Create an API Proxy to protect your servers against traffic spikes & transform server responses (XML to JSON) before sending a response.

Developing APIs is a tough job overall, and securing these APIs is a whole other ball game in itself. Google Cloud Apigee offers an excellent API Management Console that can help you develop & test your APIs to make them robust & secure.

Imagine this, you’re a developer who just created an API for all sorts of weather data. You’d like other developers to start using your API to display weather information to their users. But, you do not want to provide unrestricted access to your APIs given security concerns & heavy server loads.

In this article, we will be leveraging the powerful toolbox offered by Google Cloud Apigee & learn how we can protect our APIs from high traffic spikes & transform an XML response from the target server into JSON.

What is Google Cloud Apigee?

Google Cloud Apigee is a Cross-Cloud API Management Platform that provides a wide range of tools that allow you to secure, analyze & even monetize your APIs.

Source: Google Cloud Apigee

Apigee can be considered as a middle-man between a consumer app (created by a developer) & your server resources. Usually, an app would directly contact your server for requesting your data, which would process the request & return the required response. But the problem with this is that your server is exposed to the consumer app and YOU would have to add-in security protocols to protect your resources.

With Google Cloud Apigee, you do not have to worry about exposing your server to the outside world. Apigee acts like a proxy server that can verify an incoming request, request resources on its behalf if the request is valid & return the response to the consumer app.

Understanding Apigee’s Workflow

Apigee is a proxy server.

It receives a response from the consumer app, validates/transforms it if required, sends it to the target server. Then, it receives a response from the target server, manipulates/transforms it if required, and sends it back to the consumer app. This gives Apigee 4 areas to work with.

1. Proxy Pre Flow (Consumer Sends a request to Apigee)
2. Target Pre Flow (Apigee forwards the request to target)
3. Target Post Flow (Target sends a response to Apigee)
4. Proxy Post Flow (Apigee returns the response to Consumer)

These terms are important if you would like to manage your APIs using Apigee. The diagram below will help to understand:

#api #programming #google-cloud-platform #apigee #technology