Hybrid cloud API management

US 10,425,465 B1
Filed: 07/29/2016
Issued: 09/24/2019
Est. Priority Date: 07/29/2016
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

providing, by a local API proxy deployed at a local deployment environment, a key to a remote API management server that is not deployed at the local deployment environment;

receiving, at the local API proxy, a first request from an application for a token that authorizes the application to utilize the local API proxy to service API requests;

in response to receiving the first request, providing, by the local API proxy and to the remote API management server, a second request for the token where the second request identifies the local API proxy and the application;

receiving, from the remote API management server and in response to the second request, the token, where the token includes access permissions for the application signed by the key provided to the remote API management server by the local API proxy;

providing the token to the application as a response to the first request;

receiving, from the application and at the local API proxy deployed at the local deployment environment, an API request that includes the token;

determining whether the token in the API request is valid based on whether the token is signed by the remote API management server with the key provided by the local API proxy to the remote API management server;

in response to determining that the token is valid, utilizing the local API proxy to service the API request at the local deployment environment;

establishing a connection with the remote API management server after the API request is serviced by the local API proxy; and

providing to the remote API management server, via the connection, at least metadata about the API request.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of serving an API request includes receiving the API request at a local API proxy deployed at a local deployment environment. The method includes utilizing the local API proxy to service the API request at the local deployment environment, establishing a connection with a remote API management server, and providing to the remote API management server, via the connection, at least metadata about the API request.

Citations

18 Claims

1. A method, comprising:
- providing, by a local API proxy deployed at a local deployment environment, a key to a remote API management server that is not deployed at the local deployment environment;
  
  receiving, at the local API proxy, a first request from an application for a token that authorizes the application to utilize the local API proxy to service API requests;
  
  in response to receiving the first request, providing, by the local API proxy and to the remote API management server, a second request for the token where the second request identifies the local API proxy and the application;
  
  receiving, from the remote API management server and in response to the second request, the token, where the token includes access permissions for the application signed by the key provided to the remote API management server by the local API proxy;
  
  providing the token to the application as a response to the first request;
  
  receiving, from the application and at the local API proxy deployed at the local deployment environment, an API request that includes the token;
  
  determining whether the token in the API request is valid based on whether the token is signed by the remote API management server with the key provided by the local API proxy to the remote API management server;
  
  in response to determining that the token is valid, utilizing the local API proxy to service the API request at the local deployment environment;
  
  establishing a connection with the remote API management server after the API request is serviced by the local API proxy; and
  
  providing to the remote API management server, via the connection, at least metadata about the API request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein the servicing the API request includes proxying the API request to a server in the local deployment environment.
  - 3. The method of claim 1, wherein a plurality of local API proxies are managed by the remote API management server.
  - 4. The method of claim 1, further comprising configuring the local API proxy, wherein configuring the local API proxy includes registering the local API proxy with the remote API management server.
  - 5. The method of claim 1, wherein the providing at least the metadata includes communicating with the remote API management server using a pre-exchanged secret.
  - 6. The method of claim 1, wherein the metadata includes metadata about a plurality of API requests.
  - 7. The method of claim 1, wherein the metadata is used by the remote API management server to analyze API request statistics.
  - 8. The method of claim 1, wherein the metadata includes a latency of the servicing the API request.
  - 9. The method of claim 1, further comprising configuring the local API proxy, including:
    - establishing a secure connection between the local API proxy and the remote API management server;
      
      generating a public key;
      
      generating a private key; and
      
      sending the generated private key.
  - 10. The method of claim 9, wherein the key comprises the private key.
  - 11. The method of claim 10, further comprising validating the API request, wherein the validating includes authenticating the signed token using the public key.
  - 12. The method of claim 11, wherein if the token is not authenticated, the API request is not allowed to proceed.
  - 13. The method of claim 9, wherein the token is relayed by the local API proxy.
  - 14. The method of claim 1, wherein the API request includes a credential, the credential is provided to the remote API management server and the remote API management server provides an indication that the API request is allowed to proceed.
  - 15. The method of claim 1, further comprising:
    - validating the API request;
      
      if the API request is validated, allowing the API request to proceed; and
      
      if the API request is not validated, not allowing the API request to proceed.
  - 16. The method of claim 1, further comprising receiving, from the remote API management server, privileges, wherein the privileges identify whether the API request is allowed.

17. A system comprising:
- one or more computers and one or more storage devices storing instructions that are operable, when executed by the one or more computers, to cause the one or more computers to perform operations comprising;
  
  providing, by a local API proxy deployed at a local deployment environment, a key to a remote API management server that is not deployed at the local deployment environment;
  
  receiving, at the local API proxy, a first request from an application for a token that authorizes the application to utilize the local API proxy to service API requests;
  
  in response to receiving the first request, providing, by the local API proxy and to the remote API management server, a second request for the token where the second request identifies the local API proxy and the application;
  
  receiving, from the remote API management server and in response to the second request, the token, where the token includes access permissions for the application signed by the key provided to the remote API management server by the local API proxy;
  
  providing the token to the application as a response to the first request;
  
  receiving, from the application and at the local API proxy deployed at the local deployment environment, an API request that includes the token;
  
  determining whether the token in the API request is valid based on whether the token is signed by the remote API management server with the key provided by the local API proxy to the remote API management server;
  
  in response to determining that the token is valid, utilizing the local API proxy to service the API request at the local deployment environment;
  
  establishing a connection with the remote API management server after the API request is serviced by the local API proxy; and
  
  providing to the remote API management server, via the connection, at least metadata about the API request.

18. A non-transitory computer-readable medium storing software comprising instructions executable by one or more computers which, upon such execution, cause the one or more computers to perform operations comprising:
- providing, by a local API proxy deployed at a local deployment environment, a key to a remote API management server that is not deployed at the local deployment environment;
  
  receiving, at the local API proxy, a first request from an application for a token that authorizes the application to utilize the local API proxy to service API requests;
  
  in response to receiving the first request, providing, by the local API proxy and to the remote API management server, a second request for the token where the second request identifies the local API proxy and the application;
  
  receiving, from the remote API management server and in response to the second request, the token, where the token includes access permissions for the application signed by the key provided to the remote API management server by the local API proxy;
  
  providing the token to the application as a response to the first request;
  
  receiving, from the application and at the local API proxy deployed at the local deployment environment, an API request that includes the token;
  
  determining whether the token in the API request is valid based on whether the token is signed by the remote API management server with the key provided by the local API proxy to the remote API management server;
  
  in response to determining that the token is valid, utilizing the local API proxy to service the API request at the local deployment environment;
  
  establishing a connection with the remote API management server after the API request is serviced by the local API proxy; and
  
  providing to the remote API management server, via the connection, at least metadata about the API request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google LLC (Alphabet Inc.)
Inventors
Jha, Prabhat, Arora, Akhil, Brail, Gregory, Nally, Martin, Johnson, Peter
Primary Examiner(s)
Nano, Sargon N

Application Number

US15/224,294
Time in Patent Office

1,152 Days
Field of Search
US Class Current
CPC Class Codes

H04L 67/01   Protocols

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

H04L 67/1097   for distributed storage of ...

H04L 67/53   using third party service p...

H04L 67/565   Conversion or adaptation of...

Hybrid cloud API management

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Hybrid cloud API management

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links