Communicating between a Drupal-based portal and Edge

You're viewing Apigee Edge documentation.
Go to the Apigee X documentation.
info

The Developer Services portal acts as a client for Apigee Edge. That means the portal does not function as a stand-alone system. Instead, much of the information used by the portal is actually stored on Edge. When necessary, the portal makes an HTTP or HTTPS request to retrieve information from Edge or to send information to Edge.

Edge does not make requests to the portal, it only responds to requests made from the portal. Therefore, all interactions between the portal and Edge are initiated by the portal.

Configure the connection between the portal and Edge

There are three pieces of information that the portal needs to communicate with Edge, as noted below.

  • URL of the Edge endpoint

    The default endpoint for the cloud-based version of Edge is https://api.enterprise.apigee.com/v1.

    For Private Cloud installation, the URL is in the form: http://EdgePrivateCloudIp:8080/v1 or https://EdgePrivateCloudIp:TLSport/v1.

    Where EdgePrivateCloudIp is the IP address of the Edge Management Server server and TLSport is the TLS/SSL port for the Edge management API. For example, 8443.
  • Apigee organization name

    This is the name of your organization on Edge. You set up the organization when you create your account on Edge.
  • Username and password of a developer administrator

    The calls from the portal to Edge are authenticated and require a user with Developer Administrator privileges. When a Developer Portal is provisioned for you, the Developer Administrator role is added to your organization. This role, which includes a single user called devadmin+{org_name}@apigee.com, is solely for the purpose of connecting your Developer Portal to your Edge organization. Because the portal displays your Edge developer apps, API products, and so on, it must stay in sync with your Edge organization by making management API calls that require authentication. The devadmin "user" has the necessary permissions.

To view the connection information:

  1. In the Drupal administration menu, select Configuration > Dev Portal > Application Settings.

To change the configuration:

How you change the configuration depends on your portal installation and portal version:

  • Cloud-based installation of portal version 15.01.06 and later: You must make a request to Apigee Edge Support to change the connection information. For example, if you want to change the name of the organization.
  • On-premises installation and cloud-based portal previous to version 15.01.06: Change the connection information as described below:
  1. In the Drupal administration menu, select Configuration > Dev Portal Settings.
  2. Enter your organization name in Management API Organization.
  3. Enter the URL of the Edge endpoint in Management API Endpoint URL.
  4. Enter the organization administrator credentials in Endpoint Authenticated User and Authenticated User's Password.
  5. Select Test Connection to make sure the connection is successful.
  6. Select Save Configuration.

Ensuring access to Edge from the portal

Because much of the information used by the portal is stored on Edge, you must ensure that the portal can access Edge. The portal initiates communication with Edge by making REST requests over HTTP and HTTPS. For example, when a developer registers a new app on the portal, the portal makes a request to Edge to send information about the app to Edge.

Both Edge and the portal can be deployed in the cloud or on prem, and you can mix deployments types. For example, you can deploy both in the cloud, both on prem, or deploy one in the cloud and one on prem:

  • If both the portal and Edge are deployed by Apigee in the cloud, then there should be no issues in making requests from the portal to Edge.
  • If you deploy the portal on prem, then you must ensure that the portal can make requests to Edge, regardless of whether Edge is deployed in the cloud or on prem.
  • If you deploy Edge on prem, then you must ensure that the portal has access to Edge. That means your Edge server must accept requests from the portal regardless of whether the portal is deployed in the cloud or on prem.

Video: Watch a short video to learn more about how the developer portal communicates with Apigee Edge and to ensure that the connection is working.

Managing apps and API keys from the portal

When the developer completes the app registration process on the portal, the portal sends information about the app to Edge, including the app name and the API products associated with the app.

If Edge successfully registers the app, Edge returns a single API key to the portal. The developer then uses that API key to access the API products associated with the app.

No information about apps and API keys is actually stored on the portal. Instead, all of that information is stored on Edge. Therefore, any time a developer uses the portal to view information about an app, the portal makes a request to Edge to access that information. Any time the developer modifies an app, the portal automatically sends those modifications to Edge.

For example, a developer logs in to the portal and navigates to their My Apps page. To populate the My Apps page, the portal makes a request to Edge to retrieve information about the developer's apps and API keys. That information then appears on the developer's My Apps page in the portal:

If the developer then adds, removes, or modifies an app, the portal sends those modifications to Edge.

Because all information about apps and API keys is stored on Edge, an Edge administrator can manipulate that information by using the Edge UI. For example, an administrator can:

  • Add, remove, or modify a developer's app
  • Revoke or approve an API key for an app

Shown below is the same app, the 'My Weather App', as it appears to an administrator on the Edge UI:

Managing developers from the portal

When a developer registers as a new portal user, the developer is created on Edge and on the portal. Therefore, unlike apps and API keys, information about developers is actually stored on both Edge and the portal.

The developer information stored on Edge includes:

  • First name
  • Last name
  • Email address
  • Optional additional information sent from the portal

The portal stores the same information as Edge, but it also stores additional information, including:

  • Portal password
  • Portal account status: active or blocked
  • Portal role: authenticated user, administrator, other
  • Role based permissions: determine the actions the developer is allowed to perform on the portal

When a developer logs in to the portal, it is the portal that is responsible for authenticating the developer and for enforcing role-based permissions.

Because the portal stores all of the information about a developer, consider the portal as the system of record for developer information, not Edge. When the developer modifies their information on the portal, that information is stored on the portal and, if applicable, sent to Edge. For example, if the developer changes their first name, that information is sent to Edge. But if the developer changes their password, that information is only stored locally on the portal.

For more information, see Add and manage user accounts.

Synchronizing app developers between the portal and Edge

Edge does not initiate communication with the portal. If you, as an Edge administrator, manipulate information about a developer in the Edge UI, there is no guarantee when that information will be pushed down to the portal. Therefore, use the administration features of the portal to create, modify, and delete developers, not Edge.

A portal administrator can force a sync between the portal and Edge to download information to the portal from Edge. However, if you only modify developers on the portal and not on Edge, you should never have to perform this sync. Additionally, because Edge does not let you set a password when you create a developer, any developer created on Edge has their portal password set to a random value. Therefore, the developer must go through the password recovery process before they can log in to the portal.

To synchronize the portal with app developers on Edge

:
  • Log in to your portal as a user with admin or content creation privileges.
  • Select People in the Drupal administration menu.
  • Select the Dev Portal Developer Sync button at the top of the page to synchronize with the app developers on Edge.