APISIX
APISIX is a high-performance open-source API gateway designed for microservices and cloud-native applications. It offers dynamic routing, rate limiting, authentication, and traffic control features, ensuring efficient API management and scalability. APISIX is built on Nginx and Lua, providing flexibility and extensibility for modern development environments.
For the basic usage, you can access the above mentioned API Endpoints via your API Client. Authorization and Authentication is done using keycloak. The created Bearer Token has to be forwarded to APISIX as Authorization-Header.
9.1. Dashboard
For having a look on the currently provided endpoints in the API Management you can use the APISIX Dashboard. This is currently not integrated via OIDC-Login, so the credentials from the inventory must be used.
9.2. Upstreams and Route Configuration
Default upstreams and respective routes for the platform services are pre-defined during deployment. These include frost, geoserver, and stellio.
Additional routes can be added per upstream.
9.3. Authorization for API Routes using the OIDC Plugin
For each route, the required scopes are defined in the OIDC plugin. Three specific OIDC scopes are defined in keycloak by default:
apiwriteapireadapidelete
These scopes must be specified within the required_scopes array in the OIDC plugin editor:
Tokens are requested with a specific scope. APISIX will respect the requested scope when using the respective route.