Supported Features

The following table lists the features that are supported by dedicated gateways.

Note

If the gateway you use does not have specific features, contact technical support to upgrade your gateway.

Feature Name	Feature Description	Configurable	Feature Configuration Example	Configuration Parameter	Parameter Description	Default Value	Value Range
lts	Reporting of Shubao access logs	Yes	{"name":"lts","enable":true,"config": "{\"group_id\": ",\"topic_id\":\"\",\"log_group\":\"\",\"log_stream\":\"\"}"}	group_id	Log group ID.	-	-
				topic_id	Log stream ID.
				log_group	Name of a log group.
				log_stream	Name of a log stream.
gateway_responses	Custom gateway responses	No	-	-	-	-	-
ratelimit	Request throttling limit configuration	Yes	{"name":"ratelimit","enable":true,"config": "{\"api_limits\": 500}"}	api_limits	Default request throttling value applied to all APIs. Set this parameter properly to meet service requirements. A small value may constantly throttle your services.	200 calls per second	1-1,000,000 calls per second
request_body_size	Configuration of the maximum request body size	Yes	{"name":"request_body_size","enable":true,"config": "104857600"}	request_body_size	Maximum size of the body allowed in an API request.	12 MB	1-9536 MB
backend_timeout	Maximum backend timeout configuration	Yes	{"name":"backend_timeout","enable":true,"config": "{"max_timeout": 500}"}	max_timeout	Maximum timeout for APIG to request a backend service.	60,000 ms	1-600,000 ms
app_token	app_token authentication	Yes	{"name":"app_token","enable":true,"config": "{\"enable\": \"on\", \"app_token_expire_time\": 3600, \"app_token_uri\": \"/v1/apigw/oauth2/token\", \"refresh_token_expire_time\": 7200}"}	enable	Whether to enable this feature.	Off	On/Off
				app_token_expire_time	Validity period of the access token.	3600s	1-72,000s
				refresh_token_expire_time	Validity period of the refresh token.	7200s	1-72,000s
				app_token_uri	URI used for obtaining the token.	/v1/apigw/oauth2/token	-
				app_token_key	Token encryption key.	-	-
app_api_key	app_api_key authentication	Yes	{"name":"app_api_key","enable":true,"config": "on"}	-	-	Off	On/Off
app_basic	app_basic authentication	Yes	{"name":"app_basic","enable":true,"config": "on"}	-	-	Off	On/Off
app_secret	app_secret authentication	Yes	{"name":"app_secret","enable":true,"config": "on"}	-	-	Off	On/Off
app_jwt	app_jwt authentication	Yes	{"name":"app_jwt","enable":true,"config": "{\"enable\": \"on\", \"auth_header\": \"Authorization\"}"}	enable	Whether to enable app_jwt authentication.	Off	On/Off
				auth_header	app_jwt authentication header.	Authorization	-
public_key	Public_key backend signatures	Yes	{"name":"public_key","enable":true,"config": "{\"enable\": \"on\", \"public_key_uri_prefix\": \"/apigw/authadv/v2/public-key/\"}"}	enable	Whether to enable public_key authentication.	Off	On/Off
				public_key_uri_prefix	URI prefix used for obtaining the public key.	/apigw/authadv/v2/public-key/	-
backend_token_allow	Allowing tenants to transparently transmit tokens to the backend	Yes	{"name":"backend_token_allow","enable":true,"config": "{\"backend_token_allow_users\": [\"user_name\"]}"}	backend_token_allow_users	Regular expression for transparently transmitting the token to the common tenant whitelist of the tenant to match the domain name of the common tenant.	-	-
sign_basic	Basic signature keys	No	-	-	-	-	-
multi_auth	Two-factor authentication	No	-	-	-	-	-
backend_client_certificate	Backend two-way authentication	Yes	{"name":"backend_client_certificate","enable":true,"config": "{\"enable\": \"on\",\"ca\": \"\",\"content\": \"\",\"key\": \"\"}"}	enable	Whether to enable this feature.	Off	On/Off
				ca	CA file of two-way authentication.	-	-
				content	Two-way authentication file.	-	-
				key	Private key of two-way authentication.	-	-
ssl_ciphers	HTTPS cipher suites	Yes	{"name":"ssl_ciphers","enable":true,"config": "config": "{\"ssl_ciphers\": [\"ECDHE-ECDSA-AES256-GCM-SHA384\"]}"}	ssl_ciphers	Encryption and decryption suites supported. The ssl_ciphers parameter cannot be left blank and can contain only the options in the default value.	-	ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256
route	Custom routes	No	-	-	-	-	-
cors	Plug-ins	No	-	-	-	-	-
real_ip_from_xff	X-Forwarded-For header for identifying IP addresses during access control and request throttling	Yes	{"name": "real_ip_from_xff","enable": true,"config": {"enable": "on","xff_index": -1}}	enable	Whether to enable this feature.	Off	On/Off
				xff_index	Sequence number of an IP address in the X-Forwarded-For header. The value of this parameter can be 0 or a positive or negative number. If the value is 0 or a positive number, the IP address of the corresponding index is obtained from the X-Forwarded-For header. If the value is a negative number, the IP address in reverse index order is obtained from the X-Forwarded-For header. For example, assume that the X-Forwarded-For header of a request received by API gateway contains three IP addresses: IP1, IP2, and IP3. If the value of xff_index is 0, IP1 is obtained. If the value of xff_index is 1, IP2 is obtained. If the value of xff_index is -1, IP3 is obtained.	-1	Valid Int32 value
app_route	IP address access	Yes	{"name":"app_route","enable":true,"config": "on"}	-	-	Off	On/Off
vpc_name_modifiable	Load balance channel name modification	Yes	{"name":"vpc_name_modifiable","enable":true,"config": "on"}	-	-	on	On/Off
default_group_host_trustlist	Access to the DEFAULT group from IP addresses that are not inbound access addresses of the current gateway	Yes	{"name":"default_group_host_trustlist","enable": true,"config": "{\"enable\":\"on\",\"hosts\":[\"123.2.2.2\",\"202.2.2.2\"]}"}	enable	Whether to enable this feature.	-	On/Off
				hosts	IP addresses that are not inbound access addresses of the current gateway.	-	-
throttle_strategy	Request throttling	Yes	{"name":"throttle_strategy","enable":true,"config": "{\"enable\": \"on\",\"strategy\": \"local\"}"}	enable	Whether to enable this feature.	Off	On/Off
				strategy	Request throttling mode.	-	cluster/local
custom_log	Printing custom request headers, query strings, and cookies in logs	Yes	{"name":"custom_log","enable":true,"config": "{\"custom_logs\":[{\"location\":\"header\",\"name\":\"a1234\"}]}"}	custom_logs	Custom logs.	-	Max. 10 items.
				location	Location.		header/query/cookie
				name	Name.		-
real_ip_header_getter	Using a custom header to obtain source IP addresses	Yes	{"name":"real_ip_header_getter","enable":true,"config": "{\"enable\": \"on\",\"header_getter\": \"header:testIP\"}"}	enable	Whether to enable this feature.	Off	On/Off
				header_getter	Custom header for obtaining source IP addresses.	-	-
policy_cookie_param	Using cookies in backend policy conditions	Yes	{"name":"policy_cookie_param","enable":true,"config": "on"}	-	-	Off	On/Off
app_quota	Client quotas	No	-	-	-	-	-
app_acl	Request throttling policies	No	-	-	-	-	-
set_resp_headers	Response header management plug-ins	No	-	-	-	-	-
vpc_backup	Primary/Standby VPC channels	No	-	-	-	-	-
sign_aes	AES signature keys	No	-	-	-	-	-
kafka_log	Adding, deleting, modifying, and querying Kafka log push plug-ins	No	-	-	-	-	-
backend_retry_count	Backend retry configuration	No	-	-	-	-	-
policy_sys_param	Using system parameters in backend policy conditions	No	-	-	-	-	-
breaker	Circuit breakers	No	-	-	-	-	-
content_type_configurable	Returning request parameter type (Content-Type) when querying APIs	No	-	-	-	-	-
rate_limit_plugin	Request throttling plug-ins	No	-	-	-	-	-
breakerv2	Circuit breakers for degrading services in case of overload	No	-	-	-	-	-
sm_cipher_type	Encrypting local sensitive data with commercial cryptographic algorithms	No	-	-	-	-	-
rate_limit_algorithm	Request throttling algorithm switchover	No	-	-	-	-	-

last updated: 2024-11-13 13:54 UTC - commit: 0a62e5dc1182b13184917e7aa490e164e6eb655a