Endpoints is a distributed API management system. It provides an API console, hosting, logging, monitoring, and other features to help you create, share, maintain, and secure your APIs. This page provides an overview of Cloud Endpoints for OpenAPI. For information on other types of API frameworks supported by Endpoints, see All Endpoints docs.
Endpoints uses the distributed Extensible Service Proxy (ESP) to provide low latency and high performance for serving even the most demanding APIs. ESP is a service proxy based on NGINX, so you can be confident that it scales as needed to handle simultaneous requests to your API. ESP runs in its own Docker container for better isolation and scalability and is distributed in the Container Registry. You can use it with App Engine flexible, Google Kubernetes Engine (GKE), Compute Engine or Kubernetes.
Endpoints uses Service Infrastructure to manage APIs and report logs and metrics. Most Google Cloud Platform (GCP) APIs use this same infrastructure. You can manage and monitor your APIs on the Endpoints Services page in the Google Cloud Platform Console.
Hosting an API
Endpoints is optimized for the Docker container environment. You can host your API anywhere Docker is supported so long as it has internet access to GCP.
However, Endpoints provides an optimized workflow to run your APIs on the following:
- Compute Engine
- App Engine flexible environment, which includes built-in ESP.
Developing a REST API with Endpoints for OpenAPI
Endpoints is language independent. You build your API in any language and REST framework that supports API description using an OpenAPI configuration file.
To use Endpoints for OpenAPI, you:
Configure Endpoints: You describe the API surface and configure Endpoints features, such as API keys or authentication rules, in an OpenAPI configuration file.
Deploy the Endpoints configuration: After you define your API in an OpenAPI configuration file, you use the Cloud SDK to deploy it to Service Management, which Endpoints uses to manage your API. Now Endpoints knows all about your API and how to secure it.
Deploy the API Backend: You deploy ESP and your API backend to a supported GCP backend, such as Compute Engine. ESP coordinates with Endpoints backend services to secure and monitor your API at runtime.
Controlling API access
Endpoints lets you configure your API to require an API key for any call and validates the API key. You can also use the Google Cloud Platform Console to share your API with other developers so they can enable your API and generate API keys to call it.
Authenticating API users
Note that your API server still needs to decide what the authenticated user can do with your API. For more information, see the GCP Auth guide.