Tuesday, August 2, 2016

[WSO2 APIM] How to Retrieve Information about an API call, using a Custom Sequence

Most of the time when you call an API, you need to send user information to the backend service. The usual way to do that is with JWT tokens. There are API Manager docs on how to do that.

But if you want to send just few data values for one or two APIs only, you can write a simple custom sequence and attach it to the APIs.

Here is a sample sequence. Here we're creating 2 transport headers for username and API name, which are to be sent to backend.

 
    <sequence xmlns="http://ws.apache.org/ns/synapse" name="admin--Temp:v1.0.0--In">  
          <property name="UserName" scope="transport" expression="$ctx:api.ut.userName"/>  
          <property name="ApiName" scope="transport" expression="$ctx:API_NAME"/>  
          <log level="custom">  
              <property name="User" expression="$trp:UserName"/>  
              <property name="API" expression="$trp:ApiName"/>  
          </log>  
     </sequence>
  

Here is a list of information you can retrieve in above manner. Sample data for each key is given inside brackets.
  • API_NAME (eg: MyAPI)
  • AM_KEY_TYPE (eg: PRODUCTION)
  • REST_SUB_REQUEST_PATH (eg: /resource/pathparam)
  • SYNAPSE_REST_API (eg: admin--Temp:v1.0.0)
  • SYNAPSE_REST_API_VERSION (eg: 1.0.0)
  • TRANSPORT_IN_NAME (eg: https)
  • REST_API_CONTEXT (eg: /context/1.0.0)
  • API_ELECTED_RESOURCE (eg: /resource/{playerId})
  • REST_FULL_REQUEST_PATH (eg: /context/1.0.0/resource/pathparam)
  • api.ut.HTTP_METHOD (eg: GET)
  • api.ut.application.name (eg: DefaultApplication)
  • api.ut.apiPublisher (eg: admin@carbon.super)
  • api.ut.userId (eg: bhathiya@carbon.super)
  • api.ut.consumerKey (eg: 1IVxJBSKeo793IUYk4EtwvZv8eUa)
  • api.ut.userName (eg: bhathiya@carbon.super)
  • api.ut.application.id (eg: 1)
  • api.ut.hostName (eg: 10.100.0.119)
  • uri.var.playerId (eg: pathparam)

EXTRA:

Following throttling related information can be retrieved in _throttle_out_handler_.xml

  • THROTTLED_OUT_REASON (eg. APPLICATION_LIMIT_EXCEEDED)
  • ERROR_CODE (eg. 900803)
  • ERROR_MESSAGE (eg. Message throttled out)
  • NEXT_ACCESS_TIME (eg. 1523883780000)
  • BLOCKED_REASON (eg. Request blocked as it violates defined blocking conditions)


7 comments:

  1. Hi Bharathiya,
    am able to get APIName but not userName , Please reply how to get userName .

    ReplyDelete
    Replies
    1. Is it empty?
      What is the grant type you used to generate the token to access this API?

      Delete
  2. thanks it is working , but I want to get scimId , is it possible? please help

    ReplyDelete
    Replies
    1. You need to call these SCIM APIs for that.

      https://docs.wso2.com/display/IS530/SCIM+APIs

      for example, you can search users like this.

      curl -k --user admin:admin 'https://localhost:9443/wso2/scim/Users?filter=username+eq+alice'

      Delete


  3. Hi

    Below is not working like this am trying to scim id fromn jwt token

    ReplyDelete
  4. What about logging throttling metadata / ploicies ? Thanks

    ReplyDelete
    Replies
    1. You can access throttling related information when a request is throttled out. But custom sequnces are not invoked in that case. Therefore, you can access those information in '_throttle_out_handler_.xml'. Updated the post with details.

      Delete