API portal for VMware Tanzu supports deployments in both Kubernetes and Tanzu Application Service (TAS). This guide covers the specifics for TAS.
For any change in the API portal configuration, the application must be restarted.
cf restart APP_NAME
Modifying OpenAPI Source URL Locations
API portal for VMware Tanzu displays API Groups and detailed documentation from OpenAPI source URL locations in JSON format. To modify the OpenAPI source URL locations, edit application’s environment variable API_PORTAL_SOURCE_URLS
.
cf set-env APP_NAME API_PORTAL_SOURCE_URLS "https://petstore.swagger.io/v2/swagger.json, https://petstore3.swagger.io/api/v3/openapi.json"
Configure OpenAPI Source URLs Cache Time-to-live and Request Timeout
To improve performance and reduce traffic, API portal caches OpenAPI descriptors locally. The following options are available:
Environment Variable Key | Description | Default value |
---|---|---|
API_PORTAL_SOURCE_URLS_CACHE_TTL_SEC |
Time after which they will be refreshed (in seconds) | 300 sec |
API_PORTAL_SOURCE_URLS_TIMEOUT_SEC |
Timeout for remote OpenAPI retrieval (in seconds) | 10 sec |
For example, to modify the cache ttl to 2 minutes, and timeout to 1 minutes, you may run the following command:
cf set-env api-portal API_PORTAL_SOURCE_URLS_CACHE_TTL_SEC=120
cf set-env api-portal API_PORTAL_SOURCE_URLS_TIMEOUT_SEC=60
Configure Single Sign-On (SSO)
You will first need to have configure SSO on TAS. See the Single Sign‑On for VMware Tanzu
service instance for more details
Once you have set up SSO you will update your manifest.yaml
to make the following changes:
- Bind to the SSO service you have configured in your TAS environment. In the example below
my-sso-service
is used, but substitute in the name of the SSO Service you configured. - Replace
-Dsso.enabled=false
with-Dsso.user-name-attribute=user_name
. Replaceuser_name
with the sso attribute for your provider that contains the username you want displayed in the upper right hand corner of API Portal. (If using UAA leave it asuser_name
)
---
applications:
- name: api-portal
buildpacks:
- java_buildpack_offline
services:
- my-sso-service
env:
JAVA_OPTS: '-Dsso.user-name-attribute=user_name'
JBP_CONFIG_OPEN_JDK_JRE: '{ "jre": { version: 17.+ } }'
Spring Cloud Gateway CORS Configuration and Self-signed Cert Configuration
In order for API portal for VMware Tanzu to support trying out APIs in the web browser, the OpenAPI locations provided in API_PORTAL_SOURCE_URLS
must allow CORS access from the API portal URL. In the case of Spring Cloud Gateway, their CORS configuration must be configured to allow this access. Please review the documentation for CORS configuration for the Spring Cloud Gateway product you are using:
In case the OpenAPI server url uses self-signed certs, you might need to do the following steps for your system to trust the cert and use some features on API portal.
In MacOS:
- Open the server URL in a new Safari tab
- In the dialogue, click “Visit site anyway” and enter password
- The self-signed cert will now be imported into Safari and try it out works
Read more here: Source link