- Reduce the amount and the time associated with the creation of boilerplate code. Engineers report a 30-40% decrease in development time
- Reuse the template for highly efficient publishing of API proxies (customizing as necessary)
- Recycle the code created by our Apigee experts to ship production code quickly and minimize the engineer learning curve
Engineers can leverage this proxy code and start building on top of the template to cater to some specific use-cases.
The proxy template helps with the below functionalities:-
- Authorization check
- Dynamically configure KVM and based on the config check, will throw a checked exception if the backend is under maintenance
- Validation of the quota – The quota is configured at the Apigee app level and is referenced in the proxy
- Prevents/blocks DDOS attack/rogue client/performance testing with the Spike Arrest policy
- Generates a correlation-id which is sent to the target server for end-to-end tracing
- Validates and sanitizes the incoming request and the CORS headers
- Logs metadata of the API to SIEM systems such as Loggly
- Prevents the authentication header (x-api-key) from reaching the backend that is sent by clients for proxy validation
- Throws a 404 method not found/implemented exception if none of the proxy paths match
- Reduces the OWASP Top 10 web application security risks
Let the proxy template be the foundation of that initial (or repetitive) proxy configuration and deployment, so you can focus on all the exciting stuff Apigee has to offer!
If you’d like to get in touch with the team behind this powerful open source template, or indeed contribute, please feel free to reach out at firstname.lastname@example.org
Watch this space for the next steps…
The next steps involve the full stroke where we intend to depict the usage of Ready API (from SmartBear) for functional, security, and load testing of Apigee Apis and fix the issues that surface.