APIs

Request APIs

Request APIs provide ability to communicate with micro-services, where an executor responsible for the given channel sends the request and returns response to the caller.

The method of request (e.g. GET vs POST) is used only by some executors (e.g. CRUDExecutor), whereas the others treat all methods the same (e.g. KafkaExecutor).

For all requests, certain details can be provided through headers or cookies:

• Origin: Identifies the source of a request (such as application, user geolocation), and can be populated using:

  • "Rierino-Origin" Header: As base64 encoded Json string

  • "Rierino-Origin" Cookie: As base64 encoded Json string

  • "User-Agent" Header: Sets origin.agent

  • "Referrer" Header: Sets origin.referrer

  • "X-Forwarded-For", "Forwarded" Headers, Request Address: Sets origin.ip

• Auth: Provides authentication details (such as credentials, api key or tokens), and can be populated using:

  • "Rierino-Auth.[parameter]" Header: Sets auth.parameter

  • "Rierino-Auth.[parameter]" Cookie: Sets auth.parameter

  • "Bearer" Authorization Header: As base64 encoded Json string prefixed with "base64="

  • "Bearer" Authorization Header: As comma separated "parameter:value,parameter:value" pairs prefixed with "multi="

  • "Basic" Authorization Header: As base64 encoded username:password parameters

  • "[parameter]" Authorization Header: Sets auth.parameter where comma separated "parameter value, parameter value" pairs are allowed

Auth APIs

Auth APIs coordinate authentication flows with authentication servers across different gateway channels.

Tracker APIs

Tracker APIs provide ability to post front-end traffic data, in case back-end tracking is not possible for a specific use case. Example uses include front-end or CDN caching of API responses, front-end events that do not require API calls (such as widget interactions) or Rierino platform integration with other back-end modules that do not provide tracking capabilities.

File APIs

File APIs provide ability to interact with file system services, listing, uploading and deleting files, typically used for export/import operations. For all APIs, user authentication is done using headers and cookies similar to other gateway APIs. All APIs also have a api/file/sudo/* version, which allows root level access to a file system for admin users.

Control APIs

Control APIs provide ability to query and refresh gateway components (system, channel, service, token) in real-time.

Command APIs

Command APIs provide ability to centrally issue commands to all runners for their administration. All commands are processed and responded to in an async manner, so their acknowledgement and results are typically reported using a separate API request.

Similar to events, commands also have request metadata, which is enriched using same approach as gateway APIs, with headers and cookies for authentication. Users need to have roles specified for gateway services used by commands to be able to issue them.

Message APIs

Message APIs provide ability to send messages to any Kafka service and topic for adhoc use cases.

Messages are authenticated using request metadata generated from headers and cookies of the request. Users need to have roles specified for the gateway service specified to be able to send messages.