API Connect

API Connect

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

Branding - Vanity API invocation endpoints in v10 Reserved Instance

By Mark Robson posted Thu October 13, 2022 11:00 AM

  
With APIC V10 Reserved Instance you can manage the hostname used for API Calls yourself through the IBM Cloud console without needing to open a support case.  

Configure Secrets Manager Service
  • If you don’t already have one, create a Secrets Manager instance
  • Ensure API Connect Reserved Instance is authorised through IAM to access this Secrets Manager instance.
  • Upload a certificate and private key to your Secrets Manager instance for DataPower to present for your hostname



Configure the SNI mapping for the gateway
  • Open your Reserved instance from the top-level item from the API Connect services list with the plan of ‘Reserved’
  • Select 'Gateways' and then click on the name of the gateway service you wish to configure the hostname against.
  • Select your Secrets Manager service from the drop down
  • Add the desired domain to the “Domains handled by gateway via SNI” section and select the certificate you uploaded and then Save.


Update your catalog to display the new vanity hostname
A vanity endpoint represents the endpoint by which an API is known externally; that is, the endpoint that is published to the Developer Portal and is used by an application developer to invoke the API.There are two options how the vanity hostname can be configured
  • API vanity endpoint Default behavior
  • API vanity endpoint V5 legacy behavior
If you wish to use the same hostname for multiple catalogs, using the URI path <porg>/<catalog> to determine which catalog's APIs to target then use “Default behavior”If you wish to use a unique hostname that goes directly to a specific catalog's APIs and does not require a URI path that contains <porg>/<catalog> then use “V5 legacy behavior”

Default behavior
  • Open the API Manager view for the provider org you wish to update and select ‘Manage Catalogs’
  • Select the catalog you wish to update, ‘Catalog settings’, ‘API endpoints’ and then Edit.
  • Tick the box “Default behavior”
  • Tick the box entitled ‘Display vanity endpoint’, select ‘Catalog priority’ and then add the new hostname URL including the URI <porg>/<catalog> to the list of base endpoints and click Save.


V5 legacy behavior
  • Open the API Manager view for the provider org you wish to update and select ‘Manage Catalogs’
  • Select the catalog you wish to update, ‘Catalog settings’, ‘API endpoints’ and then Edit.
  • Tick the box “v5 legacy behavior”
  • Tick the box entitled ‘Display vanity endpoint’, select ‘Catalog priority’ and then add the new hostname URL and from the drop down list the “Gateway URL”  and click Save


Ensure your DNS routes traffic to the gateway
The way you do this will differ, depending on your DNS provider, but you will need to create a CNAME record for the new hostname pointing to the hostname displayed under ‘Base URL of API invocation endpoint’ above the SNI mapping list.

2 comments
170 views

Permalink

https://community.ibm.com/community/user/blogs/mark-robson/2022/10/13/branding-vanity-api-invocation-endpoints-in-v10-ri

Comments

OM DEEKONDA
Mon January 06, 2025 01:10 AM

If customer don't have Secrets Manager service they can use "API Connect built-in certificate management" tool, and perform steps Step6a, Step6b, Step6c and Step6f to configure certificate/key.

Then proceed to perform steps Configure the SNI mapping for the gateway to configure custom DNS name and associate/map "TLS Server Profile" that was created above by selecting "API Connect built-in certificate management" option(instead Secrets Manager)

Abhyuday Pradhan
Thu October 13, 2022 12:39 PM

Thanks!