A Quick Look at the Revamped API Management Module and Developer Portal in NGINX Controller 3.7

Since we announced NGINX Controller 3.0 in late January, we’ve maintained a steady cadence of releases and have now reached release 3.7. It introduces a comprehensive set of enhancements to the API Management Module and the general availability of the Developer Portal.

New GUI for API Definition

Release 3.7 introduces a wholly redesigned workflow for API definition that extends Controller’s application‑centric model to API management. Here we illustrate the process with a sample app called Sports which fans access from their mobile devices to get sports scores in real time.

We begin by creating development and production Environments for the Sports app.

We create an App object for the Sports app in both the development and production Environments.

We define an API called sports-dev-api-def in the development Environment.

We designate an OpenID Connect identity provider (IdP) called sports-dev-idp in the development Environment to provide authentication credentials in JSON Web Token (JWT) format.

New API Lifecycle Management Settings

With NGINX Controller 3.7, we are introducing a whole new slate of API lifecycle management features, including:

You can now specify versions for your API definitions and publish multiple versions of each API at the same time. The screenshot shows details about two versions of the sports-dev-api-def API.
It’s easier than ever to import OpenAPI specs when creating a new API definition via the new API Definition interface.

New API Security Settings

Release 3.7 introduces two API security features our users have been looking forward to – per‑URI access control and JSON‑formatted error messages.

Per-URI Access Control

You can now define conditional access policies per URI, including rate limit throttling, burst support, and OpenID Connect identity provider (IdP) authentication options (with current support for JWTs and API keys).

In this example, client requests are limited to 100 per minute. Excess requests are rejected immediately with status code 429 Too Many Requests.

In this example, we allow access only to administrators (users with a JWT in which the role claim has value admin).

In this example, we specify which HTTP methods users may execute on specific URIs.

JSON Error Messages

HTML errors are great for websites, but JSON errors are better for APIs. In this example, we specify JSON as the format for error messages when the API fails.

With this configuration, the following JSON is returned for an unauthorized API call:

{
  status: 403,
  message: "Forbidden"
}

Designed for DevOps

With Controller, you can integrate all phases of the API lifecycle – definition, publication, gateway configuration for traffic management, and monitoring – into DevOps workflows using APIs. Integrating API management into your CI/CD pipeline this way can help you accelerate API release velocity.

The screenshot shows the JSON payload generated by Controller to represent the API definition for the Sports app in the development Environment. If you click the Submit button, Controller makes the indicated POST call to deploy the API definition. Alternatively, you can submit the payload with an API call within your CI/CD workflow.

New Developer Portal Experience

In Release 3.7 the NGINX Controller Developer Portal exits preview mode and becomes generally available.

For maximum flexibility, you can host the Developer Portal on any NGINX Plus server – the same server as the API gateway to maximize capacity utilization, or a logically separated server for improved availability and performance. Similarly, the Developer Portal doesn’t have to be located in the same environment as the API gateway – the portal can be in AWS and the API gateway on premises, for example.

With NGINX Controller’s Developer Portal, you can quickly generate documentation and sample code for all your published APIs, for rapid onboarding of developers who consume your APIs.

The new GUI for creating a Developer Portal makes the process easier than ever. You can customize the look and feel of the portal by including product logos and setting colors and font, as shown in the following screenshots: