Scribd Logo
Upload

Welcome to Scribd!

  • 16 views

    Text

    Uploaded by

    warowic
    This document discusses deploying APIs on Cloud Endpoints and API Gateway and securing them. It explains that Cloud Endpoints is user-managed while API Gateway is fully managed. API Gateway can route requests to multiple backends while Cloud Endpoints can only route to a single backend. It also discusses OAuth and provides client ID and secret for authentication. Finally, it outlines the steps to create an API endpoint in AppEngine that returns a user's email using OAuth authentication.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Text

    Uploaded by

    warowic
    16 views2 pages
    This document discusses deploying APIs on Cloud Endpoints and API Gateway and securing them. It explains that Cloud Endpoints is user-managed while API Gateway is fully managed. API Gateway can route requests to multiple backends while Cloud Endpoints can only route to a single backend. It also discusses OAuth and provides client ID and secret for authentication. Finally, it outlines the steps to create an API endpoint in AppEngine that returns a user's email using OAuth authentication.

    Original Description:

    Original Title

    text

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses deploying APIs on Cloud Endpoints and API Gateway and securing them. It explains that Cloud Endpoints is user-managed while API Gateway is fully managed. API Gateway can route requests to multiple backends while Cloud Endpoints can only route to a single backend. It also discusses OAuth and provides client ID and secret for authentication. Finally, it outlines the steps to create an API endpoint in AppEngine that returns a user's email using OAuth authentication.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    16 views2 pages

    Text

    Uploaded by

    warowic
    This document discusses deploying APIs on Cloud Endpoints and API Gateway and securing them. It explains that Cloud Endpoints is user-managed while API Gateway is fully managed. API Gateway can route requests to multiple backends while Cloud Endpoints can only route to a single backend. It also discusses OAuth and provides client ID and secret for authentication. Finally, it outlines the steps to create an API endpoint in AppEngine that returns a user's email using OAuth authentication.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 2

    In this lab, you will be deploying your APIs on Cloud Endpoints and API Gateway and

    then securing both of the APIs.


    Both these services are used to create and manage the APIs but API Gateway is
    newer.

    HOW IS CLOUD ENDPOINTS DIFFERENT FROM API GATEWAY?

    --> Cloud Endpoints is a user-managed service whereas API Gateway is a fully


    managed service.

    --> Both support the same OpenAPI definition format.


    The main difference is that API Gateway can route a request to multiple backends,
    but Cloud Endpoints can route traffic only to a single backend. API Gateway can do
    anything that Cloud Endpoints can do but vice versa is not always true.

    -->Another notable difference is the processing of the host property in Open API
    definitions:

    > In Cloud Endpoints, it is mandatory and is set to the hostname part of the
    URL.
    For e.g. .appspot.com

    > In API Gateway, it is not mandatory, the host property can be deleted or
    left blank or it is set to the DNS Name of the deployed API.

    Google Cloud Platform


    3 ways to manage resouces in GCP:-
    > Google cloud console
    > API
    > gcloud CLI

    WHAT IS OAuth?
    [OAuth (Open Authorization) is an open standard that allows a user to grant access
    to their details on a third-party application with Google sign-in feature, without
    having to expose their credentials to the application.
    For example, when a user signs up using Google, upon signing up, Google responds
    with an access token that is stored with Google and your application. Whenever the
    user tries to log in to the application, a request is made to Google along with the
    access token to verify the authenticity and validity of the token, upon
    verification, Google responds with the requested data. Google never sends the
    user's details back to the application. It only sends the details that are
    specified in the scopes.]

    Client ID: 714394623391-duu6v8mqtgv9ret2u1updmcuhbcfhint.apps.googleusercontent.com


    Client Secret: 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

    Service configuration: 2023-03-23r0

    defaultHostname: ca-gateway-az9axqye.uc.gateway.dev

    Lab Steps:
    ----------
    1. Login to GCP
    2. Creating a Client Application for Google Authentication --- Configure OAuth
    Client ID
    (console > APIs and Services > OAuth Consent Screen)
    3. Configuring and Deploying the API Endpoints to the AppEngine --- Create a python
    application to define endpoints and the underlying method for Cloud Endpoints that
    will return the user's email id

    # Step 3:
    CONFIGURING AND DEPLOYING THE API ENDPOINTS TO THE AppEngine
    - INTRODUCTION: An API Endpoint is simply one end of a communication channel. When
    one application needs to communicate with another over the network, it has to hit
    the endpoint URL to consume the API. Inside the endpoint, you have to define the
    method that you need to call. Irrespective of the technology stack, both the
    application and APIs can communicate.

    You might also like