Note:

• This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
• It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.

Migrate APIs from Oracle API Gateway to Oracle Cloud Infrastructure API Gateway

Introduction

Oracle API Gateway is a widespread on-premises platform used by companies that in the past wanted to expose their legacy systems through APIs for integration with web, mobile or even client-server applications.

In this tutorial, we will explain a way to migrate the APIs implemented in Oracle API Gateway to a more modern, scalable technology, within cloud native standards and that can be used in hybrid environments (cloud or on-premises). The proposal is to accelerate this migration to the Oracle Cloud Infrastructure API Gateway (OCI API Gateway).

The OCI API Gateway service allows you to publish APIs with accessible private endpoints on your network that you can expose with public IP addresses if you want them to accept internet traffic. Endpoints support API validation, request and response transformation, CORS, authentication and authorization, and request limitation.

Using the OCI API Gateway service, you create one or more API gateways on a regional subnet to process API client traffic and route it to back-end services. You can use a single API gateway to link multiple backend services (such as OCI Load Balancer, OCI Compute instances, and OCI Functions) into a single consolidated API endpoint. You can access the OCI API Gateway service to define API gateways and API deployments using the OCI Console and the REST API.

The OCI API Gateway service is integrated with Oracle Cloud Infrastructure Identity and Access Management (OCI IAM), which provides easy authentication with native OCI identity functionality.

This tutorial allows you to prepare artifacts for migration to the OCI API Gateway and should be used in conjunction with this other tutorial: Implement an Automation to Deploy an OpenAPI spec into OCI API Gateway.

Note:

• These artifacts will:

  • Create a Swagger specification from the Oracle API Gateway XML exported file automatically.

  • Allow OCI API Gateway to import automatically from the generated Swagger specification.

  • See what processes and orchestration needs to be implemented on Oracle Integration and be integrated with OCI API Gateway.

• These artifacts WILL NOT complete the migration from Oracle API Gateway to OCI API Gateway as is. You will need to implement some integrations to orchestrate steps. Sometimes, analyze the context of your APIs will take your application to a modern approach and to a more cloud native environment.

Strategy to Migrate from Oracle API Gateway to OCI API Gateway

This strategy does not allow as is migration directly to the OCI API Gateway as they are slightly different technologies. While the Oracle API Gateway has mechanisms to create mappings between paths and their policies, generating complex treatment rules for authorization/authentication, HEADERs, call orchestrations with business rules and other complexities of an API; The OCI API Gateway works only as an API gateway, allowing some processing of HEADERs, establishing some timeout and throttling principles, but without major complexities. The tool aims to be simpler and delimits its functionalities precisely because it is part of a range of services that complement the other functionalities that were left out.

Objectives

• Migrate APIs from Oracle API Gateway to OCI API Gateway.

• Divide the routing of APIs for the OCI API Gateway and the complexities and orchestration rules for Oracle Integration.

Task 1: Export the Oracle API Gateway APIs

Oracle API Gateway can export all definitions in a XML file. We will use this artifact to accelerate the process of migration. For more information about how to export APIs definitions in the Oracle API Gateway, see Exporting API Gateway configuration.

You will get an XML file that will contain all the API definitions.

Task 2: Convert the Oracle API Gateway XML to a Swagger Specification

We will use the Oracle API Gateway XML file to convert it into a YAML Swagger file.

1. Change the variable filename to your exported Oracle API Gateway XML file and run the following Python file: generate_swagger.py.

   

   

   

   You will receive files with YAML extension. Each file is a Swagger definition for an API defined in the Oracle API Gateway.

   Some lines are commented in the Swagger definition. These lines represent the Oracle API Gateway orchestration on each API. This will help to plan and construct the orchestration in Oracle Integration.

2. Change the map_details.py Python file to include your Oracle API Gateway XML definition file and a filename for your output mapping definitions.

   

   After run this Python code, you will get a more detailed definitions for each orchestration steps mentioned in the Swagger.

   

Task 3: Deploy the Swagger to OCI API Gateway

With the Swagger file, we can import into OCI API Gateway through an automation process. All the YAML files generated by the Python code can be deployed in the OCI API Gateway with this project. For more information, see Implement an Automation to Deploy an OpenAPI spec into OCI API Gateway.

This project will import the Swagger specification generated here and will deploy the APIs to use. You will need to adjust the backends manually as part of this documentation.

Task 4: Implement the Orchestration in Oracle Integration

In this task, we need to analyze case by case and implement the orchestration, business rules and validations.

First of all, we must analyze each step of the APIs in Oracle API Gateway. Some steps are business rules and orchestrations and these should be part of an implementation in Oracle Integration. This implementation can be exposed in the OCI API Gateway, thus following the same processes executed in Oracle API Gateway.

However, there are several steps that would not need to be implemented within Oracle Integration, some of them:

• Authentication and authorization.
• Treatment of HEADERs, QUERY parameters and BODY.
• Routing paths.

Authentication and authorization processes can and should be implemented in the OCI API Gateway layer. There are several ways to implement this, through JWT, OAuth2, among others; in addition to allowing customization, see Passing Tokens to Authorizer Functions to Add Authentication and Authorization to API Deployments.

HEADER (as well as QUERY parameters and BODY) processing can be done in the OCI API Gateway itself. Processing can be done in both REQUEST and RESPONSE.

Logs can also be handled in the OCI API Gateway, but it is always good to have the entire circuit logged, that is, if there are implementations in Oracle Integration, try to implement the logs there as well.

Related Links

• Implement an Automation to Deploy an OpenAPI spec into OCI API Gateway

• Install the OCI CLI

• Creating Your First API Gateway In The Oracle Cloud

• Functions QuickStart Guides

• Oracle Functions Samples

• Passing Tokens to Authorizer Functions to Add Authentication and Authorization to API Deployments

• Create a JWT Token in Java for Oracle Identity Cloud Service

• Protect APIs with API Gateway using Oracle Identity Cloud Service/IAM JWT with Scopes and Claims

• Exporting API Gateway configuration

Acknowledgments

• Author - Cristiano Hoshikawa (Oracle LAD A-Team Solution Engineer)

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.

---

Title and Copyright Information

Migrate APIs from Oracle API Gateway to Oracle Cloud Infrastructure API Gateway

G27078-01

February 2025

Copyright ©2025, Oracle and/or its affiliates.