API

API is some pre-defined functions. The application encapsulates its own service capabilities and is also the smallest management unit in the API gateway. The API in the gateway includes basic information, API request information, API backend service information, and return result information, etc.

API group

API group is a collection of the same management API. API developers use API group as a unit to manage all APIs in the group. In the group dimension, it can manage domain names, environment variables, models, etc.

Environment

The environment is used to define different states in the API lifecycle management process, and the API can be released to different custom environments. In order to facilitate the management of the life cycle of the API, the API gateway defines the restricted use range of the API. This restricted use range is called the environment, such as the API test environment and development environment, etc.

Traffic control

Traffic control supports limiting the number of API calls from different dimensions such as users, applications, IP addresses, and time periods to protect backend services. Supports traffic control at the granular level by minute/second.

Application

The application (APP) defines the identity of an API caller. One API can be authorized to multiple applications, or multiple APIs can be authorized to the same application.

Signing key

The signature key is composed of a pair of AK (App Key) and SK (Secret key). It is used for the backend service to verify the identity of the request. When the API gateway sends a request to the backend service, it ensures the security of the backend service.
After the AK/SK is bound to the API, when the API gateway sends a request for this API to the backend service, it will add the corresponding signature verification content. Then, the backend service will sign in the same way and get the signature result. If the signatures are consistent, it can be proved that the API request is indeed from the API gateway, and the request is passed.

Backend access type

The API gateway can access a variety of backend resources, including access to instance resources, function computing, and virtual private cloud.

Examples: backend resource address, support http/https protocol access, support multiple backend addresses.
Cloud Function Compute (CFC): Access the backend functions through the function BRN to help users protect the security of the function backend addresses.
Virtual Private Cloud (VPC): To access the services deployed in the VPC through the VPC channel, you can use the API gateway to open the backend services deployed in the VPC to third-party users.