Build an API using AWS API Gateway & Dell Boomi - Step 2

Introduction:

Hi All, this is a continuation of my two-part blog which started with Build an API using AWS API Gateway & Dell Boomi - Step 1. We already have our Dell Boomi processes up and running. Now let us integrate these processes with AWS API Gateway to make our API more secure and resistive. 

To be consistent I will start the Step number from where I have ended in my earlier blog. 

So, without any further ado, let us get started with the API building.

Prerequisites:

• Completion of Step 1 Dell Boomi API.

Step 8: Import this API into AWS API Gateway.

Our next step is to import this API in the AWS API Gateway so that we can add policies and securities into our API. For this, we have to log into the AWS Console and search for API Gateway. There should be 4 options, select REST API, and we will click on build.

In the API Page we would choose the protocol as REST and in the Create new API, we will select New API. We will add the name and description from our API that we have defined in the Swagger and finally click on Create API.

At this point, we will get an empty API Page, where we can manually create our API. However, we would just import the Swagger that we have created earlier. We have to clock on Actions > Import API and then click Select Swagger File and select the swagger file if we have already saved the file earlier or simply copy and paste the swagger here and then select import.

And voila. We have our API Specification ready in AWS API Gateway. 

Now the next step would be to create our backend. So, let us switch over to some Dell Boomi now.

Step 9: Set up the Integration for Get Job.

Let us again start with our Get Job API endpoint. We have to click on the GET in the resources under the {jobCode}, then select HTTP as Integration type, fill the Endpoint URL with the Boomi URL we already have from our previous blog. Remember to fill the URI parameter. {jobCode} to pass the data from AWS HTTP endpoint to the Boomi HTTP endpoint. And then finally click Save.

Once we complete our Save, we should see a screen showing the Integration between the AWS API Gateway and our backend HTTP Server.

This will make the connection between our AWS API Gateway to the Dell BOOMI API; however, we are still missing the authorization header. For this, we will clock on the Integration Request in the summary page above and fill up the HTTP Headers. I will fill it up directly with an Authorization header and the already encrypted header key that we can take from Postman or any other Basic Auth Header generator.

We can now click back on the Method Execution to go back to the Summary page and then Test our Integration by pressing the Test button. We will then fill up the Job Code in the Path and we should click on the Test button to see the response from Dell Boomi here.

Step 10: Set up the Integration for Post Job.

Just like we set up our integration for the Get Job, we will now set up the Integration for the Post Job. Once again, we will have to go over to the Resource View and click on the POST below the job. Select HTTP as Integration type, fill the Endpoint URL with the Boomi URL we already have. Remember in this case, we do not have any URL parameter, so there should be a static URL of POST.

We should also fill up the HTTP header with the authorization headers as we did in case of or get API. 

Map HTTP response 200 2 it WS HTTP response 201. 

When we developed our processes in Dell Boomi, we build it to return a 200-Successful response for our Post resources. However, according to our swagger, we expect our AWS API gateway to return a 201-Created response in case of the post endpoints. So, we should map the response from Dell Boomi to the AWS API gateway to get a 201 response as expected. 

For that, we have to click on the Integration Response option and then map the HTTP Response 200 to Method Response 201. Note, that based on our Swagger, Method Response 201, 403, and 500 are already defined. 

We will also create a mapping from 500 HTTP Status to 500 Method Response.

Now, if we can go back to the Summary page and fire a test with the necessary body, we should see the 201 response from our API.

Step 11: Repeat the steps for Get and Post Employee

We will have to repeat the exact steps for the Get and the Post endpoints on our employee resource to complete all the necessary integration between our AWS API endpoints and our Dell Boomi processes.

Step 12: Set up Authentication on AWS API Gateway

Now that our API Gateway is up and running, let us set up Client Authentication for our API. We would want to have some kind of rate limiter on our API for throttling as well. For this, there are a few steps that we would have to follow. Let us go through them.

Update our API to be secured

The first step is to go to individual endpoints and change the settings in the Method Request. For that we would click on an endpoint like GET under {jobCode}, Click on Method Request and then change the Request Validator to Validate body, query string parameters, and headers and the API Key Required field to true respectively.

We would repeat this task for all of our 4 endpoints.

Create API Key 

The next step is to create a new API Key, On the Left Menu, we should find an option called API Key. We would create a new API Key, which should be available under the Action Menu. 

Create usage Plan

After the API Key, we would create a Usage Plan so that we can enable throttling on our API. We can add our Usage Plan again from the Left Menu. I will set up a basic Usage Plan with some throttling rate, burst, and quota.

Deploy our API

The next step will be to deploy our API in a stage. Let us create a Stage called test and deploy our API in that stage. Stages are similar to environments in other technology. To do this we will navigate to the Resource Menu of our API, Click on Action and then select Deploy API. 

Connect All of Them

Finally let us connect our Deployment, the API key, and our Usage Plan to make sure our API is secured. For this, we will click on the Usage Plans in the Left Menu and then select Basic Usage Plan, Add API Stage, and Add the API Key we have earlier created.

Step Last: Test our API

Now that we have connected everything, let us test our endpoint from Postman to see, how it behaves. We should get the Endpoint to invoke the URL by selecting the stages or any of the endpoints in the test Stage.

We should add a header called x-api-key with the value of the API Key we have created earlier.

In case, we make the call with a bad API Key, we will get an Unauthorized error.

Once again, I thank all of you for your interest in my blog. Please do let me know what you think of if you follow these steps. Feel free to ask me if you need help with anything else.