How to manage Apigee with NodeJs?

I’m new to this forum and I apologize in advance if this post doesn’t follow the forum rules.

I have a Firebase project (Google Cloud Auth, FireStore, Functions, and Storage) running Node.js. I’d like to add API support to make it easier for third-party developers to integrate or connect our project to theirs.

I’d like to use Apigee to manage the API I’m planning to create, and I’d really like to do it dynamically by programming it with Node.js.

I’ve done several searches online, but I haven’t been able to find an official Google Node.js module to create and manage API developers and products.

My goal is that if a connected client of the project wants to activate the API, I can retrieve this login information (Google Cloud Auth) and generate an Apigee developer account and API Key that encapsulates this information (email, first name, last name, and if possible, their ID) and save this information in Firestore.

  1. Is there a NodeJs module that allows this?

I have the Firebase Emulator Suite installed locally to test my project to avoid messing up in production, and I did the same for Apigee; I installed Apigee-emulator with Docker. This is to prevent Google Cloud from sending me a high invoice that I wouldn’t be able to pay.

  1. If such a NodeJs module exists, does it also allow me to connect to the local Apigee container of my Apigee emulator so that I can create and manipulate developers and products locally?

Hi, no Apigee doesn’t have an official nodejs module for managing APIs or testing APIs locally with the docker container. You can use a service account or a user token and use the Apigee API directly for creating a developer, app, etc.. see API docs here: Apigee API  |  Google Cloud. Here’s an example of a small Nodejs module that I sometimes use for automation, not complete but gives an idea: GitHub - open-portal-initiative/apigee-portal-module: A nodejs module for Apigee X open portals.

Just reach out in case of further questions!

2 Likes

Thank you very much @tyayers. The clarification was excellent, and I saw the Nodejs module code example. I’m going to play around with it and take advantage of the complexity of possibilities that arise from the long list of Apigee API requests.

I would like some clarification, if possible:

  1. What do you mean by “This product is available as a free trial for a period of 60 days”?

  2. Do I have to pay for the requests I plan to send to my own online container?

60 days wouldn’t be enough time for me to complete my tests. So I’d like to avoid a huge bill and finish all my tests locally before putting anything online.

  1. If requests to https://apihub.googleapis.com work with the online container, With https://127.0.0.1:8998, should my Apigee emulator normally respond to requests locally?

The Apigee APIs are preferred and useful for administrative tasks. Management Servers are not a part of Apigee runtime components and therefore, they may not be highly available. So question 3 above will not work.

It seems to me there will be 3 components. My backend service (A), Management Service [Apigee API] (B) and my online container [Apigee] (C).

For local development, I have Firebase emulator suite (A) and the apigee-emulator on docker (C). Is there a docker image for the Management service [Apigee API] (B) ?

The emulator has APIs that are different from the cloud ones, and is just for local testing with the VSCode extension, and not publicly documented. you can find some minimal info here: Apigee emulator API documentation .

1 Like

Thank you very much @tyayers. The answer is precise and I will look later if I need other information on API emulator but for the moment I have the information I wanted.

1 Like

@tyayers I would like to know if it is possible to generate a firebase token (Google Cloud Auth) from the developer information retrieved after apikey verification?

@tyayers I would like to limit the call of backend functions (Google Cloud Functions) to logged in users or only to my APIGEE project. Is it possible to do this?

Because I just realized that if my Target Endpoint can call my backend function without authorization, anyone who knows the function’s URL can do it too.

Hi, yes you can make Cloud Run only available through a private connection from Apigee, see docs here: https://cloud.google.com/run/docs/securing/private-networking and https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints#privately-connecting-apigee-to-backend-targets.

1 Like

Thank you very much @tyayers. The answer is precise.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.