Debuging application requests raised from API Portal

webMethods API Portal guide

The API Management suite of products includes two key components

API Gateway:

Roles & Responsibilities of API gateway includes:

  • API creation & Policy enforcement
  • Security - Authentication & authorisation (e.g. OAuth or JWT or API Keys)
  • Threat protection (e.g. DoS etc)
  • Protocol transformation, routing & orchestration (e.g. SOAP2REST or Mashup)
  • Analytics & monitoring
  • Throtlling & SLA management

API Portal:

  • Generate documentation automatically from published API specification
  • Ability to customize the portal to match to your organization’s branding
  • Provide developers with SDKs for kick start API consumption.
  • Simple intitutive interface(playground) for making sample request to test the published API 
  • Ability to configure various user onboarding workflows

Communication between API Portal & API Gateway

Below picture captures the overall interaction between API Gateway/ API Portal

Often times people find it very difficult in isolating the causes for the errors in communication failures between these core components. In this article we will see possible checkpoints to isolate the communication failure with respect to application creation request.

Application creation:

Based on the security policy enforcement in API Gateway, API Portal will show a get access token link API details view for the protected APIs. End developers can use the "Request API  Access Token" dialog to request new application to consume the API of interest. The request raised in the API Portal immediately delivered to API Gateway for processing(assuming API Gateway is reachable from API Portal). Various such activities performed by end developers are captured as events in API Portal and their respective statuses are tracked in API Portal. This scenario is tracked as "REQUEST_ACCESS_TOKEN"

Check point I:

Query the events API. 

curl --request GET \
  --url 'https://api.portal/abs/apirepository/v1/events?eventStatus=NEW,INPROGRESS' \
  --header 'authorization: Basic c3lzdGVtOm1hbmFnZXI='

Above request will query the events stored in API Portal with eventStatus in NEW or INPROGRESS.

Response

[
   {
      "executor":{
         "firstname":"...",
         "name":"...",
         "lastname":"...",
         "email":null,
         "id":"54b53072-540e-3eb8-b8e9-343e71f28176"
      },
      "source":{
         "id":"24fb4cc1-6424-11e9-4dec-022a4e57037e",
         "externalref":"5eb28550-eb38-4cd8-802e-9ff40de4a1a9"
      },
      "contextdata":{
         "consumer_appName":"App1",
         "consumer_appDesc":"",
         "api.id":"c.restObject.API-Portal.JPtMwWQkEelN7AIqTlcDfg.-1",
         "redirect_uris":[
            "https://api.portal.com:443/abs/apiportalext/v1/oauth2/callback"
         ],
         "tenant":"default"
      },
      "type":"REQUEST_ACCESS_TOKEN",
      "eventid":"3598aff1-6424-11e9-4dec-022a4e57037e",
      "status":"INPROGRESS",
      "creationdate":"2019-04-21 10:57:09"
   }
]

The response would contain an array of events stored in API Portal. An event would mainly contain 3 section

  • executor - basic info on the user who is performing the request.
  • source - the object on which the event is performed (API GUID in our case)
  • contextdata - the dynamic context information with respect to the event(mainly the user entered data - the app name/description/redirect uri)

Check point II (eventStatus=NEW)

If you see your application request is listed with eventStatus as NEW, this would mean the events are not delivered to API Gateway at all. There could be various possibilties for this

  1. API Gateway is not reachable from API Portal - Try reaching API Gateway system from API Portal machine(a simple ping would do)
  2. API Gateway authentication failure. - API Portal uses the username/password provided in the portal destination configuration to contact back to API Gateway. If there are changes in the username/passwords used for communication, then this would result in failure in communication. You can check the username configured for API Gatway in the API Providers view of API Portal.

Check point III (eventStatus=INPROGRESS)

If you see your application request is listed with eventStatus as INPROGRESS, this would mean the events are delivered to API Gateway and API gateway is processing.  

  1. Check whether you have any approvals enabled in API Gateway for application creation/updation/registration. If there are approval policies enabled, applications will be created in API Portal only after pending requests are cleared in API Gateway.
  2. If you do not have pending approvals, Check whether the application is created in API Gateway. If the application fails to create in API Gateway, then verify the server.log for any failures while provisioning application in API gateway
  3. IF you see application in API Gateway and still not visible in API Portal, check the API Gateway log for any failures in application publish failure. 

image.png