Akamai API Gateway

API Gateway - API as a Resource

In many scenarios, APIs are used as just another way to load resources such as images. For this use case and depending on the specific scenario, multiple features mentioned in the What Not to Configure section of this document can be added. The What to Configure and What Not to Configure sections from the Standalone API also apply here, but with some differences mentioned below.

Note: You need to be very specific with the match criteria (i.e., ensure that you have features enabled for the endpoints you want and not globally for the API). If we enable globally, it could — depending on the feature — have a negative impact.

Scenario 1: One Domain

In this scenario, the API is used by a site to load resources, and it is either hosted under the same domain as the site or both domains are Akamaized. 

Example: www.example.com is our website/application, and our API endpoint will be www.example.com/api/getImage.

For this use case, everything will live in one Akamai delivery configuration, and we’ll have rules that will be applied for our API.
 

PROPERTY MANAGER UI

if

API JSON SNIPPET

{
  "name": "path",
  "options": {
      "matchOperator": "MATCHES_ONE_OF",
      "values": [
          "/api/*"
      ],
      "matchCaseSensitive": false
  }
}


Scenario 2: Multi-Domain

In this scenario, the API is used by a site to load resources, and both domains are Akamaized. 

Example: www.example.com uses api.example.com to lazy load images or load any type of resource for the site.

What to Configure

Within this rule set, we should enable the following:

HTTP/2

HTTP/2 is a major revision of the HTTP protocol focused on performance and efficiency. Enabling HTTP/2 support on the end user will allow the browser to use HTTP/2 features like:

  • Multiplexing and concurrency

  • Stream dependencies

  • Header compression

  • Server push

Note: For HTTP/2 to work correctly, the domain has to live on the same certificate as the parent site.

Image Optimization

If we are loading images with this API, then we can and should optimize them where possible. Enabling Image Manager or Adaptive Image Compression will help us to not only improve the end-user experience, but also offload the application.

Prefetching

Because we are loading resources from our API, we can help the user by prefetching these assets. Prefetching works on URLs with or without extensions (extensions and/or URL paths should be added to the match criteria, if any); in our use case, our endpoint has the path /api/getImage (no extension). 

Here, we will need to add a filename match with “getImage” as the file.
 

PROPERTY MANAGER UI

prefetching

API JSON SNIPPET

{
  "name": "filename",
  "options": {
      "matchOperator": "IS_ONE_OF",
      "values": [
          "getImage"
      ],
      "matchCaseSensitive": true
  }
}

However, if our endpoint URL is something like /api/getImage/ (directory), our criteria will change to path + EMPTY_STRING for the filename.
 

PROPERTY MANAGER UI

prefetching 2

API JSON SNIPPET

{
  "name": "path",
  "options": {
      "matchOperator": "MATCHES_ONE_OF",
      "values": [
          "/api/getImages/*"
      ],
      "matchCaseSensitive": false
  }
},
{
  "name": "filename",
  "options": {
      "matchOperator": "IS_ONE_OF",
      "values": [
          "EMPTY_STRING"
      ],
      "matchCaseSensitive": true
  }
}

Note: When prefetching is turned on and we are using multiple domains, such as www.example.com and api.example.com, it is possible to allow prefetching of the objects across domains. However, we need to ensure that all domains use the same edge hostname or edge map and enable the following snippet.

<edgeservices:prefetch.fetch>
    <allow-same-map>on</allow-same-map>
    <serial-must-match>off</serial-must-match>
</edgeservices:prefetch.fetch>

Other

On the default rule, we should have A2, RUM, and FEO, but these features should be explicitly disabled for the API endpoint. Generally, APIs are hosted separately from the web app (different origin). So remember to also add SureRoute for the alternate origins.

roy martinez

About the Author

Roy Martinez is a photography enthusiast, but in business hours he is an enterprise architect with 10 years of industry experience. He has a strong background in full-stack web development, DevOps, web performance, cloud computing, architecture changes, and advanced edge logic implementations, which allow him to provide consulting and support for customers.