Send Docs Feedback

Note: Most user interface tasks can be performed in Edge Classic or the New Edge experience. For an overview, getting started topics, and release notes specific to the New Edge experience, see the docs.

Edge Microgateway FAQ

General questions

How do I obtain Edge Microgateway?

See Installing Edge Microgateway.

Edge Microgateway ZIP files are no longer available. You must use npm to download and install the software, as explained in the installation guide.

How do I install Edge Microgateway

See Installing Edge Microgateway.

Where can I find documentation for older versions of Edge Microgateway?

Previous versions of Edge Microgateway documentation are maintained right here, on the Apigee Edge doc site

What are the typical use cases for Edge Microgateway?

See Overview of Edge Microgateway.

What environments are supported for Edge Microgateway?

See Overview of Edge Microgateway.

What changes on Edge require a restart of Edge Microgateway?

  • If you add or remove an Edge Microgateway-aware proxy.
  • If you change the basepath or target endpoint of an Edge Microgateway-aware proxy.
  • If you add or remove Products or Developer Apps from your Apigee Edge organization.

Can I deploy Edge Microgateway on same server where my API is running?

Yes. Edge Microgateway is a lightweight process that can run close to your API, including on the same machine.

Can I deploy an existing proxy bundle both in Edge (Cloud or Private Cloud) and also as an Edge Microgateway deployment?

No. See "Part 2: Create entities on Apigee Edge

Is there any configuration to enable ‘failover’ between an Edge proxy bundle deployment and Edge Microgateway deployment for the same API Proxy?

No. Edge Microgateway does not know about non-microgateway API proxy deployments on Apigee Edge.

What is the high availability deployment model for Edge Microgateway?

For a good discussion of how to run Edge Microgateway using NGINX as a load balancer, see Managing APIs with Apigee Edge Microgateway and NGINX.

Which load balancers can I use with Edge Microgateway?

Edge Microgateway can work with any load balancer.  

Is there a limit on how many proxies I can manage?

There is no limit to the number of Microgateway-aware proxies you can deploy in an Apigee Edge organization and environment and call through Edge Microgateway.

Do I need to be an org administrator to configure and deploy Edge Microgateway?

Yes. You need to have org admin credentials to configure and deploy Edge Microgateway.

Do I need to be an org administrator to run Edge Microgateway?

No. Edge Microgateway is a Node.js application, and can be run by anyone with permission to run such applications on a given machine.

Can any of my ‘org’ users use Edge Microgateway?

You do not need to be an Apigee Edge organization user to make API calls through Edge Microgateway. However, you must have org-level permissions to create or change Edge Microgateway aware proxies that are deployed on Edge.

What are the performance considerations for using Edge Microgateway?

If running Edge Microgateway collocated with the target application, be sure the server has sufficient capacity.

Can I associate to a specific org or env for my Edge Microgateway deployment?

When you configure an instance of Edge Microgateway you must associate it with a specific Edge organization and environment.

Can I associate to a specific region (if I am a multi-region customer) for my Edge Microgateway deployment?

Edge Microgateway automatically picks the best region for its interaction with Apigee Edge. You can deploy Edge Microgateway instances in each region that you want to service.

Does Edge Microgateway work with my Edge for Private Cloud?

Yes. For details, see Apigee Private Cloud configuration steps.

How do I differentiate between proxy deployed on Edge vs proxy on Microgateway?

When you configure Edge Microgateway, a list of microgateway-aware proxies deployed on Apigee Edge are downloaded to the local configuration of Edge Microgateway. Microgateway-aware proxies are ones named with the prefix edgemicro_.

Do I need any database to run Microgateway?

APIs proxied through Edge Microgateway may interact with database running as part of a target service. However, Edge Microgateway operates independently of any database or backend data store.

How is Quota enforced with Edge Microgateway?

You can optionally add a quota plugin to your instance of Edge Microgateway. For details see Using the quota plugin in the documentation.

How is Spike Arrest enforced with Edge Microgateway?

You can optionally add a spike arrest plugin to your instance of Edge Microgateway. For details see Using the spike arrest plugin in the documentation.

Are there other ways to write plugins other than Node.js for Edge Microgateway?

No. Plugins must be written in Node.js.

What happens when Edge Microgateway is not able to upload Analytics data to Edge?

Edge Microgateway has an in-memory buffer. If the buffer fills up, older payloads are dropped to let API traffic flow smoothly.

Can I add policies to Edge Microgateway?

Edge Microgateway plugins serve a function similar as policies in Apigee Edge. You can add functionality by using existing plugins or writing custom ones.

See Also

See also

These Apigee Community posts and blogs discuss additional plugin use cases:

What are my options for logging with Edge Microgateway?

Edge Microgateway has a built-in logging feature. For details, see Managing log files in the Edge Microgateway docs.

You can also write a custom plugin to use a third-party logging service with Edge Microgateway.

Because of the way Edge Microgateway works, you cannot use the Apigee Edge Message Logging policy to log messages for Edge Microgateway.

How do I configure Edge Microgateway to start up in a production environment

You can set the environment variables EDGEMICRO_KEY and EDGEMICRO_SECRET to the key/secret pair required by the Microgateway startup command.

In version 2.0 two more environment variables were added: EDGEMICRO_ORG and EDGEMICRO_ENV. With these variables you can start Edge Microgateway with the single command edgemicro start. See also Setting environment variables

See also

What are best practices for running Edge Microgateway at scale?

Apigee recommends running multiple instances of Edge Microgateway on different servers fronted by load balancers like NGINX.

See also

Can I use custom product or developer app attributes with Edge Microgateway?

No. By default, Edge Microgateway only acts on attributes related to basic routing and security. However, as workarounds, you have these possible options:

  1. Add custom attributes to the edgemicro-auth proxy that Edge Microgateway deploys to Apigee Edge. These attributes will be available when using API Key or OAuth token security.

  2. Modify oauth plugin to act on those attributes.

Business and licensing questions

What is the relationship between Apigee-127 and Edge Microgateway support models?

Apigee-127 is an open source software project that is supported in the open source model. That is, you can raise issues in the GitHub project and make a pull request if you attempt to fix something. Apigee-127 does not require or include any Software Licenses Agreements with Apigee.

Edge Microgateway, on the other hand, is an Enterprise product that is supported by Apigee for Apigee customers. That is, Apigee customers can create support tickets, feature requests, and bug reports using the Apigee Support portal.

Note: Edge Microgateway is not in any way based on Apigee-127. They are completely different projects with different goals. The only similarity is that both are implemented in Node.js. You must not assume any other commonality.

Security questions

How can I renew an expired access token?

Currently, you cannot renew the JWT token for a given Edge Microgateway instance.

Workaround

Each JWT token has an exp attribute that states the expiration date of the token. An app can calculate the expiration time and request a new token by making an API call directly to the edgemicro-auth token endpoint. For example, you can make an API call like this:

POST https: //{your_org}-{your_env}.apigee.net/edgemicro-auth/token

... with a JSON body like this:

{  "client_id": {your_id},  "client_secret": {your_secret},  "grant_type": "client_credentials" }

See also

"Secure the API with either an OAuth token or an API key" in the Edge Microgateway docs.

"What's the process for renewing bearer tokens when they expire" on the Apigee Community.   

How do I set up Edge Microgateway behind a company firewall?

There are two options for configuring Edge Microgateway to function behind a company firewall.

Option 1

Make the following change to the Edge Microgateway configuration file. This configuration forces the proxy connection to be a tunneling proxy.

edge_config:
    proxy: http://10.224.16.85:3128
    proxy_tunnel: false

Option 2

Set these environment variables before calling any CLI commands. These variables are respected by the NPM request module used by Edge Microgateway:

HTTP_PROXY / http_proxy

HTTPS_PROXY / https_proxy

NO_PROXY / no_proxy

For more information on setting these variables, see Controlling proxy behavior using environment variables.

See also

How to set up Edge Microgateway behind a company firewall on the Apigee Community.

Configuring SSL on Windows

If you are running Edge Microgateway on Windows, OpenSSL must be installed on the machine and added to the PATH. Not all Windows machine are shipped with OpenSSL. Refer to the OpenSSL documentation for information about downloading and installing OpenSSL.

Can I white-list API resources using the API product associated with an Edge Micro-aware proxy?

Currently, only the basepath is checked to determine if an API is approved for API Products associated with a particular OAuth token.

For example:

1. You create an edgemicro_ prefixed proxy with base path and target.

2. You add this proxy to a product. Let's call it edgemicro-prod1.

3. When an API call is made through Edge Microgateway using either an API key or an OAuth token, Edge Microgateway checks if the basepath of the API matches with the basepath of edgemicro_* proxy that is approved for list of products approved for that key or token.

See also

Can I use custom SSL certificates with Edge Microgateway?

Only the default Apigee SSL cert is currently supported. Custom SSL certs are not supported at this time.

Workarounds

If you wish to use a custom (non-Apigee default) SSL cert, you have these options:

  • Use a non-SSL jwt_public_key endpoint. Modify Edge Microgateway configuration file to use http://{org}-{env}.apigee.net/edgemicro-auth/publicKey -or-

  • Before starting Edge Microgateway, set this environment variable: export NODE_TLS_REJECT_UNAUTHORIZED ="0"

Note: Also be sure you are using the supported version of Node.js for your version of Edge Microgateway. See Prerequisites in the Install doc for Edge Microgateway.

See also

Can I avoid using Org Admin accounts with Edge Microgateway?

The Edge Microgateway configuration script deploys an edgemicro-auth proxy to Edge, and this deployment requires Org Admin credentials.

However, after this initial deployment, you should be able to do the remaining setup and configuration without needed Org Admin credentials.

See also

Can I use my own OAuth token with Edge Microgateway?

You can use your own token, but first, you must turn off the built-in authorization for Edge Microgateway. To do this:

  1. Open the config file for Edge Microgateway.

  2. Change the two oauth settings to true, as follows:

oauth:
    allowNoAuthorization: true
    allowInvalidAuthorization: true

I am getting an access denied error when starting Edge Microgateway

If you get an access denied error when starting Edge Microgateway with this command:

edgemicro start -o [org] -e [env] -k [key] -s [secret]

It is possible the key and secret are not valid for some reason. The best thing to do is regenerate the key and secret with the edgemicro genkeys command.

Testing and debugging questions

How do I prevent "too many file open" errors during load testing?

In some cases, your system may run into a situation where too many open file connections, and this can cause Edge Micro to crash. The default logging requires two HTTP connections for incoming and outgoing transactions through the Microgateway.

For testing and benchmarking purposes, Apigee recommends setting your system's ulimit command to unlimited: ulimit -n unlimited

See also

Edge Microgateway error during load testing on the Apigee Community

Tips for rapid development and debugging

If you are developing plugins for Edge Microgateway, you may find that support for rapid development is limited. Apigee plans to add pluggable debugging and other features in the future to help with this.

For now, here are some tips:

  • For starting Edge Microgateway, you can set  the environment variables EDGEMICRO_KEY and EDGEMICRO_SECRET to the key/secret pair required by the Microgateway startup command. This allows you to start Edge Microgateway without entering the key/secret at the command line. See also Setting environment variables in the Edge Microgateway docs.

  • Start Edge Microgateway in DEBUG mode to see additional output in the command terminal: DEBUG=* edgemicro start -o [org] -e [env] -k [key] -s [secret]

Can I reuse key/secret combinations between instances of Edge Microgateway?

As long as the organization and environment are same for the Microgateway instances, you can reuse the key/secret pair that get generated during configuration.

What are the Edge Microgateway TPS by default & what are Hardware Requirements required for a Microgateway instance

Please refer to this post in the Apigee Community. 

Help or comments?