Skip to content

HTTP clients (a.k.a Gateways)

APIO core engine can keep client sessions with multiple servers. Each client is identified by a unique name. The session_holder name is used to identify the client in the HTTP calls nodes (e.g HTTP call node).

This is useful to keep the client configuration in one place and reuse it in multiple places. And efficient because it allows to reuse the same client session / connections for multiple calls across workflows.

HTTP client

Health checks

If enabled, the health check is executed periodically. The health check is a simple HTTP call to the health_check_url. If the call fails, the client is marked as unhealthy (on the dashboard and gateways page) and backup url's may be used as failover.

INFO

Unhealthy clients are still used in the HTTP calls nodes.

Authentication methods

WARNING

Passwords, tokens and secrets are obfuscated using ********, so you can update them without revealing the original password.

OAuth1

OAuth1 is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.

OAuth2

OAuth2 is an authorization framework that enables a third-party application to obtain access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.

Set the token URL in the login url attribute. The client id and client secret (or username and password) attributes are used to authenticate the client to the token URL.

Basic

For basic authentication, use the username and password attributes.

Bearer

For fixed bearer token, use the headers attribute to set the Authorization header.

Hawk

Hawk is a HTTP authentication scheme using a message authentication code (MAC) algorithm to provide partial HTTP request cryptographic verification.

mTLS

Mutual TLS authentication is a two-way SSL authentication that uses client certificates to authenticate the client to the server and the server to the client.

If the client url starts with https://, the client can use mTLS authentication using the TLS client certificate and TLS client key attributes (both in PEM format).

Failover

If backup urls is set, the client will try to connect to the backup URLs if the main URL is not available.

Those url's are used in the order they are defined. If the first one is not available, the second one is used, and so on.

INFO

The backup URLs are used only if the main URL is not available. If the main URL is available but returns an error, the backup URLs are not used.

WARNING

If an error occurs during the connection to the current URL, the client will not try to fallback to the next backup URLs for the same call. It will try to fallback to the next backup URLs only for the next calls.