Jitterbit API gateways

Overview

When an API Manager API is called, connectivity to the API is enabled through an API gateway. API gateways handle the security tasks involved in accepting and processing calls made to an API Manager API.

There are two types of API gateway:

Cloud API gateways: These gateways are hosted and managed by Jitterbit.
Private API gateways: These gateways are installed, hosted, and managed by you. They provide complete control over your APIs' authorization, routing, rates, and payload storage and processing.

Release schedule and release notes

The release schedule for the API gateway varies depending on the gateway type:

The cloud API gateway is updated automatically following the Harmony release schedule.
An updated private API gateway installer becomes available from the Downloads page at the conclusion of the Harmony release and Sandbox Cloud Agent Group upgrade.
The private API gateway Docker image becomes available at Docker Hub at the conclusion of the North America (NA) region Production Cloud Agent Group release.

In the Harmony release notes, each API gateway type is included as a separate line item in the release dates table at the top of each release notes page. Individual release notes are listed under the API gateway heading, with any relevant applicability to certain gateway types included within the release notes.

Request limits and error handling

API gateways implement request limits and return these HTTP error codes for the following errors:

HTTP error code	Description
`403 (Forbidden)`	The API gateway rejected the request due to insufficient permissions or authentication failure. This occurs when the request lacks valid credentials, uses an expired or invalid API key, violates IP address restrictions, or attempts to access an API without proper authorization through the assigned security profile.
`404 (Not Found)`	The requested API endpoint could not be found. This typically occurs when the service URL is incorrect, the API has been unpublished or deleted, the environment URL prefix is invalid, or there's a mismatch in the API version or service root specified in the request URL.
`414 (URI Too Large)`	The API service URL exceeds the 8,000 character limit.
`429 (Too Many Requests)`	The request is rejected due to rate limiting. This occurs when the request exceeds the organization's API hits per minute allowance, violates environment-level rate limits, exceeds security profile rate limits, or when the organization has consumed its monthly API hits allowance.