API Gateway delivery settings
For your API delivery settings you can configure various optional features
that can help you manage your APIs more efficiently, improve interoperability, gain control
over API access, and enhance the overall performance of your API traffic. You can configure
the delivery features at any time between registering an API and activating an API
API privacy By default, your registered APIs are public and don’t require API key authentication. You can allow API keys to govern access to an API and all its resources by making the API private. By doing so, you improve the protection of your API and gain control over quota settings. If you wish, you can still make individual resources public within your registered private API. JSON web token (JWT) validation JSON web token is an open standard (RFC 7519) that defines a compact and self-contained method for securely transmitting JSON-encoded information between parties. With Akamai, you can use JWTs to quickly identify and authorize API consumers who send requests to your API. Cross-origin resource sharing (CORS) CORS provides user agents—typically browsers—with a way to request access to restricted resources that reside on external domains. Caching At Akamai, caching refers to objects retrieved from your origin server and stored at any number of edge servers. Edge servers can quickly deliver the cached objects to your API consumers. GraphQL caching GraphQL is an open-source query language and data manipulation language that you can use to deliver structured API content to clients. This ensures clients receive exactly the content they request while preventing both over-fetching and under-fetching of data. GraphQL has no native query caching to avoid refetching resources, and standard HTTP caching will not work for a GraphQL API. GZIP compression GZIP compression helps you save bandwidth efficiently by ensuring the proper compression of selected responses in outbound API traffic. Error response customization (beta) If an inbound client request fails API Gateway validation, the client receives an error response with a default description of an error in a JSON format and a default status code. For selected errors, you have an option to customize these details. For example, you can include in a response helpful guidelines on how to resolve a particular error and set a status code that more aptly reflects the nature of an error.