Create Organisations, Users, Api Definitions, Key

Carlos_Carvalho · January 25, 2016, 11:35am

Hello Martin,

Sorry ,

I will try to explain me better:

I have a nodejs application (that’s why I talked about package.json ignore it for now). I also have plans to use consul as service discovery and uptime tests checking.
What I’m worried about is when using my application framework and do multiple request to create different organisations gives me the error of not knowing the API.

Here you have the requet bodies
Request Http Organisations : {"method":"POST","uri":"http://172.17.42.9:3000/admin/organisations","headers":{"admin-auth":"12345"},"body":{"owner_name":"TestOrg","owner_slug":"TestOrg"},"json":true}]

Request Http Users: {"method":"POST","uri":"http://172.17.42.9:3000/admin/users","headers":{"admin-auth":"12345"},"body":{"first_name":"TestOrg","last_name":"Admin","email_address":"[email protected]","active":true,"password":"admin","org_id":"56a604f61384830001000004"},"json":true}

Request Http API Definition: {"method":"POST","uri":"http://172.17.42.9:3000/api/apis","headers":{"authorization":"80af64a0da7940575e12abc5fcbfc97d"},"body":{"api_definition":{"name":"Order Service","slug":"Order-Service","auth":{"auth_header_name":"X-Authorization"},"definition":{"location":"header","key":"x-api-version"},"uptime_tests":{"check_list":[],"config":{"expire_utime_after":30,"service_discovery":{"use_discovery_service":true,"query_endpoint":"http://localhost:8500/v1/catalog/service/oservice","use_nested_query":false,"parent_data_path":"","data_path":"Address","port_data_path":"ServicePort","use_target_list":true,"cache_timeout":60,"endpoint_returns_list":true},"recheck_wait":0}},"proxy":{"listen_path":"/","target_url":"http://oservice:5000/","strip_listen_path":true,"enable_load_balancing":true,"target_list":[],"check_host_against_uptime_tests":true,"service_discovery":{"use_discovery_service":true,"query_endpoint":"http://172.17.42.3:8500/v1/catalog/service/oservice","use_nested_query":false,"parent_data_path":"","data_path":"Address","port_data_path":"ServicePort","use_target_list":true,"cache_timeout":60,"endpoint_returns_list":true}},"version_data":{"not_versioned":false,"versions":{"1":{"name":"1","expires":"2027-12-31 00:00","paths":{"ignored":[],"white_list":[],"black_list":[]},"use_extended_paths":true,"extended_paths":{"ignored":[],"white_list":[],"black_list":[],"cache":[],"transform":[],"transform_response":[],"transform_headers":[],"transform_response_headers":[],"hard_timeouts":[],"circuit_breakers":[],"url_rewrites":[],"virtual":[],"size_limits":[]},"global_headers":{},"global_headers_remove":[],"global_size_limit":0}}},"use_oauth2":false,"oauth_meta":{"auth_login_redirect":"","allowed_access_types":[],"allowed_authorize_types":[]},"notifications":{"shared_secret":"","oauth_on_keychange_url":""},"enable_ip_whitelisting":false,"allowed_ips":[],"use_keyless":false,"enable_signature_checking":false,"use_basic_auth":false,"active":true,"enable_batch_request_support":true},"hook_references":[]},"json":true}

Request Http API Definition Get: {"method":"GET","uri":"http://172.17.42.9:3000/api/apis/56a604f61384830001000005","headers":{"authorization":"80af64a0da7940575e12abc5fcbfc97d"},"json":true}

Request Http API Definition Update: {"method":"PUT","uri":"http://172.17.42.9:3000/api/apis/56a604f61384830001000005","headers":{"authorization":"80af64a0da7940575e12abc5fcbfc97d"},"body":{"api_model":{},"api_definition":{"id":"56a604f61384830001000005","name":"Order Service","slug":"Order-Service","api_id":"bfbc2cd3652a4a0e4f10ecab350c826f","org_id":"56a604f61384830001000004","use_keyless":false,"use_oauth2":false,"oauth_meta":{"allowed_access_types":[],"allowed_authorize_types":[],"auth_login_redirect":""},"auth":{"use_param":false,"use_cookie":false,"auth_header_name":"X-Authorization"},"use_basic_auth":false,"enable_jwt":false,"jwt_signing_method":"","notifications":{"shared_secret":"","oauth_on_keychange_url":""},"enable_signature_checking":false,"hmac_allowed_clock_skew":0,"definition":{"location":"header","key":"x-api-version"},"version_data":{"not_versioned":false,"versions":{"1":{"name":"1","expires":"2027-12-31 00:00","paths":{"ignored":[],"white_list":[],"black_list":[]},"use_extended_paths":true,"extended_paths":{"ignored":[],"white_list":[],"black_list":[],"cache":[],"transform":[],"transform_response":[],"transform_headers":[],"transform_response_headers":[],"hard_timeouts":[],"circuit_breakers":[],"url_rewrites":[],"virtual":[],"size_limits":[]},"global_headers":{},"global_headers_remove":[],"global_size_limit":0}}},"uptime_tests":{"check_list":[],"config":{"expire_utime_after":30,"service_discovery":{"use_discovery_service":true,"query_endpoint":"http://localhost:8500/v1/catalog/service/oservice","use_nested_query":false,"parent_data_path":"","data_path":"Address","port_data_path":"ServicePort","use_target_list":true,"cache_timeout":60,"endpoint_returns_list":true},"recheck_wait":0}},"proxy":{"listen_path":"/","target_url":"http://oservice:5000/","strip_listen_path":true,"enable_load_balancing":true,"target_list":[],"check_host_against_uptime_tests":true,"service_discovery":{"use_discovery_service":true,"query_endpoint":"http://172.17.42.3:8500/v1/catalog/service/oservice","use_nested_query":false,"parent_data_path":"","data_path":"Address","port_data_path":"ServicePort","use_target_list":true,"cache_timeout":60,"endpoint_returns_list":true}},"custom_middleware":{"pre":[],"post":[],"response":[]},"cache_options":{"cache_timeout":0,"enable_cache":false,"cache_all_safe_requests":false,"enable_upstream_cache_control":false},"session_lifetime":0,"active":true,"auth_provider":{"name":"","storage_engine":"","meta":null},"session_provider":{"name":"","storage_engine":"","meta":null},"event_handlers":{"events":{}},"enable_batch_request_support":true,"enable_ip_whitelisting":false,"allowed_ips":[],"dont_set_quota_on_create":false,"expire_analytics_after":0,"response_processors":[],"CORS":{"enable":false,"allowed_origins":[],"allowed_methods":[],"allowed_headers":[],"exposed_headers":[],"allow_credentials":false,"max_age":0,"options_passthrough":false,"debug":false},"domain":"","do_not_track":false,"tags":[]},"hook_references":[],"is_site":false,"sort_by":0},"json":true}

Request Http API Keys: {"method":"POST","uri":"http://172.17.42.9:3000/api/keys","headers":{"authorization":"80af64a0da7940575e12abc5fcbfc97d"},"body":{"last_check":0,"allowance":1000,"rate":1000,"per":1000,"expires":0,"quota_max":-1,"quota_renews":1453404380,"quota_remaining":-1,"quota_renewal_rate":60,"access_rights":{"bfbc2cd3652a4a0e4f10ecab350c826f":{"api_name":"Order Service","api_id":"bfbc2cd3652a4a0e4f10ecab350c826f","versions":["1"],"allowed_urls":null}},"org_id":"56a604f61384830001000004","oauth_client_id":"","basic_auth_data":{"password":"","hash_type":""},"jwt_data":{"secret":""},"hmac_enabled":false,"hmac_string":"","is_inactive":false,"apply_policy_id":"","data_expires":0,"monitor":{"trigger_limits":null},"meta_data":{},"tags":[]},"json":true}

And the error is intermittent

Here you go the error in dashboard:

time="2016-01-25T11:01:42Z" level=info msg="Creating new Redis connection pool" time="2016-01-25T11:01:42Z" level=info msg="Tyk Analytics Dashboard 0.9.7.0" time="2016-01-25T11:01:42Z" level=info msg="Copyright Martin Buhr 2015" time="2016-01-25T11:01:42Z" level=info msg="https://www.tyk.io" time="2016-01-25T11:01:42Z" level=info msg="Listening on port: 3000" time="2016-01-25T11:01:42Z" level=info msg="Loading routes..." time="2016-01-25T11:01:42Z" level=info msg="--> Standard listener (http)" time="2016-01-25T11:07:57Z" level=info msg="Pass is OK" time="2016-01-25T11:08:00Z" level=error msg="Couldn't Decode, leaving as it may be legacy..." time="2016-01-25T11:08:38Z" level=info msg="Sending notification{ApiUpdated b13d5f02696c4a984876a99339ced468}" time="2016-01-25T11:08:39Z" level=error msg="Couldn't Decode, leaving as it may be legacy..." time="2016-01-25T11:13:39Z" level=info msg="New user session created" time="2016-01-25T11:13:39Z" level=info msg="Sending notification{ApiUpdated e5206747b43b46f04fd28dba6c621623}" time="2016-01-25T11:13:39Z" level=info msg="Sending notification{ApiUpdated e5206747b43b46f04fd28dba6c621623}" time="2016-01-25T11:20:22Z" level=info msg="New user session created" time="2016-01-25T11:20:22Z" level=info msg="Sending notification{ApiUpdated bfbc2cd3652a4a0e4f10ecab350c826f}" time="2016-01-25T11:20:22Z" level=info msg="Sending notification{ApiUpdated bfbc2cd3652a4a0e4f10ecab350c826f}" time="2016-01-25T11:31:19Z" level=info msg="New user session created" time="2016-01-25T11:31:19Z" level=info msg="Sending notification{ApiUpdated e91a96042625426a741830143e408720}" time="2016-01-25T11:31:19Z" level=info msg="Sending notification{ApiUpdated e91a96042625426a741830143e408720}" time="2016-01-25T11:31:29Z" level=error msg="Could not create key for this API ID, API doesn't exist." time="2016-01-25T11:31:29Z" level=warning msg="Failed create:Could not create key for this API ID, API doesn't exist." time="2016-01-25T11:31:29Z" level=error msg="Failed to save new session object to Tyk: Could not create key for this API ID, API doesn't exist." time="2016-01-25T11:32:40Z" level=error msg="Couldn't Decode, leaving as it may be legacy..." time="2016-01-25T11:32:41Z" level=error msg="Couldn't Decode, leaving as it may be legacy..." time="2016-01-25T11:33:11Z" level=error msg="Could not create key for this API ID, API doesn't exist." time="2016-01-25T11:33:11Z" level=warning msg="Failed create:Could not create key for this API ID, API doesn't exist." time="2016-01-25T11:33:11Z" level=error msg="Failed to save new session object to Tyk: Could not create key for this API ID, API doesn't exist."

Should I create a github issue? For tracking?

Martin · January 25, 2016, 3:09pm

There’s one thing wrong here: you need base64 encode your version names - that’s what that “Can’t decode, leaving as it might be legacy” warning is, so in your API Definition, you might want to change it so that it looks like this (don’t use the values, they’re a demo):

version_data: {
    not_versioned: true,
    versions: {
      "RGVmYXVsdA==": {
        name: "RGVmYXVsdA==",
        expires: "",
        paths: {
          ignored: [],
          white_list: [],
          black_list: []
        },
        use_extended_paths: true,
        extended_paths: {
          ignored: [],
          white_list: [],
          black_list: [],
          cache: [],
          transform: [],
          transform_headers: []
        }
      }
    }
  },

But this won’t fix your issue - I’ve dug through the code a bit and the way it looks for an API ID is whether or not it has been loaded into the internal master API register.

Can you send the Gateway log please? I have a feeling the API is being skipped instead of loaded by the gateway which would cause this.

Also, are you creating multiple API’s? Or just the one for now?

Cheers,
Martin

Carlos_Carvalho · January 25, 2016, 4:40pm

Hello Martin,

Here you go all logs from gateway as of today :

time="2016-01-25T11:01:42Z" level=info msg="Hostname set: " time="2016-01-25T11:01:42Z" level=info msg="Connection dropped, connecting.." time="2016-01-25T11:01:42Z" level=info msg="Setting up Server" time="2016-01-25T11:01:42Z" level=info msg="--> Standard listener (http)" time="2016-01-25T11:01:42Z" level=info msg="[HOST CHECK MANAGER] Starting Poller" time="2016-01-25T11:01:42Z" level=info msg="Detected 0 APIs" time="2016-01-25T11:01:42Z" level=info msg="Loading uptime tests..." time="2016-01-25T11:01:42Z" level=info msg="Loaded 0 policies " time="2016-01-25T11:01:42Z" level=info msg="Gateway started (v1.9.0.0)" time="2016-01-25T11:01:42Z" level=info msg="--> Listening on port: 8080" time="2016-01-25T11:08:38Z" level=info msg="Reload signal received, reloading endpoints" time="2016-01-25T11:08:48Z" level=error msg="Couldn't Decode, leaving as it may be legacy..." time="2016-01-25T11:08:48Z" level=info msg="Detected 2 APIs" time="2016-01-25T11:08:48Z" level=info msg="--> Loading API: Admin" time="2016-01-25T11:08:48Z" level=info msg="----> Tracking: (no host)" time="2016-01-25T11:08:48Z" level=info msg="----> Checking security policy: Open" time="2016-01-25T11:08:48Z" level=info msg="--> Loading API: Order Service" time="2016-01-25T11:08:48Z" level=info msg="----> Tracking: (no host)" time="2016-01-25T11:08:48Z" level=info msg="----> Checking security policy: Token" time="2016-01-25T11:08:48Z" level=info msg="Loading uptime tests..." time="2016-01-25T11:08:48Z" level=error msg="[HOST CHECKER MANAGER] Failed to retrieve host list: Get http://localhost:8500/v1/catalog/service/oservice: dial tcp [::1]:8500: getsockopt: connection refused" time="2016-01-25T11:08:48Z" level=info msg="Loaded 0 policies " time="2016-01-25T11:08:48Z" level=info msg="API reload complete" time="2016-01-25T11:13:39Z" level=info msg="Reload signal received, reloading endpoints" time="2016-01-25T11:13:39Z" level=info msg="Reload signal received, reloading endpoints" time="2016-01-25T11:13:49Z" level=error msg="Couldn't Decode, leaving as it may be legacy..." time="2016-01-25T11:13:49Z" level=info msg="Detected 3 APIs" time="2016-01-25T11:13:49Z" level=info msg="--> Loading API: Admin" time="2016-01-25T11:13:49Z" level=info msg="----> Tracking: (no host)" time="2016-01-25T11:13:49Z" level=info msg="----> Checking security policy: Open" time="2016-01-25T11:13:49Z" level=info msg="--> Loading API: Order Service" time="2016-01-25T11:13:49Z" level=info msg="----> Tracking: (no host)" time="2016-01-25T11:13:49Z" level=info msg="----> Checking security policy: Token" time="2016-01-25T11:13:49Z" level=info msg="--> Loading API: Order Service" time="2016-01-25T11:13:49Z" level=error msg="Duplicate listen path found, skipping. API ID: 40f55b2c188742347b2c798b3990a4fd" time="2016-01-25T11:13:49Z" level=warning msg="----> Skipped!" time="2016-01-25T11:13:49Z" level=info msg="Loading uptime tests..." time="2016-01-25T11:13:49Z" level=error msg="[HOST CHECKER MANAGER] Failed to retrieve host list: Get http://localhost:8500/v1/catalog/service/oservice: dial tcp [::1]:8500: getsockopt: connection refused" time="2016-01-25T11:13:49Z" level=info msg="Loaded 0 policies " time="2016-01-25T11:13:49Z" level=info msg="API reload complete" time="2016-01-25T11:13:49Z" level=warning msg="Tracked quota reset for key: 56a603631384830001000002c5013f8a7ab447f967cda6757c946021" time="2016-01-25T11:20:22Z" level=info msg="Reload signal received, reloading endpoints" time="2016-01-25T11:20:22Z" level=info msg="Reload signal received, reloading endpoints" time="2016-01-25T11:20:32Z" level=error msg="Couldn't Decode, leaving as it may be legacy..." time="2016-01-25T11:20:32Z" level=info msg="Detected 3 APIs" time="2016-01-25T11:20:32Z" level=info msg="--> Loading API: Admin" time="2016-01-25T11:20:32Z" level=info msg="----> Tracking: (no host)" time="2016-01-25T11:20:32Z" level=info msg="----> Checking security policy: Open" time="2016-01-25T11:20:32Z" level=info msg="--> Loading API: Order Service" time="2016-01-25T11:20:32Z" level=info msg="----> Tracking: (no host)" time="2016-01-25T11:20:32Z" level=info msg="----> Checking security policy: Token" time="2016-01-25T11:20:32Z" level=info msg="--> Loading API: Order Service" time="2016-01-25T11:20:32Z" level=error msg="Duplicate listen path found, skipping. API ID: 40f55b2c188742347b2c798b3990a4fd" time="2016-01-25T11:20:32Z" level=warning msg="----> Skipped!" time="2016-01-25T11:20:32Z" level=info msg="Loading uptime tests..." time="2016-01-25T11:20:32Z" level=error msg="[HOST CHECKER MANAGER] Failed to retrieve host list: Get http://localhost:8500/v1/catalog/service/oservice: dial tcp [::1]:8500: getsockopt: connection refused" time="2016-01-25T11:20:32Z" level=info msg="Loaded 0 policies " time="2016-01-25T11:20:32Z" level=info msg="API reload complete" time="2016-01-25T11:20:32Z" level=warning msg="Tracked quota reset for key: 56a604f613848300010000045028521f4a964c21570f557c407120f8" time="2016-01-25T11:31:19Z" level=info msg="Reload signal received, reloading endpoints" time="2016-01-25T11:31:19Z" level=info msg="Reload signal received, reloading endpoints" time="2016-01-25T11:31:29Z" level=error msg="Could not create key for this API ID, API doesn't exist." apiID=e91a96042625426a741830143e408720 time="2016-01-25T11:31:29Z" level=error msg="Couldn't Decode, leaving as it may be legacy..." time="2016-01-25T11:31:29Z" level=info msg="Detected 4 APIs" time="2016-01-25T11:31:29Z" level=info msg="--> Loading API: Admin" time="2016-01-25T11:31:29Z" level=info msg="----> Tracking: (no host)" time="2016-01-25T11:31:29Z" level=info msg="----> Checking security policy: Open" time="2016-01-25T11:31:29Z" level=info msg="--> Loading API: Order Service" time="2016-01-25T11:31:29Z" level=info msg="----> Tracking: (no host)" time="2016-01-25T11:31:29Z" level=info msg="----> Checking security policy: Token" time="2016-01-25T11:31:29Z" level=info msg="--> Loading API: Order Service" time="2016-01-25T11:31:29Z" level=error msg="Duplicate listen path found, skipping. API ID: e91a96042625426a741830143e408720" time="2016-01-25T11:31:29Z" level=warning msg="----> Skipped!" time="2016-01-25T11:31:29Z" level=info msg="--> Loading API: Order Service" time="2016-01-25T11:31:29Z" level=error msg="Duplicate listen path found, skipping. API ID: 40f55b2c188742347b2c798b3990a4fd" time="2016-01-25T11:31:29Z" level=warning msg="----> Skipped!" time="2016-01-25T11:31:29Z" level=info msg="Loading uptime tests..." time="2016-01-25T11:31:29Z" level=error msg="[HOST CHECKER MANAGER] Failed to retrieve host list: Get http://localhost:8500/v1/catalog/service/oservice: dial tcp [::1]:8500: getsockopt: connection refused" time="2016-01-25T11:31:29Z" level=info msg="Loaded 0 policies " time="2016-01-25T11:31:29Z" level=info msg="API reload complete" time="2016-01-25T11:33:11Z" level=error msg="Could not create key for this API ID, API doesn't exist." apiID=40f55b2c188742347b2c798b3990a4fd 2016/01/25 15:02:02 terminated time="2016-01-25T15:03:02Z" level=info msg="Hostname set: " time="2016-01-25T15:03:02Z" level=info msg="Connection dropped, connecting.." time="2016-01-25T15:03:02Z" level=info msg="Setting up Server" time="2016-01-25T15:03:02Z" level=info msg="--> Standard listener (http)" time="2016-01-25T15:03:02Z" level=info msg="[HOST CHECK MANAGER] Starting Poller" time="2016-01-25T15:03:02Z" level=info msg="Detected 0 APIs" time="2016-01-25T15:03:02Z" level=info msg="Loading uptime tests..." time="2016-01-25T15:03:02Z" level=info msg="Loaded 0 policies " time="2016-01-25T15:03:02Z" level=info msg="Gateway started (v1.9.0.0)" time="2016-01-25T15:03:02Z" level=info msg="--> Listening on port: 8080" 2016/01/25 15:06:30 terminated time="2016-01-25T15:07:31Z" level=info msg="Hostname set: " time="2016-01-25T15:07:31Z" level=info msg="Connection dropped, connecting.." time="2016-01-25T15:07:31Z" level=info msg="[HOST CHECK MANAGER] Starting Poller" time="2016-01-25T15:07:31Z" level=info msg="Setting up Server" time="2016-01-25T15:07:31Z" level=info msg="--> Standard listener (http)" time="2016-01-25T15:07:31Z" level=info msg="Detected 0 APIs" time="2016-01-25T15:07:31Z" level=info msg="Loading uptime tests..." time="2016-01-25T15:07:31Z" level=info msg="Loaded 0 policies " time="2016-01-25T15:07:31Z" level=info msg="Gateway started (v1.9.0.0)" time="2016-01-25T15:07:31Z" level=info msg="--> Listening on port: 8080"

I’m only creating just the one api. The purpose will be to create multiple organisations and create that one api definition for each.

Martin · January 25, 2016, 4:53pm

And there it is… ^^^

You’ve created an API with a duplicate listen path - this gets skipped by the loader and so isn;t available to create keys for.

Carlos_Carvalho · January 25, 2016, 4:54pm

But Martin I cannot have multiple orgs with the same api listen path?

Martin · January 25, 2016, 5:14pm

No, not unless you put them on different domains, otherwise how is the router meant to differentiate between http://domain.com/api/widgets for ORG 1 and http://domain.com/api/widgets/ for ORG 2?

osborn · April 9, 2016, 3:46pm

Hi Martin. How do I specify that the auth shouldn’t be in the header?

Martin · April 9, 2016, 4:10pm

You can either set the flag manually in the API definition object (non pro) - see auth section in this doc:

https://tyk.io/docs/tyk-api-gateway-v-2-0/api-management/api-definition-objects/

Or in the dashboard, in the API designer, at the bottom of the first screen, you can set the location of the key (query string or header)