Onesait Platform uses Gravitee as an advanced API Manager when advanced API management functionalities are needed. Until now we were using Gravitee version 1.X, but in this 5.3.0 release of the Platform, we have updated it to version 3.x.
Let’s see what’s new in Gravitee 3.
Publication of APIs as protocol mediation to MQTT, Kafka, gRPC, etc.
With the new version of Gravitee, you can expose APIs or entrypoints that serve as entry points to Kafka, MQTT or gRPC backends, among others.
For more detailed information about protocol mediation, be sure to take a look at the Gravitee documentation.
New Management User Interface
In the new API Manager management interface, improvements have been included in monitoring, logs, analytics and alarm management.
In the previous version of Gravitee, the panel for configuring policies looked like this:
In the new version, what is called “Policy Studio” has been developed, from where the policies for the different API paths will be configured from now on.
In addition, several policies that did not exist before have been included, for greater flexibility in the development:
Debug of requests
In the Policy Studio they have included a debug mode, to be able to make requests and to be able to observe the values of the request and the response to the API in all its phases. This is very practical since it allows to debug all the policies applied to an API.
New API Portal
In the new version, Gravitee has decoupled the API portal from the management interface, so that it has dedicated an interface in the form of an API Portal, with the end users of this Portal in mind.
This user interface is also customizable, to give it the style of your choice.
Integration of the Platform Realms and OAuth 2 security schemes
The Platform Realm concept has been related and integrated with the Gravitee application concept, in order to restrict access to APIs secured by JWT/OAuth 2 plans by client_id.
In this way, we will be able to secure the APIs published in Gravitee and restrict which Realms (or client by default onesaitplatform) have access to the API.
To do this we will have to enable the publication in Gravitee and the creation of a JWT/OAuth 2 Plan:
In the API edition, a new side tab will appear to further manage this security:
API changes are reflected in Gravitee
From now on, changes made to an API published in Gravitee, such as operations or Swagger, will be reflected in Gravitee.
Invocación desde Swagger con API Key y JWT
A change has been added to the Swagger APIs, so that they can be used with API Key security (internal APIs) and JWT/OAuth 2.
If you are interested in learning more about the implementation of Gravitee 3.x on the Onesait Platform API Manager, feel free to leave us a comment or send us a notice on our Onesait Platform support channel.
Header Image: EU-Startups