So, I've heard about request validator in API gateway.
Is it possible to validate request if it has atleast 1 parameter/querystring?
Example: Either name or id should be in the query string
https://something.domain.com/dev/employee?name=myname
https://something.domain.com/dev/employee?id=myid
Basically, what I want is that before a Lambda function is executed, this should consider these conditions first
SHOULD have a parameter
Either a name or an id should be in that parameter
API Gateway can perform the basic validation. For the basic validation, API Gateway verifies either or both of the following conditions:
The required request parameters in the URI, query string, and headers of an incoming request are included and non-blank.
The applicable request payload adheres to the configured JSON-Schema request model of the method.
To enable basic validation, you specify validation rules in a request validator, add the validator to the API's map of request validators, and assign the validator to individual API methods.
Please read documentation here
Related
router.post()
or
router.get()?
when I want to GET data based on a particular ID passed to the API
GET --> To get data
POST --> To create/update resource(s)
In your case you need to query some data based on user. What you can do is you can pass your user-id as a URL parameter or query parameter. It should be a GET request.
example:
Pass user-id as a URL parameter
[GET] https://www.example.com/api/v1/post/100
pass user-id as a query parameter
[GET] https://www.example.com/api/v1/post?user-id=100
I am trying to create rest request using Call Multipart form data REST API service in REST API toolkit. It requires apiURL, HTTPHEADER, PARAMETERtoPOST, httpMethod (using GET). I defined all the parameters(client id, client secret, response type (code), scope and response mode (query)) and httpheader - > Content -Type is application/x-www-form-urlencoded.
But in the response message I dont get the authcode even though when I create whole URL directly including parameters , I get the authcode but without Redirect URI. If I include redirect uri, it shows me that URI is not configured even though system admin for that showed me its configured.
So am I missing any parameters or anything else?
I have to send a request body (payload) from API Gateway to AWS Lambda. In that payload, I only need to send:
{
"path":"aaa"
"action":"xyz"
}
If someone passes any other parameter in the payload, it should not accept the payload and show an error message. Could somebody please help me with the logic?
For AWS API Gateway you can implement request validation using an OpenAPI template. The extension should work for both Rest and Http APIs.
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-request-validation.html
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-request-validator.html
For even more flexibility you could implement a Lambda authorizer which evaluates the body, but of course this leads to more costs as well:
https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html
Update
The link below is used to request token and refresh token depending on a field in the body:
http://example.com/token
1 Request a token
A field in the body: grant_type:password
Steps:
1 When the request arrives, APIM forwards it to 3rd party
2 Once APIM receives the reponse from 3rd party, it returns the result to its client.
We want to log data (url, response status code) for this url to Table Storage. Requet for the same url is not logged below:
2 Refresh the token
A field in the body: grant_type:refresh_token
Application Insight is used with APIM, I wonder if Table Storage is the best tool.
Is there built-in UI that is available for viewing data stored in Table Storage
Any information or link or code sample would be appreciated.
C#
VS 2017
APIM has a few ways to send data out of request processing pipeline:
send-request/send-one-way-request allows you to send an HTTP request, you're in charge of constructing request in HTTP terms: method, URL, headers, body.
log-to-eventhub allows you to send a message to EH. You can specify C# expression that produces message payload.
AppInsights integration will allow you to record client request, backend request, backend response, and client response for each request processed by APIM. You can configure it to log extra headers and part of body.
I'm using Azure AD to provide Oauth2 auth for an API. Setup & config seemed to work fine for me, but a partner pointed out that the Oauth2 token endpoint doesn't like inline parameters -- it wants params passed in the HTTP body instead.
Ex: this call returns AADSTS90014: The request body must contain the following parameter: 'grant_type':
https://login.microsoftonline.com/my tennant/oauth2/token?grant_type=client_credentials&client_id=theclientid&client_secret=thesecret&code=AUTHORIZATION_CODE'
But a post w/ the same params in the body as form data works just fine. I believe Oauth is supposed to supposed to support the parameterized call (as shown in google documentation).
Is there somewhere in Azure to configure the Oauth2 endpoint to accept token parameters as post params vs. sending in the form body?
he request body must contain the following parameter: 'grant_type':
Based on the response I would say you are setting the content-type header wrongly.
If you are posting this request : https://login.microsoftonline.com/my tennant/oauth2/token?grant_type=client_credentials&client_id=theclientid&client_secret=thesecret&code=AUTHORIZATION_CODE' ensure that you are setting the content-type as application/x-www-form-urlencoded.
If you are the parameters in the body set the content-type as application/json