Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

On this page you will learn how to connect your Azure Gateway to Obsidian step-by-step.

Overview of this Guide

Prerequisites

The following is required to proceed:

  • A running Obsidian instance {tenant-id}.frontend.obsidian.local

  • Access to the Azure API Management with at least one service instance created

  • Docker to use the image of our agent (that acts as an intermediary)

Create a new Environment in Obsidian

To get started, simply open your Obsidian instance and follow the instructions below.

Add an Environment for Azure

  • Navigate to “Environments” in the menu on the left side

  • Click on the “Create New Environment” button

  • Fill in the form (as exemplarily shown below)

  • Confirm by clicking on the "Create New Environment" button

Request an Environment Token

  • Click on the “Request Token” button

  • Copy & save the token that appears above (it will be needed later)

(tick) You’ve completed the first step!

Provide the Gateway Information

The following describes how to create the gateway configuration for an Azure Gateway Agent.

Gateway Configuration

Create a new YAML file:

type: AZURE
subscriptionId: {azure-subscription-id}
serviceName: {azure-service-name}
resourceGroupName: {azure-resource-group-name}
tenantId: {azure-tenant-id}
clientId: {azure-client-id}
clientSecret: {azure-client-secret}

  • subscriptionId: Insert the ID of the subscription that is assigned to your Azure API Management service

  • serviceName: Insert the name of your Azure API Management service instance

  • resourceGroupName: Insert the name of the resource group that is assigned to your Azure API Management service instance

  • tenantId/clientId/clientSecret: Insert the credentials of an authorized application

See our Q&A below if you want to learn more about how to get these values.

Currently, each Azure agent is specific to one API Management service.
If you want to manage multiple services, you will require an agent instance for each service.

Example

type: AZURE
subscriptionId: abc123ab-c123-abc1-23ab-c123abc123ab
serviceName: my-azure-api-management-service
resourceGroupName: my-azure-api-management-resource-group
tenantId: cba321cb-a321-cba3-21cb-a321cba321cb
clientId: 321cba32-1cba-321c-ba32-1cba321cba32
clientSecret: ~ABC1~23ABC123ABC123ABC123ABC123ABC123AB

Q&A

 Where do I get the subscriptionId, serviceName and resourceGroupName?

  • Go to the Overview page of your Azure API Management service

    • The serviceName is displayed at the top left (see screenshot)

    • The resourceGroupName is displayed in the overview under "Resource group”

    • The subscriptionId is displayed in the overview under “Subscription ID”

 How do I get the tenantId, clientId and clientSecret?

We recommend creating an application via Azure Active Directory to access the API Management Service. Below is a description of how to do this and how to obtain the required IDs and the client secret.

Step 1 of 2: Create a new Application in Azure Active Directory

  • Now click on Add a certificate or secret (see Screenshot)

  • After that click on New client secret and add a new secret

  • The requested clientSecret will now be displayed

(warning) Important: Save the secret value, because it will no longer be displayed after you have left the page!

Note that the created application must also be assigned to the API Management Service (see Step 2), otherwise there is no link between the API Management service and the Application.

Step 2 of 2: Assign the Application to your Azure API Management Service

  • Go to the Overview page of your Azure API Management service

    • Select Access control (IAM) in the menu on the left side

    • Click on Add role assignment in the interface

    • Select the Role “API Management Service Contributor” to grant the necessary permissions

    • Click on Members (next to Role) or Next (at the bottom) to continue

    • Add your Application to the list of Role members

    • Click on Review + assign (next to Members) or Next (at the bottom) to continue

    • Confirm by clicking on the ”Review + assign”-Button (at the bottom)

(tick) You’ve completed the second step!

Create an Agent as Intermediary

The following describes how to create a Docker container for the agent. It is described using a Docker compose file so that additional agents can be easily added to your docker stack later.

Agent Configuration

Create a docker-compose.yml:

version: '3.3'
services:

# Azure Gateway Agent

  spring-azure-agent:
    image: ghcr.io/apiida/obsidian-agent:latest
    environment:
      - 'agentToken={the-token-requested-in-step-1}'
      - 'backendUrl=wss://{your-tenant-id}.backend.obsidian.local/jsonRpc'
      - 'gateway-config=/workspace/azureConfig.yaml'
    volumes:
      - {path-to-the-agent-config-created-in-step-2}:/workspace/azureConfig.yaml:rw

  • agentToken: Insert the token that you’ve received in the first step

  • backendUrl: Insert your tenant id into the backend URL

  • volume: Add the path to your gateway configuration (the file you’ve created in the second step)

Example

version: '3.3'
services:

# Azure Gateway Agent

  spring-azure-agent:
    image: ghcr.io/apiida/obsidian-agent:latest
    environment:
      - 'agentToken=3:9b811c57-bdbf-4539-923f-25b7b5c16b4a'
      - 'backendUrl=wss://example.backend.obsidian.local/jsonRpc'
      - 'gateway-config=/workspace/azureConfig.yaml'
    volumes:
      - ./azureConfig.yaml:/workspace/azureConfig.yaml:rw

(tick) You’ve completed the third step!

You're ready to establish the connection between Obsidian and your Azure Gateway.

Establish the connection

Establish the connection between Obsidian and your Azure Gateway by starting the Agent (respectively the docker container that contains the agent).

Start your Agent

For example, execute the following command in the directory where the docker compose file is located to start the docker container that contains the agent you have just configured:

docker-compose up -d

Check the Agent's Status

  • Head over to your Obsidian instance

  • Select “Environments” in the menu on the left side

    • Your Azure Gateway should now be connected to Obsidian

(tick) You’ve completed the last step!

You can now interact with your Azure Gateway through Obsidian. Try it right now and discover your APIs!

💡 Tip: It is easy to add more agents!

Repeat this guide or that of another gateway and simply add the agents to the existing Docker compose file.

  • No labels