Features and benefits
Gloo Platform Portal is a key part of managing the API services that you expose via Gloo Gateway. Portal uses Gloo Platform's custom resources (CRs) to provide the tools you need to create a secure developer portal.
Challenges of API portals
Some of the key challenges of API management that Portal helps address are as follows:
- Self-service API registration: Any developer portal needs a way to discover the APIs to include. Ideally, the portal can automatically discover APIs in a way that does not disrupt your current app deployment and DevOps processes. Your portal admins should not have to help onboard each API.
- Flexible API products: Especially in microservice architectures, you might have hundreds of APIs. Exposing all of these APIs together might not be helpful for your users. Instead, you need a way to bundle APIs into different products. An API might be part of several different products.
- Usage plans for API products: Usage plans control how your API products can be used, such as the number of times an API can be called within a certain timeframe. Often, your usage plans are tied to billing concerns, such as different prices for different plans.
- Flexible portal deployments: Just as you have different API products and usage plans, you might need different developer portals. For example, you might have separate internal and external portals, regional portals, or partner vs. end-user portals.
- Audience management: As a portal administrator, you have several audiences. First, you might work with internal teams of developers and operators who help set up the developer portal, your “backend” audiences. Second, you might have several different sorts of end-users, such as internal teams that consume your APIs, external partners, or general consumers. These end-users might be thought of as “frontend” audiences. Your portal solution must be able to secure access for both backend and frontend audiences appropriately.
- Portal web UI and branding: Your end-users need a way to find, review, and use your API products. As such, you must be able to customize the developer portal's web UI so that your company style, logos, and other branding elements are consistent.
- API documentation: API documentation is at the heart of how end-users interact with your APIs. The best API documentation is not only automatically generated from your apps, but also appears seamlessly in the branded web UI of your developer portal.
- Observability: With many APIs comes the challenge of observability. You need a way to quickly find and check the health of all the resources that support your developer portals. This way, you can better manage and troubleshoot any issues that occur.
Gloo Platform Portal benefits
One of the unique features of Gloo Platform Portal is its architecture. You can use the same Gloo CRs to design and secure your portal as you use for the rest of Gloo Platform. This flexible architecture lets you reuse existing configuration to manage all parts of your API microservices more consistently.
Review the following table to learn more about Gloo Platform's unique approach to solving the key challenges of API management.
|Self-service API registration||Kubernetes labels on deployments, ApiDocs, RouteTables||Your developers continue to deploy their apps in Kubernetes as they normally do. They can choose to label their services so that Gloo automatically detects and creates an ApiDoc for their service. Or, if they do not want to change their app configuration, they can manually create an ApiDoc. Similarly, the team can set up the route tables either to automatically include new services as routes via labels or by manually adding the routes. This flexibility lets your team take the best approach for your internal DevOps processes. For more information, see Create your APIs.|
|Flexible API products||RouteTables||By separating the API product from the apps, your developers do not necessarily have to know or select which products their apps belong to. Instead, the product owner or portal admin can decide to bundle several apps into one or many API products. By using a Gloo route table, you can automatically add apps via Kubernetes labels or specify them at more fine-grained levels. You also get more advanced networking control, such as matching, redirect, rewrite, direct response, and forwarding actions. This way, you can set up complex rules for how your API products behave under different circumstances. For more information, see Bundle your APIs into API products.|
|API versioning and lifecycle management||RouteTables||The route table that represents your API product includes a special portal metadata section. In the portal metadata, you can customize details about your API product, such as by providing a title, description, version, terms of service, licensing, and lifecycle management information. After you deploy a frontend application for your portal, your end users can review the metadata in the portal to help them use your API products.|
|Usage plans for your API products||ExtAuthPolicies, RateLimitPolicies, RouteTable, Portal||Instead of creating separate usage plan resources, Gloo takes a more flexible approach. You create the same external auth and rate limiting policies that you do to secure your apps in general. Then, you apply these policies to the routes that are in the route table for your API products. You name these usage plans in the Portal resource. This way, you can reuse policies for many plans and portals as needed. Plus, each portal can set its own names and descriptions for the usage plans. This way, even if you reuse the same policies across many usage plans, the usage plans can have their own unique names that fit your portal's use case. For more information, see Prepare usage plans.|
|Flexible portal deployments||Portal||You can use the Portal custom resource to create a developer portal that you can share with your users. Each developer portal can be set up to serve only the APIs and usage plans that you want to expose to your users. For more information, see Create a developer portal.|
|Audience management||Portal groups||Portal provides multiple layers of authentication to manage your audiences. You might have usage plans that include a free tier that allows unauthorized access to a limited number of APIs. In addition, you can secure the APIs in the developer portal that your users consume by marking APIs as private, and setting up external authentication and authorization for your users. For more information, see Secure the developer portal.|
|API documentation||ApiDocs, sample React app||The ApiDoc resource has the OpenAPI spec for your apps. This spec can be used to automatically render your API documentation. You can reuse and customize the sample React app that Gloo provides to display your API documentation in the developer portal. The docs automatically appear when you add new APIs to your portal environment.|
|Portal web UI and branding||Sample React app, Portal metadata||You control how your developer portal is displayed to users. Gloo provides a sample React app that you can use as a starting point. Additionally, you can configure metadata in the Portal CR about your API products that shows up in the developer portal. This way, you don't have to update the developer portal app as often after the initial setup. For more information, see Build a developer portal frontend.|
|API usage analytics||Gloo UI, OTel telemetry pipeline, Clickhouse log storage||Review usage information about the API products that are exposed in your portal. You can review information such as total requests, total users, total services, and error rates. For more information, see Review API usage analytics.|
|Observability||Gloo UI, statuses, logs||Because Portal is implemented as any other Gloo resource, you get all of the Gloo Platform observability benefits. For example, you can review the backing Gloo portal, routing, and policy for each developer portal in the Gloo UI. Resource statuses are shown globally, for each individual resource, and for related resources. You can also check the management server, agent, and portal server logs for even more detail. For more information, see Monitor health.|
Frequently asked questions
What are the Portal components and who configures them?
See the Setup overview.
How many portals can I have?
You can have as many developer portals as you want. You create a separate Portal CR for each portal, but you might choose to reuse API products or usage plans by including the same route tables and policies.
Example uses cases for multiple portals:
- Internal vs. external developer portals
- Domain boundaries for customers, partners, and end-users
- Regional boundaries
What Gloo product is Portal for?
You can use Portal for the following Gloo Platform products:
- Gloo Gateway, your API gateway solution.
- Gloo Mesh, your service mesh management solution. If you deploy Portal in a Mesh-only environment, the portal would be internal-only. To expose your portal to external end-users, you must also have a Gateway license.
Gloo Platform Portal has the following known issues:
- The portal can become unavailable when misconfigured, such as if a usage plan name does not match the usage plan names in the rate limit server config.
- Route tables that are exposed in a portal do not support regular expression path rewrites.
- When you upgrade or install the portal server, the portal does not regenerate ApiDocs for APIs that are marked with service annotations for automatic discovery.