EFPF API Security Gateway User Guide
Accessing Service Registry via the API Security Gateway
The Data Spine Service Registry is accessible only through its secure proxy endpoint/route in the API Security Gateway.
The services/APIs registered in the Service Registry can be retrieved using the following endpoints:
- Latest info: Connection Details page
- EFPF Development environment:
https://efpf-security-portal.salzburgresearch.at/apis/sr/
- EFPF Testing environment:
https://ds-test.smecluster.com/apis/sr/
- EFPF Production environment:
https://efpf.smecluster.com/apis/sr/
ASG Importer periodically updates the API-Gateway with the service endpoints defined the Service Registry.
In order to access the GET endpoint, the user should have sr_view scope, and for other HTTP methods, the user should have the sr_admin scope.
In the current implementation, users with efpf_basic role can view (GET operation) the services registered in the Service Registry.
Note : Only the users with the efpf_sr_admin or efpf_admin role can perform the admin operations (Create/Update/Delete operations on the Service Registry).
The following examples primarily contain the endpoints from the EFPF Development environment. To replace these, refer to the Connection Details page
View Service Registry
- Get an access token for the user using the EFS Keycloak public client user-terminal
- EFPF Development environment
curl --location --request POST 'https://efpf-security-portal.salzburgresearch.at/auth/realms/master/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=user-terminal' \
--data-urlencode 'username=replace_this_with_your_email_id@example.org' \
--data-urlencode 'password=replace_this_with_your_password'
- EFPF Production environment
curl --location --request POST 'https://efpf.smecluster.com/auth/realms/efpf/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=user-terminal' \
--data-urlencode 'username=replace_this_with_your_email_id@example.org' \
--data-urlencode 'password=replace_this_with_your_password'
- Access the Service Registry: retrieve all services
curl -H 'Accept: application/json' -H "Authorization: Bearer replace_this_with_the_access_token" https://efpf-security-portal.salzburgresearch.at/apis/sr/
Example:
Create (Register)/Update/Delete a service from the Service Registry
- Get an access token for the user using the EFS Keycloak public client user-terminal
- EFPF Development environment
curl --location --request POST 'https://efpf-security-portal.salzburgresearch.at/auth/realms/master/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=user-terminal' \
--data-urlencode 'username=replace_this_with_your_email_id@example.org' \
--data-urlencode 'password=replace_this_with_your_password'
- EFPF Production environment
curl --location --request POST 'https://efpf.smecluster.com/auth/realms/efpf/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=user-terminal' \
--data-urlencode 'username=replace_this_with_your_email_id@example.org' \
--data-urlencode 'password=replace_this_with_your_password'
- Register a new service to the Service Registry with the custom id
test-service-1
or update an existing service with idtest-service-1
:
curl --location --request PUT 'https://efpf.smecluster.com/apis/sr/test-service-1' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer replace_this_with_token' \
--data-raw '{
"id": "test-service-1",
"type": "efpf.testservice",
"title": "Test Service from the EFPF platform",
"description": "Test Service from the EFPF platform to be used as an example in the Data Spine Service Registry Quickstart Guide.",
"meta": {},
"apis": [{
"id": "test-api-1",
"title": "Test API 1",
"description": "Some description",
"url": "https://ds-test.smecluster.com/p1/exp/",
"spec": {
"mediaType": "application/vnd.oai.openapi+json;version=3.0",
"url": "https://docs.efpf.linksmart.eu/projects/data-spine-nifi/apidoc/examples-swagger.json",
"schema": {}
},
"meta": {}
}],
"doc": "https://docs.efpf.linksmart.eu/swagger-ui/?url=https://docs.efpf.linksmart.eu/projects/data-spine-nifi/apidoc/examples-swagger.json",
"ttl": 600
}'
- Delete an existing service from the Service Registry
curl --location --request DELETE 'https://efpf.smecluster.com/apis/sr/test-service-id-3' \
--header 'Authorization: Bearer replace_this_with_token'
- Note : Only users with efpf_sr_admin can perform create/updates/delete operations on Service Registry
API Security Gateway (ASG) Documentation
Data Spine Service Registry User Documentation
- Data Spine Service Registry Overview
- Data Spine Service Registry Quickstart Guide
- Data Spine Service Registry User Guide