Apigee API hub

The Apigee API hub connector lets you manage, discover, and govern APIs within your organization's portfolio.

Supported versions

This connector supports the Apigee API hub version v1.

Before you begin

  • In your Google Cloud project, do the following tasks:

    • Ensure that network connectivity is set up. For information about network patterns, see Network connectivity.
    • Grant the roles/connectors.admin IAM role to the user configuring the connector.
    • Enable the following services:
      • secretmanager.googleapis.com (Secret Manager API)
      • connectors.googleapis.com (Connectors API)

      To understand how to enable services, see Enabling services. If these services or permissions have not been enabled for your project previously, you are prompted to enable them when you configure the connector.

  • If you are using the service account authentication instead of OAuth 2.0 authentication, ensure that appropriate permissions are given to the service account. For more information, see Predefined IAM roles.

Create an Apigee API hub connection

A connection is specific to a data source. It means that if you have many data sources, you must create a separate connection for each data source. To create a connection, do the following:

  1. In the Cloud console, go to the Integration Connectors > Connections page and then select or create a Google Cloud project.

    Go to the Connections page

  2. Click + Create new to open the Create Connection page.
  3. In the Location section, select a location from the Region list and then click Next.

    For the list of all the supported regions, see Locations.

  4. In the Connection Details section, do the following:
    1. Select the Apigee API hub from the Connector list.
    2. Select a connector version from the Connector version list.
    3. In the Connection Name field, enter a name for the connection instance. The connection name can contain lower-case letters, numbers, or hyphens. The name must begin with a letter and end with a letter or number and the name must not exceed 49 characters.
    4. Optionally, enter a Description for the connection instance.
    5. Optionally, enable Cloud logging, and then select a log level. By default, the log level is set to Error.
    6. Service Account: Select a service account that has the required roles.
    7. (Optional) Configure the Connection node settings.
      • Minimum number of nodes: Enter the minimum number of connection nodes.
      • Maximum number of nodes: Enter the maximum number of connection nodes.

      A node is a unit (or replica) of a connection that processes transactions. More nodes are required to process more transactions for a connection and conversely, fewer nodes are required to process fewer transactions. To understand how the nodes affect your connector pricing, see Pricing for connection nodes. If you don't enter any values, by default the minimum nodes are set to 2 (for better availability) and the maximum nodes are set to 50.
    8. Click Next.
  5. In the Destinations section, enter details of the remote host (backend system) you want to connect to.
    1. In the Destination Type field, select a destination.
    2. In the Host address field, specify the hostname or IP address of the destination.

    3. Optionally, to enter additional destinations, click +ADD DESTINATION.

    4. Click Next.
  6. In the Authentication section, enter the authentication details.
    1. Select an Authentication type and enter the relevant details.

      The following authentication types are supported by the Apigee API hub connection:

      • OAuth 2.0 - Authorization code
      • Service account authentication

      2. To understand how to configure these authentication types, see Configure authentication.

    2. Click Next.
  7. Review your connection and authentication details, and then click Create.

Configure authentication

Enter the details based on the authentication you want to use.

  • OAuth 2.0 - Authorization code: Select this option to authenticate using a web-based user login flow. Specify the following details:
    • Client ID: The client ID required to connect to your backend Apigee API hub service.
    • Scopes: A comma-separated list of desired scopes. To view all the supported OAuth 2.0 scopes for your required Google service, see the relevant section in the OAuth 2.0 Scopes for Google APIs page.
    • Client secret: Select the Secret Manager secret. You must have created the Secret Manager secret prior to configuring this authorization.
    • Secret version: Secret Manager secret version for client secret.

    For the Authorization code authentication type, after creating the connection, you must authorize the connection.

  • Service account authentication: Select this option to authenticate using the service account that you provided in the preceding steps when configuring this connection. Ensure that you have provided the service account with the relevant IAM roles and permissions required for authentication.
    • Scopes: Select the required OAuth 2.0 scopes from the drop-down. For more information, see Access scopes.

Authorize the connection

If you use OAuth 2.0 - authorization code to authenticate the connection, complete the following tasks after you create the connection.

  1. In the Connections page, locate the newly created connection.

    Notice that the Status for the new connector will be Authorization required.

  2. Click Authorization required.

    This shows the Edit authorization pane.

  3. Copy the Redirect URI value to your external application.
  4. Verify the authorization details.
  5. Click Authorize.

    If the authorization is successful, the connection status will be set to Active in the Connections page.

Re-authorization for authorization code

If you are using Authorization code authentication type and have made any configuration changes in the Apigee API hub, you must re-authorize your Apigee API hub connection. To re-authorize a connection, perform the following steps:

  1. Click on the required connection in the Connections page.

    This opens the connection details page.

  2. Click Edit to edit the connection details.
  3. Verify the OAuth 2.0 - Authorization code details in the Authentication section.

    If required, make the necessary changes.

  4. Click Save. This takes you to the connection details page.
  5. Click Edit authorization in the Authentication section. This shows the Authorize pane.
  6. Click Authorize.

    If the authorization is successful, the connection status will be set to Active in the Connections page.

System limitations

The Apigee API hub connector can process a maximum of 20 transactions per second, per node, and throttles any transactions beyond this limit. By default, Integration Connectors allocates 2 nodes (for better availability) for a connection.

For information on the limits applicable to Integration Connectors, see Limits.

Use the Apigee API hub connection in an integration

After you create the connection, it becomes available in Application Integration. You can use the connection in an integration through the Connectors task.

Actions

This connector provides a layer of abstraction for the objects of the connected backend service. You can access the backend's objects only through this abstraction. The abstraction is exposed to you as actions. An Action is a first class function that is made available to the integration through the connector interface. An action lets you make changes to an entity or entities, and varies from connector to connector. However, it is possible that a connector doesn't support any action, in which case the Actions list will be empty.

Known issues

The Apigee API hub connector has configuration limits. Searchable resources are limited to 2.5 MB, and API specification files have a 10 MB limit. For more information, see Limits on Apigee API hub.

Get help from the Google Cloud community

You can post your questions and discuss this connector in the Google Cloud community at Cloud Forums.

What's next