API Configuration
The configuration keys for the FintechOS Platform APIs are stored in the Configuration Manager at the <kvSecretsEngine>/<environmentName>/<apiAppName> path. Here, you can use the following secrets to configure the APIs.
FtosOpenApi
Copy
{
"CachingTimeoutMinutes": "60",
"FtosPortalUrl": "https://www.myDomain.com/portal/api/",
"HttpRetryCounts": "3",
"HttpRetryInitialDelaySeconds": "1",
"HttpTimeoutSeconds": "120",
"IdentityProvider": "Keycloak",
"LogRequestsAndResponses": "false"
}| Key Path | Key Name | Key Value |
|---|---|---|
| kv/<environment>/<apiAppName>/FtosOpenApi | CachingTimeoutMinutes | Sliding timeout in minutes for cached entity metadata and actions. If no endpoints have been accessed for the designated number of minutes, new requests will be sent to the platform to retrieve entity metadata and actions information. (This is also when the endpoints for new entities will be rendered in the swagger definition) |
| kv/<environment>/<apiAppName>/FtosOpenApi | FtosPortalUrl | Should point to <environmentName>/<portalName>/api. |
| kv/<environment>/<apiAppName>/FtosOpenApi | HttpRetryCounts | Number of retry attempts if the API request fails with a 5xx or 408 status code. Default: 3. |
| kv/<environment>/<apiAppName>/FtosOpenApi | HttpRetryInitialDelaySeconds | Number of seconds between retry attempts. Default: 1. |
| kv/<environment>/<apiAppName>/FtosOpenApi | HttpTimeoutSeconds | Timeout in seconds for API requests. |
| kv/<environment>/<apiAppName>/FtosOpenApi | IdentityProvider |
|
| kv/<environment>/<apiAppName>/FtosOpenApi | LogRequestsAndResponses |
IMPORTANT!
API logging has a significant impact on performance. It should only be used for debugging purposes. |
KeycloakApi
The KeycloakApi secret must be configured if the kv/<environment>/<apiAppName>/FtosOpenApi/IdentityProvider key is set to Keycloak.
Copy
{
"Audience": "account",
"ClientId": "admin-portal",
"ClientSecret": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"HttpRetryCounts": "3",
"HttpRetryInitialDelaySeconds": "1",
"HttpTimeoutSeconds": "30",
"Password": "xxxxxxxxxx",
"RealmUrl": "https://www.myDomain.com/auth/realms/fintechOSrealm",
"UserName": "host"
}| Key Path | Key Name | Key Value |
|---|---|---|
| kv/<environment>/<apiAppName>/KeycloakApi | Audience | The claim aud or Audience extends from the JWT specification defined under RFC-7519. It allows the consuming party to validate if a particular JWT is meant for them or not. |
| kv/<environment>/<apiAppName>/KeycloakApi | RealmUrl | Keycloak realm URL. |
| kv/<environment>/<apiAppName>/KeycloakApi | HttpTimeoutSeconds | Timeout in seconds for the Keycloak JWT token request. |
| kv/<environment>/<apiAppName>/KeycloakApi | HttpRetryCounts | Number of retry attempts if the Keycloak request fails with a 5xx or 408 status code. Default: 3. |
| kv/<environment>/<apiAppName>/KeycloakApi | HttpRetryInitialDelaySeconds | Number of seconds between retry attempts. Default: 1. |
| kv/<environment>/<apiAppName>/KeycloakApi | UserName, Password, ClientId, ClientSecret, GrantType | Credentials for the Keycloak JWT token retrieval. |
EbsCoreApi (deprecated)
IMPORTANT!
This type of authentication is deprecated as it has been replaced with JWT-based authentication via the FintechOS Identity Provider. This information is provided only for backward compatibility.
This type of authentication is deprecated as it has been replaced with JWT-based authentication via the FintechOS Identity Provider. This information is provided only for backward compatibility.
The EbsCoreAPI secret must be configured if the kv/<environment>/FtosOpenApi/IdentityProvider key is set to EbsCoreApi.
Copy
{
"AdminClientId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"AdminUser": "username",
"AdminPassword": "password"
}| Key Path | Key Name | Key Value |
|---|---|---|
| kv/<environment>/<apiAppName>/EbsCoreApi | AdminClientId, AdminUser, AdminPassword. | Credentials used to retrieve the API access token from the GetToken endpoint. Using this token, entity data is then dynamically loaded in order to generate the OpenAPI/Swagger definition. |