Start a new topic
Answered

Is it possible to forward REST API calls?

We want to use CrushFTP as the only "gateway" to our backend services. This far we have the usage of Uploading files, sftp and AS2 which works very well in our tests but now we see a need for "proxy-ing" REST API's.


I have found the "tunnels" function but that seems to be tied to localhost somehow, I was thinking if I could possibly use the reverse proxy function.


Which (if any) function would be better to forward a REST API request?


Regards,

Anders


Best Answer

There is another port type for PortForward.  You can use a specific port, that will be reverse proxied to an internal destination and port.  Its effectively allowing direct connectivity as there is no protocol translation, etc going on...  That will do what you want.


--Ben


Answer

There is another port type for PortForward.  You can use a specific port, that will be reverse proxied to an internal destination and port.  Its effectively allowing direct connectivity as there is no protocol translation, etc going on...  That will do what you want.


--Ben

Ok, thanks that would do the trick for now!


Do you have any plans for adding "API gateway" support?

I mean to function as a REST/HTTP(S) bridge for API's.

I think this would be a very sought-after function, especially if you add https/token (e.g. OAUTH2) and API key functions in there. That way CrushFTP could serve as the API entrance and protect API servers hosted in the internal network.

This won't be anything in the short term...  Something I'll keep in mind, but we have a fairly ambitious feature set we plan to add in v8 already.


1 person likes this

Working as a consultant for many customers I see a very high demand for "API gateway" functions. The problem is often that API's are published from internal systems or platforms but need to be exposed to the Internet, and to add to the problems, often using different security mechanisms.

Internally you might use a API key that you don't want to share publicly, or maybe an internal trust-store with client-authentication that you can't share publicly.


Being able to offer a API gateway that can "bridge" the security needs and be exposed to the Internet is something that the market really needs, e.g. OAUTH2 over the Internet but API key internally.


There are of course many products on the market for API Management but those are whole platforms in themselves, what I see the need of is a "gateway" only function, much as the AS2 support you already ave implemented!

Login to post a comment