Creating and configuring an API Proxy component

Create and configure an API Proxy component on the Build page to connect an external host to the Boomi API Gateway. During configuration, you define the server connection, select an authentication method for requests to the backend service, and optionally add custom headers and documentation.

Procedure

1. On the Build page in the Component Explorer, navigate to the folder where you want to create the component.

2. Click the arrow next to the folder.

3. Create New Component by choosing any of the following options:

   • Click and select New Component.

     Or

   • Click and select New Component.

   
   The Create Component dialog opens.

4. In Type, select API Proxy.

5. Click Create. The General tab opens. The component configuration panel appears on the General tab with the name you entered.

   a. In the API Type section, select the type of routing on the API Gateway — REST, SOAP, OData or GraphQL.

   b. Optional: Click Import OpenAPI Specification File. The Import OpenAPI Specification File wizard opens.

   • In the wizard’s first screen, select Import from a file or Import from a URL to determine the import method.

   • Click Next. In the next screen:

     • If importing from a file, click Choose a File and in the system file selection dialog, select the file to upload.

     • If importing from a URL, enter the External Service URL at which the file resides, and, if needed, enter the User Name and Password.

   • Click Next to select fields for importing.

     • In the Select Fields to Import screen, select all fields to import into your API Proxy and click Next.

     • In the Select API Server URL to Import screen, select the URL to import into your API Proxy and click Next.

   • In the Summary screen, verify that the fields are correct.

   • Click Finish to run the import request.

   The selected fields are imported, and you are returned to the General Tab of the component configuration panel.

   c. Enter values for Published API Title, Published Version Number, and, optionally, Published Description for the API that you are deploying.

   note

   If you imported an OpenAPI specification file (as mentioned in step 5(b.)) and selected the API_TITLE, API_VERSION, and API_DESCRIPTION fields for importing, then Published API Title, Published Version Number, and Published Description are automatically set with the values of API_TITLE, API_VERSION, and API_DESCRIPTION.

   d. In the Base API Path field, enter the base portion of the URL for requests to the API defined by the API object.

   The full URL is generated when the API Proxy component is deployed.

6. Click the Server tab.

   a. In the API Server URL field, enter the URL to which the API Gateway sends API service requests.

   note

   If you imported an OpenAPI specification file (as mentioned in step 5(b.)) and selected the API_URL field for importing, then API Server URL is automatically set with the value of API_URL.

   b. Optional: In the Health Check URL field, enter the URL to which API service heath checks can be sent.

   c. In Authentication Type, select the type of authentication used on the server on which the API service is hosted:

   • None — No authentication is applied.
   • Basic Authentication — Provide the required User Name and Password.
   • Pass-Through — The original authorization header is passed to the target endpoint.
   • OAuth 2.0 — The Gateway acquires a Bearer token from your identity provider using the client credentials grant type and injects it into each outgoing request. Provide the following:
     • In Issuer URL, enter the URL of the identity provider. Click Test Issuer URL to validate the URL. If the URL is invalid, the message "The url that you entered is invalid" appears below the field.
     • In Client ID, enter the client identifier you created in your identity provider.
     • In Client Credential, enter the client secret for the client created in your identity provider.
     • In Refresh Time (seconds), enter the interval, in seconds, at which the Gateway refreshes the access token. Set this value to match or be less than the token expiration configured at the identity provider.
     • In Scopes, enter at least one scope. Scopes determine the actions and resources accessible through third parties in the client credential flow. To add more scopes, click + Add Scope. To remove a scope, click the delete icon next to it.
     • Optional: By default, credentials are sent as an authorization header. Select Send client credential in body to send the client ID and client credential as form parameters in the body of the token request to the identity provider, instead of in the Authorization header. Enable this option only if your identity provider requires credentials in the request body. Note: This option applies only when OAuth 2.0 is selected as the Authentication Type.

   e. Optional: Select Forward original authorization header to forward the original authorization header in the X-Forwarded-Authorization header.

   f. Optional: In the Custom Headers section, specify custom headers included by the API Gateway in API service requests:

   1. Click Add Header.

   2. In the Key field, enter the header name.

      Header names can contain alphanumeric characters and special characters !#$%&'*+.^`~-_.

   3. Set the header value by doing one of the following:

      • To set an unencrypted value, enter it in the Value field.

      • To set an encrypted value, click Encrypt, click Click to Set, enter the Password, and click Apply.

      For each additional header name you are specifying, repeat steps 1–3.

7. Optional: Click Documentation tab. The Documentation tab opens.

   a. In Publisher, select an organization component to reuse publisher information across multiple API Service/Proxy components or trading partner components, and then click to add contact information of the selected organization.

   b. In Publisher Name, enter the name of the person or organization acting as the API publisher.

   note

   If you imported an OpenAPI specification file (as mentioned in step 5(b.)) and selected CONTACT_NAME, CONTACT_EMAIL, CONTACT_URL, LICENSE_NAME, LICENSE_URL, and TERMS_OF_SERVICE then Publisher Name, Publisher Email, Publisher URL, License Title, License Information, and Terms of Service are automatically set with the values of CONTACT_NAME, CONTACT_EMAIL, CONTACT_URL, LICENSE_NAME, LICENSE_URL, and TERMS_OF_SERVICE, respectively.

   c. In Publisher Email, enter the publisher's email address.

   d. In Publisher URL, enter the publisher's URL, including protocol, of the document containing the contact information of the publisher. Make sure you post this document to that URL before you deploy the API Proxy component.

   e. In License Title, enter the license title for the API.

   f. In License Information, enter the URL, including protocol, of the API license document. Make sure you post this document to that URL before you deploy the API Proxy component.

   g. In Terms of Service, enter the URL, including protocol, of the document containing the terms of service. Make sure you post this document to that URL before you deploy the API Proxy component.

8. Click Save or Save and Close.

Next steps

If you are ready to deploy the API Proxy component, after clicking Save, click Create Packaged Components. The Create Packaged Component wizard opens. Complete the steps in the wizard and click the Deploy button on the final confirmation message. Your component now appears in the list of packaged components in the Deploy > Packaged Components page, and in the list of deployed components on the Deploy > Deployments page.