IGLU: How to make schemas accessible without apikey?


#1

Hi, I set up an IGLU instance using the 0.3.0 docker image (plus postgress images) with docker-compose and inserted the master key for an vendor, which was straight forward.
Is it possible to make the GET API endpoint public - i.e. make it accessible without apikey, but keep the POST/PUT/DELETE endpoints protected by the apilkey?

Many thanks,
Dirk


#3

Hi @drejahl ,

Iglu Server offers multiple GET endpoints and 3 of them are used without apikey authentication. There is a padlock icon next to each endpoint, if that endpoint uses apikey authentication.

If you are asking for enabling/disabling authentication for an endpoint dynamically, it isn’t possible.

Let me know if you have more questions.

Thanks,
Oguzhan


#4

Hi @oguzhanunlu,
on my swagger UI there is only one GET endpoint without authentication which retrieves all public schemas.
Unfortunately I am not able to GET one specific schema - e.g.
https://i-glu.digiglu.io/api/schemas/digiglu/example/jsonschema/1-0-0

Do I miss anything?

Thanks,
Dirk


#5

Hi @drejahl , there are 3 main sections in Swagger UI and there is only one endpoint under schemas which is used without authentication. In my previous reply, I referred to the number of all endpoints used without authentication.

As you experienced, you can’t use GET /vendor/name/format/version endpoint without authentication. You need to insert your read API key into the input box placed at the right top of Swagger UI, then click on “Try it out” button for GET /vendor/name/format/version endpoint.

Let us know if something isn’t clear.

Thanks,
Oguzhan