Issue:
Some of the API Gateway components like Identity Provider, Encapsulated Assertions, Policy Fragments, cluster-wide properties, stored passwords, private keys, etc. are consumed by many services configured on the gateway. When you try to edit any of these components, it is difficult to tell which APIs such changes will affect. Therefore, it is usually difficult to make changes to those shared components. If we can find out which APIs have a dependency on the target component, that can help you come up with a deployment plan and even design the changes to accommodate all affected APIs.
Solution:
The restman services on API Gateway provide search for dependencies of an API. This will give a list of shared components like Encapsulated Assertions, Identity Providers, etc. that this one API is depending on. However, it does not offer the search to find out which APIs are depending on certain shared components. The attached XML file is a dependency check service allowing you to identify which APIs are depending on certain shared components. This service utilizes restman service - it calls restman service in a most efficient way to get the result you need. Also, to avoid consuming too many resources on the gateway by calling restman service, you can choose to cache the result to avoid unnecessary duplicate searches. Optionally, you can choose to protect the service, rate and quota limit, and time availability.
How to Deploy Gateway Dependency Check Service:
1. Publish Restman service on gateway
Publish Internal Service
Choose Gateway REST Management Service and publish
2. Create an empty REST API on gateway
Service Name: Gateway Dependency Check Service
Gateway URL: https://<YOUR_GATEWAY_HOST>:<YOUR_GATEWAY_PORT>/dependency/check
3. Import attached XML file to your REST API
4. If your gateway restman service is available via different Hostname and port configuration, update the restmanHost and restmanPort context variables in the service. These variables are defined in “Init” folder.
5. If you have certain folders that you want to bypass in the search by default, you can add a cluster-wide property with Folder IDs separated by spaces.
This completes your deployment of Dependency Check service
How to use Gateway Dependency Check Service:
1. Open a browser and hit the following URL:
https://<YOUR_GATEWAY_HOST>:<YOUR_GATEWAY_PORT>/dependency/check?targetName=<NAME_OF_YOUR_TARGET_COMPONENT>
Example: https://test.example.com:8443/dependency/check?targetName=Internal Identity Provider
Provide API Gateway Admin credentials to access the service.
2. Optional Query Parameters:
| Parameter Name | Parameter Value | Description |
| targetName | Name of target components | This is a required parameter. Put the name of the components that you wish to check dependencies in a comma separated list. This is not case sensitive. |
| refresh | true/false
Default: false |
By default, the search result will be cached for 5 min. You can force to refresh it by set it to true. |
| overwriteQuota | true/false
Default: false |
By default, the service allows 10 calls per day to protect gateway itself. You can disable quota check by set it to true |
| overwriteAvailability | true/false
Default: false |
By default, the service can only be called during off hours to avoid affecting production traffic. (9 pm – 6 am local time) This can be disabled by set it to true |
| addToBlacklist | FolderIDs | By default, the service will pick up the bypass folders from cluster wide property, but you can also remove and folders from default blacklist dynamically with this parameter. |
| RemoveFromBlacklist | FolderIDs | By default, the service will pick up the bypass folders from cluster wide property, but you can also remove and folders from default blacklist dynamically with this parameter. |
| overwriteBlacklist | FolderIDs | By default, the service will pick up the bypass folders from cluster wide property, but you can also replace that list dynamically with this parameter. |
3. Example Result
