768x535.png 768w\" sizes=\"auto, (max-width: 783px) 100vw, 783px\" \/><span style=\"font-size: 8pt;\"><em>Figure 1: request\/response flow on Edge<\/em><\/span><\/p>\n<p>Edge offers many out-of-the-box policies that you can use, including for variable extraction and assignment, payload validation, authentication, calling other APIs, etc (you can see a reference for all policies <a href=\"https:\/\/docs.apigee.com\/api-platform\/reference\/policies\/reference-overview-policy\" target=\"_blank\" rel=\"noopener\">here<\/a>). You can also write your own policies based on Java, javascript and python.<\/p>\n<p>The policies that Edge offers can be classified by:<\/p>\n<ul>\n<li>Traffic management: control quotas, concurrency, as well as caching.<\/li>\n<li>Mediation: message parsing, validation and transformation.<\/li>\n<li>Security: access control with OAuth, Api Keys, etc.<\/li>\n<li>Extension: define custom policies, such as services callout or scripts.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3>Publishing and monitoring your APIs.<\/h3>\n<p>Edge also has a powerful monitoring module that allows you to check the operation of your APIs, including pre-configured dashboards for the most common metrics such as traffic, errors, geomapping, etc. You can also define your own KPIs, and create reports based on them, as well as define alerts based on those metrics.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-37955 size-large\" src=\"https:\/\/www.polarising.com\/site\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-3-1024x577.png\" alt=\"\" width=\"1024\" height=\"577\" srcset=\"https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-3-1024x577.png 1024w, https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-3-300x169.png 300w, https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-3-768x433.png 768w, https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-3.png 1162w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><em><span style=\"font-size: 8pt;\">Figure 2: proxy performance dashboard<\/span><\/em><\/p>\n<p>Edge allows you to easily create a fully customizable Developer\u2019s Portal, where developers can study and register to use your APIs. It offers a complete solution for managing access control to your APIs, including Oauth2, SAML and other authentication mechanisms. Finally, Edge has a built-in two-level caching mechanism that operates transparently for the developer.<\/p>\n<p>In our experience so far, Edge has shown to be a complex yet easy to use platform, making it a powerful tool to build integration scenarios upon.<\/p>\n<p>&nbsp;<\/p>\n<h3>Getting our hands dirty.<\/h3>\n<p>Let\u2019s see a practical example of Edge capabilities. We had a use case for a client who demanded that when we got an incoming request, it was necessary to first check whether we had a BPEL process instance already running in the backend for that particular transaction. If so, we could reuse it, otherwise, we needed to start a new process.<\/p>\n<p>In practical terms, this meant that we needed first to make a call to a specific endpoint to inquiry about the running BPEL instances. Depending on the response, we would either direct the request to the appropriate instance, or call the \u201ccreate BPEL process\u201d endpoint. This was an unusual scenario for an API management platform to handle, something that would usually fall more into the scope of an Enterprise Serial Bus (ESB). However, it was quite straightforward to handle it on Edge.<\/p>\n<p>&nbsp;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-37959 size-full\" src=\"https:\/\/www.polarising.com\/site\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-5.jpg\" alt=\"\" width=\"633\" height=\"205\" srcset=\"https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-5.jpg 633w, https:\/\/polarising.com\/techinside\/wp-content\/uploads\/2020\/06\/apg-edge-imagem-5-300x97.jpg 300w\" sizes=\"auto, (max-width: 633px) 100vw, 633px\" \/><br \/>\n<span style=\"font-size: 8pt;\"><em>Figure 3: chain of policies (mediators) that process the request message<\/em><\/span><\/p>\n<p>The above figure shows the chain of policies (mediators) used to process the incoming request of a proxy service. Notice the policies signaled with arrows:<\/p>\n<p>(1) a standard policy used to enforce OAuth authentication for this proxy.<br \/>\n(2) a Call mediator that makes the request to get the running processes.<br \/>\n(3) a process the response and, in case there\u2019s no process already running for the particular transaction uses&#8230;<br \/>\n(4) &#8230; another Call to initialize the process.<\/p>\n<p>From there the processing follows normally, doing some more verifications before forwarding the request to the target endpoint. When the response is received, any policies in the Response lane would be executed (not shown here).<\/p>\n<p>Contact Polarising to know more about our solutions at <a href=\"mailto:info@polarising.com\">info@polarising.com<\/a>.<\/p>\n<p><strong>Pedro Dantas<\/strong><br \/>\n<strong>System Integrations Specialist<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recently, I started working with a new platform called Apigee Edge. Edge is an API Gateway, and it is intended to mediate API calls between client applications and the backend system. By doing this, Edge can: Offer a single point-of-access to an organization APIs; Leverage security across different APIs; Implement monetization, throttling and quota management [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"categories":[7,8,3,4],"tags":[],"class_list":["post-37951","post","type-post","status-publish","format-standard","hentry","category-integration","category-management","category-solutions","category-technology"],"uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false,"authorship-box-avatar":false,"authorship-box-related":false},"uagb_author_info":{"display_name":"Pedro Dantas","author_link":"https:\/\/polarising.com\/techinside\/author\/pedro-dantas\/"},"uagb_comment_info":0,"uagb_excerpt":"Recently, I started working with a new platform called Apigee Edge. Edge is an API Gateway, and it is intended to mediate API calls between client applications and the backend system. By doing this, Edge can: Offer a single point-of-access to an organization APIs; Leverage security across different APIs; Implement monetization, throttling and quota management&hellip;","_links":{"self":[{"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/posts\/37951","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/comments?post=37951"}],"version-history":[{"count":1,"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/posts\/37951\/revisions"}],"predecessor-version":[{"id":42966,"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/posts\/37951\/revisions\/42966"}],"wp:attachment":[{"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/media?parent=37951"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/categories?post=37951"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/polarising.com\/techinside\/wp-json\/wp\/v2\/tags?post=37951"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}