Skip to content

API

The API Configurations help in controlling how the API Server and Celery workers behave.

Some of the commonly used configurations are:

  • LICENSE_KEY: The corridor license-key to use to enable the application
  • API_KEYS: The API keys to accept requests from
  • SQLALCHEMY_DATABASE_URI: The Database URI to connect to for the Metadata Database
  • FS_URI: The FileSystem URI to connect to for File Management
  • CELERY_BROKER_URL: The URL of the Celery Broker (The Redis server for task queue management)
  • CELERY_RESULT_BACKEND: The URL of the Celery Backend (The Redis server for task queue management)

Encrypting Settings

For added security, Corridor provides CLI tools to store settings in an encrypted format so that confidential information is not present in plain-text form.

The api_config.py configuration file has a corresponding secret file api_config.secret.py from which encrypted settings are read and loaded (if file is present).

To encrypt/decrypt values of settings, users can use corridor-api CLI tool.

The key used for encryption and decryption can be configured using the SECRET_KEY setting in api_config.py

Example

For the database URI oracle+cx_oracle://db_user:db_p4ssw0rd@localhost:1521/?service_name=corridor_prod_db, where:

  1. oracle+cx_oracle://: This indicates the database driver being used. In this case it's a combination of Oracle driver and cx_Oracle library for Python.
  2. db_user: This is the username used to authenticate and access the database.
  3. db_p4ssw0rd: This is the password associated with the provided username.
  4. localhost: This is the hostname of the server where the Oracle database is running.
  5. 1521: This is the port number that the Oracle server is listening on.
  6. corridor_prod_db: This is the service name of the database the application is connecting to.

It is generally not advised to store this URI in plain text form as it contains sensitive information like access credentials to the database. To store the value for the setting SQLALCHEMY_DATABASE_URI in encrypted form,

  1. Encrypt the value using corridor-api CLI
$CORRIDOR_HOME/venv-api/bin/corridor-api settings encrypt 'oracle+cx_oracle://db_user:db_p4ssw0rd@localhost:1521/?service_name=corridor_prod_db'

Copy the encrypted form of the value from stdout

  1. Store the encrypted secret in api_config.secret.py
SQLALCHEMY_DATABASE_URI = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX='
  1. To decrypt the value,
$CORRIDOR_HOME/venv-api/bin/corridor-api settings decrypt 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX='