All Products
Search
Document Center

API Gateway:Overview

Last Updated:Oct 31, 2023

1. Usage notes

  • For each type of plug-in, only one plug-in of such type can be bound to an API.

  • You can bind a plug-in only to an API that is in the same region as the plug-in. Each user can create a maximum of 1000 plug-ins in each region.

  • Plug-in policies and APIs are separately managed. A plug-in policy takes effect only after you call the AttachPlugin operation to bind the plug-in to an API in a specified environment.

  • Before you bind a plug-in to an API, you must publish the API.

  • The binding, unbinding, and update of a plug-in take effect immediately. You do not need to re-publish an API. We recommend that you first test APIs that may pose high security risks.

  • If you unpublish an API, the bound plug-in is unbound. If you require the plug-in when you republish the API, you must bind the plug-in again.

  • If a plug-in is bound to a published API or an API that is unpublished but not deleted, you cannot delete the plug-in.

2. Plug-ins supported by API Gateway

This section provides links to references about the plug-in types supported by API Gateway.

3. Quick start

  • Log on to the API Gateway console. In the left-side navigation pane, choose Open API > Plug-ins.

image
  • On the Plug-in List page, click Create Plug-in. On the Create Plug-in page, follow the on-screen instructions to configure the parameters and click Create.

    image.png
  • After you create a plug-in, the plug-in appears on the Plug-in List page. Find the plug-in and click Bind API in the Actions column.

    image.png
  • The plug-in takes effect immediately after you bind it to an API.

4. API reference

You can call the following API operations to manage plug-ins in API Gateway:

  • CreatePlugin: creates a plug-in.

  • ModifyPlugin: modifies a plug-in.

  • DeletePlugin: deletes a plug-in.

  • DescribePlugins: queries a plug-in.

  • AttachPlugin: binds a plug-in to an API.

  • DetachPlugin: unbinds a plug-in from an API.

  • DescribePluginApis: queries the APIs to which a plug-in is bound.

  • DescirbePluginsByApi: queries the plug-ins that are bound to an API.

5. Limits

  • The metadata of a plug-in cannot exceed 50 KB in size.

  • Each Alibaba Cloud account can create a maximum of 1000 plug-ins in each region. Plug-ins created by the Resource Access Management (RAM) users that belong to the Alibaba Cloud account are counted against this quota.

  • The API debugging feature in the API Gateway console does not support plug-ins of the JWT authentication type. We recommend that you use Postman or run the curl command in the command-line interface (CLI) to debug the APIs to which JWT authentication plug-ins are bound.