API Gateway 10.11 | Administering API Gateway | Operating API Gateway | General Administration Configuration | Configuring Extended Settings
 
Configuring Extended Settings
You must have the API Gateway's manage user administration functional privilege assigned to configure the extended settings.
You can configure advanced parameter settings in the Extended settings section. These parameters affect the operation of your server. You must not change these settings unless requested to do so by Software AG Global Support. You can configure the watt parameter settings in this section.
*To configure the extended settings
1. Expand the menu options icon menu options, in the title bar, and select Administration.
2. Select General > Extended settings.
3. Click Show and hide keys. This displays all the configurable parameters.
4. You can configure any of the following parameters in the Extended keys section by providing the required values. The configured values are listed under Extended settings at the top of the page.
Parameter and Description
allowEGInvokeOnly
Specifies whether the SOAP APIs with Transport policy set to http, can be invoked using the reverse invoke method when you set the external port as https, and the Registration and Internal ports as http. Ensure you enable this setting in the system where the SOAP API is created.
Note:
This setting affects only the behavior of SOAP APIs. You can invoke the REST APIs using the reverse invoke method, irrespective of this setting, given the above said conditions are true.
Possible values:
*true. You can invoke SOAP APIs using the reverse invoke method if the external port is set as https, and the Registration and Internal ports are set as http.
*false. You cannot invoke SOAP APIs using the reverse invoke method.
allowExceedMaxWindowSize
Specifies whether the number of records retrieved by Elasticsearch in a single request exceeds the configured value or not.
Possible values:
*true. The number of records retrieved in a single request can exceed the maximum value configured in Elasticsearch. This is the default value.
*false. Displays an error message when the number of records retrieved in a single request exceeds the configured value.
apiDocumentsRestrictedExtension
Specifies the list of restricted file extensions to prevent users from uploading files with those extensions as the input document for an API. For example, a file with the .exe file extension could contain executable code that run on demand when it is downloaded. If files with the .exe file extension are restricted, users cannot upload a file with the .exe extension in API Gateway.
By default, several standard file extensions are blocked, including any file extensions that are treated as executable files by Windows Explorer. The file extensions blocked by default are:
*.bat - Batch file
*.bin - Binary file
*.dll - Windows dynamic link library
*.exe - Executable program
You can remove any or all of the default file extensions.
apiDocumentsUploadSizeLimitInMB
Specifies the maximum document size, in MB, that can be uploaded as an input document for an API.
Default value is 5.
This prevents users from uploading huge files that might slow down the system.
apig_MENConfiguration_tickInterval
Specifies the time interval (in seconds) between each interval processor iteration.
The value, you provide, must be an evenly divisible fraction of the smallest policy interval, which is one minute.
Default value is 15.
Note:
Exercise caution when you modify this setting as this is a system level setting.
apig_rest_service_redirect
Specifies whether the incoming API requests must be redirected to the directives, /ws and /mediator for providing Mediator compatible endpoints.
Possible values:
*true. The incoming API requests are redirected to the directives, /ws or /mediator to provide Mediator compatible endpoints.
*false. The incoming API requests are not redirected to the /ws or /mediator directives. This is the default value.
apig_schemaValidationPoolSize
Specifies the pool size for the XML schema parsers. API Gateway uses parsers to validate the XML payload against the XML schema when you have selected Schema in the Validate API Specification policy of the API.
The default value is 10. Provide a bigger value to increase the performance of API Gateway in validating the XML schema of APIs.
apiGroupingPossibleValues
Specifies the names of API groups. You can organize your APIs by associating them to the relevant API groups. The groups provided, by default, are:
*Finance Banking and Insurance
*Sales and Ordering
*Search
*Transportation and Warehousing
You can add, edit, or delete API groups based on your requirement.
apiKeyExpirationPeriod
Specifies the time for which an API Key is valid. You can provide the value in seconds, minutes, days, months, or years. For example, 8 seconds, 8s, 10 months, 10m, 15 minutes, 15min.
The expiration date is computed as follows:
*When a new application is created: Expiration date = The time when an application is created + The value specified in the apiKeyExpirationPeriod parameter.
*When an API access key is regenerated: Expiration date = The time when the API key is regenerated + The value specified in the apiKeyExpirationPeriod parameter.
If you do not specify a value, then the API key never expires.
apiKeyHeader
Specifies the HTTP header name from which API Gateway retrieves the API key from incoming client requests.
The default value is x-Gateway-APIKey.
apiMaturityStatePossibleValues
Specifies the API maturity state values that can be set for an API. You can search for APIs based on their maturity status.
The default values provided are Beta, Deprecated, Experimental, Production, and Test.
appMesh.microgateway.logLevel
Specifies the log level of Microgateways that are deployed through API Gateway.
The default value is ERROR.
Possible values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL
backupSharedFileLocation
Specifies the file location where the data backup file has to be archived. The default location is SAGInstallPath/profiles/IS_default/workspace/temp/default.
The files are saved with the corresponding timestamp in the specified location. Only the run-time events are included in the archives.
clusterNotifierCacheStaleInterval
Specifies the time interval after which data in the ClusterNotifierCache is considered stale and is removed from the cache.
The default value is 900 seconds. If you provide a non-numeric value, API Gateway interprets the value as the default value of 900 seconds. If you provide a value less than 60 seconds, API Gateway interprets the value as the lower limit of 60 seconds.
The ClusterNotifierCache maintains a data structure which has an entry for each active member in a cluster. This data structure is used to communicate changes on API definitions, applications, policies, and so on, between the cluster members. When a cluster member shuts down gracefully it removes its entry from the data structure. However, when a cluster member process is killed the entry remains, and other cluster members continue posting notifications to the entry. In order to avoid endless growing resulting in performance degradation the cluster data structure is monitored for absent cluster members. If a cluster member has not reacted within the configured clusterNotifierCacheStaleInterval it is regarded as stale, and its data is removed from the ClusterNotifierCache.
customCertificateHeader
Specifies the header name of the request header in which the client certificate can be passed. API Gateway checks for the existence of this header and fetches the certificate and identifies the application.
The default value is X-Client-Cert.
The certificate included in the custom header can be in the following formats:
*Base64 encoded PEM certificate with BEGIN CERTIFICATE and END CERTIFICATE delimiters.
*Non-Base64 encoded PEM certificate with BEGIN CERTIFICATE and END CERTIFICATE delimiters.
*PEM certificate can be without BEGIN CERTIFICATE and END CERTIFICATE delimiters if a single certificate is added.
*URL encoded PEM certificate with BEGIN CERTIFICATE and END CERTIFICATE delimiters.
*URL encoded PEM certificate can be without the BEGIN CERTIFICATE and END CERTIFICATE delimiters if a single certificate is added.
PEM formatted certificates are defined to be Base64 encoded. Here, the certificate with delimiters are Base64 encoded to avoid the stripping off of the delimiters.
decodeAllDelimitersInURI
Specifies whether the encoded characters of URL in the incoming client requests must be decoded or not. The URLs are encoded as per the URI specs or user's requirements.
Possible values:
*true. The encoded characters in the URL of incoming requests are decoded.
*false. The encoded characters in the URL of the incoming client requests are not decoded. This is the default value.
defaultEncoding
Specifies the format for encoding the design time and run time invocation data.
The default value is UTF-8.
If you want to modify this value, Software AG recommends that you do it before starting API Gateway.
You can change the value in the gateway-core.xml file located in the folder: SAGInstallDir\IntegrationServer\instances\instance-name\packages\WmAPIGateway\config\resources\beans.
The property to be modified is: <entry key="defaultEncoding" value="UTF-8"/>.
Note:
Changing this value after starting API Gateway might make API Gateway non-functional. If API Gateway is clustered, then the same value should be updated in all nodes of API Gateway.
defaultLanguage
Specifies the display language for the user interface of API Gateway. You can change the display language to your preferred language at any time.
The default value is en.
defaultSearchResultSize
Specifies the default size in the search request for the events, and metrics data.
The default value is 1000. If you provide a value -1 it displays all the search results.
disableRemoteEntityReference
Specifies whether remote entity references are resolved when creating a SOAP API.
Possible values:
*true. Disables the resolving of remote entity references when creating SOAP APIs.
*false. Enables the resolving of remote entity references when creating SOAP APIs.
enableHotdeploy
Specifies whether the hot deploy functionality is enabled or disabled. When this setting is enabled, you can modify APIs that are active.
Possible values:
*true. Enables the hot deploy function. This is the default value.
*false. Disables the hot deploy function.
Note:
Ensure to refresh your browser when you modify this setting to reflect the changes to the ongoing user sessions.
enableImportBackup
This parameter provides an option to secure an API before overwriting it.
Available values are:
*true. If you set the value to true, the existing API is restored in the event of an error during the import. This is the default value.
*false. If you set the value to false, the feature to secure an existing API before overwriting is disabled. If the overwrite fails due to an error during the import, the existing API has to be deleted.
enableTeamWork
Specifies whether the Team Support feature in API Gateway is enabled.
Possible values:
*true. Enables the Team Support feature.
*false. Disables the Team Support featured. This is the default value.
For details on the feature, see Team Support.
esScrollTimeout
Specifies the time, in milliseconds, that the search results for each request must be kept active in Elasticsearch.
When the allowExceedMaxWindowSize setting is enabled, the Scroll feature of the Elasticsearch is enabled to allow Elasticsearch to accept multiple search requests and return multiple results. That is, you can perform multiple search requests using the same query till you get the desired number of records from Elasticsearch.
When you send a search request, Elasticsearch returns the result and keeps the result active for the time specified in the esScrollTimeOut setting. If a request exceeds the time specified in the esScrollTimeOut setting, then the subsequent search requests also fail with a Invalid Scroll ID error message. For more information on the Scroll feature, refer https://www.elastic.co/guide/en/elasticsearch/reference/current/​search-request-body.html#request-body-search-scroll.
events.collectionPool.maxThreads
Specifies the maximum number of threads to be used for the event data collection pool.
Each thread in this pool is assigned a task of collecting the events like transactions, error and performance metrics, and processing them for sending to destinations such as API Gateway, Elasticsearch, API Portal, and so on.
Specifying more number of threads implies that the processing of events for sending to the desired destinations is faster. At the same time, it increases the usage of system resources, which could result in slower service execution.
This value must be greater than or equal to the value of events.CollectionPool.minThreads.
Default value is 8.
events.collectionPool.minThreads
Specifies the minimum number of threads to be used for the event data collection pool.
Each thread in this pool is assigned a task of collecting the events like transaction, error and performance metrics and processing them for sending to the desired destinations such as API Gateway, Elasticsearch, API Portal, and so on.
Specifying less number of threads implies that processing of events for sending to the desired destinations is slower.
Default value is 1.
events.collectionQueue.size
Specifies the size of the collection queue to be used during event data collection. This is used in connection with the events.collectionPool.minThreads and events.collectionPool.maxThreads settings.
When events like transaction, error events, and performance metrics are generated during API invocations, they are put in the collection queue for further processing. Each thread in the collection pool is assigned a task of collecting these events and processing them for sending to the desired destinations such as API Gateway, Elasticsearch, API Portal, and so on.
If the queue capacity is reached, then any additional event data would be lost. Hence it is better to increase this size when there is an increase in incoming traffic.
Specifying a large collection queue size and small collection thread pool size might cause delay in processing the events data but ensures all the data are processed.
On the other hand, specifying a small collection queue size and large collection thread pool size might cause faster processing of the events data but keeps the CPUs busier and at the same time when the traffic increases there is a possibility of data loss when the collection queue size is full.
Default value is 10000.
events.reportingPool.maxThreads
Specifies the maximum number of threads to be used for the event data reporting pool.
Each thread in this pool is assigned a task of sending the events like transaction, error and performance metrics to the desired destinations such as API Gateway, Elasticsearch, API Portal, and so on.
Specifying more number of threads implies that sending of events to the desired destinations is faster. At the same time it increases the usage of system resources, which could result in slower service execution.
This value must be greater than or equal to the value of events.ReportingPool.minThreads.
Default value is 4.
events.reportingPool.minThreads
Specifies the minimum number of threads to be used for the event data reporting pool.
Each thread in this pool is assigned a task of sending the events like transaction, error and performance metrics to the desired destinations such as API Gateway, Elasticsearch, API Portal, and so on.
Specifying less number of threads implies that sending of events to the desired destinations is slower.
Default value is 2.
events.reportingQueue.size
Specifies the size of the reporting queue to be used during event data reporting. This is used in connection with the events.reportingPool.minThreads and events.reportingPool.maxThreads settings.
When events like transaction, error events, and performance metrics are generated during API invocations, they are put in the collection queue for further processing. Each thread in the collection pool is assigned a task of collecting these events, processing them and put in the reporting queue for sending to the desired destinations such as API Gateway, Elasticsearch, API Portal, and so on.
If the reporting queue capacity is reached, then any additional event data would be lost. Hence it is better to increase this size when there is an increase in incoming traffic.
Specifying a large reporting queue size and small reporting thread pool size might cause delay in processing the events data but ensures all the data are processed.
On the other hand, specifying a small reporting queue size and large reporting thread pool size might cause faster processing of the events data but keeps the CPUs busier and at the same time when the traffic increases there is a possibility of data loss when the collection queue size is full.
Default value is 5000.
eventsRefreshInterval
Specifies the refresh interval for the events indices in seconds.
The default value is 10.
forwardInternalAPIsRequest
This parameter is required in the case of a paired gateway deployment scenario using an Advanced Edition license at DMZ.
Specifies whether the incoming requests are forwarded to internal APIs that are deployed in the green zone.
Possible values:
*true. API Gateway forwards the incoming requests to the internal APIs that are deployed in the green zone.
*false. API Gateway does not forward the incoming requests. This is the default value.
Following are the internal APIs and their URIs for which this parameter is required and its value must be set to true:
*getOAuthToken - /pub/apigateway/oauth2/getAccessToken
*OAuth Authorization - /pub/apigateway/oauth2/authorize
*getOpenIdToken - /pub/apigateway/openid/getOpenIDToken
*openIDCallbackService - /pub/apigateway/openid/openIDCallback
*getJWTToken - /pub/apigateway/jwt/getJsonWebToken
forwardQueryParams
Specifies whether API Gateway should forward the query parameter sent by client and query parameters configured in Request Processing stage to the native service if the ${sys:resource_path} variable is not present in the Routing policy URL.
*true. API Gateway forwards the query parameters sent by client and query parameters configured in Request Processing stage to the native service even if the ${sys:resource_path} is not present in the Routing policy URL.
*false. API Gateway does not forward the query parameters to the native service if the ${sys:resource_path} is not available in the Routing policy. This is the default value.
gatewayClientInvokingToken
Specifies the value of the client token that can invoke the backend APIs in API Gateway.
The default value is apigateway.
invokeESB_asUser
Specifies the username of the user who runs IS services via polices configured in API Gateway.
If the Run as User value is included in the policy level for Invoke webMethods IS service section, then the value provided in the policy overrides the user provided in this setting.
If no value is provided in either of the above mentioned fields, then the user authenticated from the incoming request is used for invoking the IS service.
maxAllowedZipFileSize
Specifies the maximum size of zip files that can be uploaded to create an API from the Create API screen.
Default value is 100000000.
maxBackupsLimit
Specifies the maximum number of backups that are archived. The default value is 10. If you do not provide a value, then infinite number of archives are kept.
The archives are saved in the location provided in the backupSharedFileLocation setting.
maxRegexLengthInSearchQuery
Specifies the maximum length of Regex parameter that you can use in Regex expression query.
Default value is 37000. This value can be increased based on the requirement.
maxWindowSize
Specifies the maximum number of search results that Elasticsearch can return for a single search request.
Using the index.max_result_window property in Elasticsearch, you can configure the maximum number of records to be retrieved in a single Elasticsearch request. To know more about the property, refer https://www.elastic.co/guide/en/elasticsearch/reference/current/index-modules.html.
Default value is 10000.
If the value configured in the index.max_result_window setting of Elasticsearch is different from that of the default value, then it is recommended that you provide the same value in this field.
If you have a value greater than the configured value, then Elasticsearch displays an error message. Also, you must enable the allowExceedMaxWindowSize setting if the total number of results to be retrieved is more than the value specified here.
For example, if you have specified 1000 in this setting and the total number of records to be retrieved is 20000, then API Gateway sends 20 requests to retrieve all records provided the allowExceedMaxWindowSize setting is enabled. In the above example, if the allowExceedMaxWindowSize setting is not enabled, an error message is displayed as the value is lesser than the default value.
paginationPossibleValues
Specifies the list of possible values of the pagination size, that is, number of items listed per page.
The default values displayed for pagination options are 10,20,30,40,50. For example, if you select 20, then 20 items are displayed per page.
For example, if you change the values to 5,10,15,20,25 then pagination options displayed are 5, 10, 15, 20 and 25. So now when you select 15, the items displayed per page would be 15.
On modifying the value, you have to logout and re-login for the changes to reflect.
pg_Cache_autoScalerRunInterval
Specifies the run interval, in minutes, for the Auto Scaler thread.
Default value is 120 minutes.
The Auto Scaler thread checks for system memory load and adjusts the percentage of objects kept in the cache automatically.
pg_Cache_averageObjectSize
Specifies the value used to calculate the average size, in bytes, of the objects that can be loaded into cache.
The default value is 64.
Software AG recommends you not to modify this value.
pg_Cache_boundedCacheResizeRunInterval
Specifies the run interval, in minutes, for the bounded cache resize thread.
The default value is 30 minutes.
The bounded cache stores a predefined number of objects in memory. The cache value is configured in terms of percentage and it varies based on the new objects added to database. The bounded cache resize thread computes the memory size at the configured interval. For example, if you specify 50, the cache memory is calculated once every 50 minutes.
pg_Cache_maxCacheSize
Specifies the maximum number of objects that are kept in the unbounded cache memory.
The default value is 1048576 MB.
Internally, unbounded cache is also a bounded cache with a configured maximum limit.
pg_Cache_minCachePercent
Specifies the minimum cache percent value. API Gateway maintains the configured memory size. That is, if the value that is computed by the auto scaler thread goes below this value, API Gateway resets the cache percent to the value specified for this setting.
The default value is 20.
The auto scaler thread computes the percentage of objects to be stored in cache. If it computes a lower percentage, say 2%, the value is reset based on the pg_Cache_minCachePercent value.
pg_Cache_minCacheSize
Specifies the minimum number of objects that are kept in the unbounded cache memory.
The default value is 1024.
For example, if there are 20 objects, and cache size is set to 100%, then the computed cache size is 20. When the actual size becomes lower than the value specified in this setting, then the value is reset to the pg_Cache_minCacheSize value.
pg_Cache_statisticsProcessorRunInterval
Specifies the run interval, in minutes, for the statistics processor thread. The statistics processor thread stores the cache statistics are in Elasticsearch.
The default value is 15 minutes.
The cache statistics analytics page displays details about the cache statistics.
pg_Dataspace_GossipInterval
Specifies how frequently each node should gossip with one another.
By default, the value is set to 3 seconds.
pg_Dataspace_TimeToFail
Specifies the maximum permissible interval between two consecutive gossips.
By default, the value is set to 30 seconds.
pg_Dataspace_WarmupTime
Specifies the maximum permissible rehashing interval from start-up or shut down of the server.
By default, the value is set to 300 seconds.
pg_JWT_isHTTPS
Specifies whether the transport protocol over which the JSON Web Tokens (JWTs) are granted authorization is restricted to HTTPS.
Possible values:
*true. Restricts the transport protocol to HTTPS. This is set by default.
*false. Allows HTTP and HTTPS transport protocols.
pg_oauth2_createDefaultScopes
Specifies whether default scopes must be created.
Possible values:
*true. When local authorization server is configured as the default authorization server, then API Gateway automatically creates a scope in Integration Server during API creation, and creates a scope mapping between the OAuth scope in the local authorization server and the API. This setting is useful in cases where a service is published from Centrasite.
*false. API Gateway does not create a scope automatically. Users must manually create and map scopes for the services published from Centrasite. This is the default value.
pg_oauth2_isHTTPS
Specifies whether the transport protocol over which the OAuth 2.0 access tokens are granted authorization is restricted to HTTPS.
Possible values:
*true. Restricts the transport protocol to HTTPS. This is set by default.
*false. Allows HTTP and HTTPS protocols.
pg_OpenID_isHTTPS
Specifies the transport protocol over which the OpenID (ID) tokens are granted authorization is restricted to HTTPS.
Possible values:
*true. Restricts the transport protocol to HTTPS. This is set by default.
*false. Allows HTTP and HTTPS protocols.
pg_xslt_disableDoctypeDeclarations
Specifies whether the xslt doc type declarations must be disabled or not.
Possible values:
*true. Disables the xslt doc type declarations. This is the default value.
*false. Enables the xslt doc type declarations.
pg_xslt_enableDOM
Specifies whether the DOM parsing must be enabled.
Possible values:
*true. Enables the DOM parsing.
*false. Disables the DOM parsing and enables other parsers.
pg_xslt_enableSecureProcessing
Specifies whether the use of extensions must be disabled.
Possible values:
*true. Enables the use of extensions. This is the default value.
*false. Disables the use of extensions.
pg.3pSnmpSender.sendDelay
This is an internal parameter. Do not modify.
pg.cs.snmpTarget.base64Encoded
This is an internal parameter. Do not modify.
pg.cs.snmpTarget.connTimeout
Specifies the number of milliseconds before an inactive connection to the SNMP target server is closed. If set to 0, the socket remains open indefinitely.
pg.cs.snmpTarget.maxRequestSize
Specifies the maximum size (in bytes) for SNMP traps.
The default value is 10485760.
pg.cs.snmpTarget.retries
Specifies the number of times to resend SNMP traps upon failure.
Default value is 1.
This parameter works with pg.cs.snmpTarget.sendTimeOut to determine the delay in re-sending SNMP traps to malfunctioning SNMP servers (that is, it retries*sendTimeOut).
This means that if the retries parameter is set to 3, and the sendTimeOut parameter is set to 500 milliseconds, there is a 1.5 second delay before the thread sending the alert is available to send another event. Malfunctioning event destinations could delay the amount of time it takes API Gateway to report events, or it could cause discarded events when the queue reaches its maximum level.
pg.cs.snmpTarget.sendTimeOut
Specifies the time (in milliseconds) to wait before the SNMP trap times out because the server destination is not responding.
This value schedules a timer that resends an SNMP event that has not yet completed when it expires. You must set a timeout value that ensures that the trap is sent to the SNMP server within the time frame. This parameter does not abort an event that is in progress. Set this parameter higher than the default when sending traps with large payloads. The default value is 500.
This parameter works with pg.cs.snmpTarget.retries to determine the delay in resending SNMP traps to malfunctioning SNMP servers (that is, it retries *sendTimeOut).
This means that if the retries parameter is set to 3, and the sendTimeOut parameter is set to 500 milliseconds, there is a 1.5 second delay before the thread sending the alert is available to send another event. Malfunctioning event destinations could delay the amount of time it takes API Gateway to report events, or it could cause discarded events when the queue reaches its maximum level.
pg.default.enable.oldVersion
Specifies whether the oldest version of an API has to be enabled when the version of an API is not specified.
For example, when you have an API that is versioned, the client can specify the version number in the URL to invoke that specific version of the API, that is, API-NAME/Version-number. When the client does not specify the version number, API Gateway defaults to the latest version of the API and invokes it. You can use this parameter to change this behavior such that API Gateway defaults to the oldest version of API and invokes it.
Available values are:
*true. When you set this parameter as true and invoke an API without specifying the version number, then API Gateway defaults to the oldest version of the specified API and invokes it.
*false. This is the default value. When you set this parameter as false and invoke an API without specifying the version number, then API Gateway defaults to the latest version of the specified API and invokes it.
pg.endpoint.connectionTimeout
Specifies the time interval (in seconds) after which an HTTP connection attempt times out.
The default value is 30 seconds.
This is a global property that applies to the endpoints of all APIs. If you prefer to specify a connection timeout for the endpoints of an API individually, set the HTTP Connection Timeout parameter in the API's Routing Protocols processing step, which would then take precedence over pg.endpoint.connectionTimeout.
The precedence of the Connection Timeout configuration is as follows:
a. If you specify a value for the Connection timeout field in routing endpoint alias, then the Connection timeout value specified in the Endpoint alias section takes precedence over the timeout values defined at the API level and the global level.
b. If you specify a value 0 for the Connection timeout field in routing endpoint alias, then API Gateway uses the value specified in the Connection timeout field in the routing protocol processing step of an API. The Read Timeout value specified at an API level takes precedence over the global configuration.
c. If you specify a value 0 or do not specify a value for the Connection timeout field in the routing protocol processing step at the API level or specify a value 0 at an alias level, then API Gateway uses the value specified in this pg.endpoint.connectionTimeout property.
d. If you do not specify any value for pg.endpoint.connectionTimeout, then API Gateway uses the default value of 30 seconds.
pg.endpoint.readTimeout
Specifies the time interval (in seconds) after which a socket read attempt times out. Default value: 30 seconds.
This is a global property that applies to all APIs. If you prefer to specify a read timeout for APIs individually, set the Read Timeout field in the API's's Routing Protocols processing step, which would then take precedence over pg.endpoint.readTimeout.
The precedence of the Read Timeout configuration is as follows:
a. If you specify a value for the Read timeout field in routing endpoint alias, then the Read timeout value specified in the Endpoint alias section takes precedence over the timeout values defined at the API level and the global level.
b. If you specify a value 0 for the Read timeout field in routing endpoint alias, then API Gateway uses the value specified in the Read Timeout field in the routing protocol processing step of an API. The Read Timeout value specified at an API level takes precedence over the global configuration.
c. If you specify a value 0 or do not specify a value for the Read timeout field in the routing protocol processing step at the API level or specify a value 0 at an alias level, then API Gateway uses the value specified in this pg.endpoint.readTimeout property.
d. If you do not specify any value for pg.endpoint.readTimeout, then API Gateway uses the default value of 30 seconds.
pg.lb.failoverOnDowntimeErrorOnly
Specifies API Gateway's behavior of endpoints in a load-balanced routing scenario.
Possible values:
*true. Load balancing does not happen when the service fault encountered in the response is a downtime error. This is the default value.
For example, the following are some Downtime exceptions and for which fail overs happen: ConnectException, MalformedURLException, NoRouteToHostException, ProtocolException, SocketTimeoutException, UnknownHostException, UnknownServiceException, Web Service not available, The service cannot be found.
*false. Load balancing happens whenever a service fault is encountered in the response coming from endpoint 1 and API Gateway immediately tries the next configured endpoint. There is no distinction on the type of fault present in the response from endpoint.
pg.MTOMStreaming.cachedFiles.delete.interval
Specifies the interval (in seconds) to delete the cached MTOM files.
Default value is 3600 seconds. This property takes effect only when the pg.suppress.IS.lcm setting is set to true.
pg.nativeServer.validatePrivateIPs
Specifies whether to validate the native server endpoint against the private IP configuration during invocation of an API.
Possible values:
*true. If this is set to true, then the API invocation is not allowed if the native endpoint uses any private IPs other than the ones configured in /rest/apigateway/configurations/whiteListingIPs
*false. If this is set to false, no private IP validation is done for the native endpoint.
Default value is false for on-prem and true for cloud installations.
pg.overwrite.users.withsameloginid
Specifies whether API Gateway must validate and overwrite a user based on their login ID or UUID when importing or promoting the user or team from one stage to another, provided the logged-in credentials (login ID) of both instances are the same.
Possible values:
*true. API Gateway validates and overwrites the user with the user's login ID, if the user is not matched with the UUID during import or promotion of a user or teams. The default value is true.
*false. API Gateway validates and overwrites the user with the UUID.
pg.removeSSNID
Specifies whether to include the set-cookie header in the response header. The set-cookie header contains ssnid value sent from the native service.
Possible values:
*true. The client that invokes API Gateway API, does not receive the set-cookie header that contains ssnid value.
*false. The client that invokes API Gateway API, receives the set-cookie header that contains ssnid value if the native service sends this in the response.
pg.runtime.extended.stackSize
Specifies the thread space size allocated for critical functions to run. You can configure the thread space size as required by setting a value for this setting. The size is specified in MB.
Default value: 20
If you provide an invalid value, API Gateway considers the default value.
pg.security.allowedhostnames
Validates the host header in an incoming request against the host names configured in this setting. Provide a comma-separated list of host names that you want the host header in the incoming request to be validated against.
This setting is required especially in scenarios where, when an API is invoked by adding a dummy host in the Host header. The invocation gets through the proxy API and API Gateway returns success response, which can pose as a vulnerability.
If the host in the request header is not in the list of host names configured in this setting, API Gateway returns a 400 Bad Request with an error response Invalid Host header.
If you do not include any host names and leave the setting blank, the host header in the incoming request is not validated.
pg.security.honourPortAccessModeSettings
Specifies whether the access mode settings configured in the Administration > Security > Ports section must be enforced on the HTTP and HTTPS ports.
In addition to the default port, you can add ports in API Gateway using which you can consume APIs. You can configure the access mode of the ports to determine whether a port can be used to access an API or not. You can either allow or deny the access of all APIs through a port. When you allow access of APIs using a port by default, you can specify a list of APIs that must be denied access over the port. Also, if you deny the access of APIs using a port, you can specify a list of APIs that can be allowed to access using the port. For details on creating ports and allowing or denying access to a port, see Ports.
Possible values:
*true. Access of REST and OData APIs through the HTTP and HTTPS ports is allowed or denied based on the access mode settings configured from the Administration > Security > Ports section.
*false. The access mode setting specified for the ports are not applied. This is the default value.
Prior 10.7, the access mode setting of ports was applicable only for the SOAP APIs. Starting 10.7, the access mode is applicable for REST and OData APIs as well. The default value of the pg.security.honourPortAccessModeSettings setting is false. That is, the access mode configuration is imposed only on SOAP APIs. So, the existing users need not modify their settings if they want the access mode setting to be enforced only on the SOAP APIs. However, if you want to enforce the access mode setting on REST and OData APIs, you can change the value of this setting to true.
pg.snmp.communityTarget.base64Encoded
Specifies whether to use a third-party SNMPv1 community-based connection.
The default value is false.
When this property is set to true, the Community name of 3rd Party SNMP destination configuration is expected as base64 encoded.
pg.snmp.communityTarget.maxRequestSize
Specifies the maximum size (in bytes) for SNMP traps.
The default value is 65535.
pg.snmp.communityTarget.retries
Specifies the number of times to resend SNMP traps upon failure.
Default value is 1.
This parameter works with pg.snmp.communityTarget.sendTimeOut to determine the delay in re-sending SNMP traps to malfunctioning SNMP servers (that is, it retries *sendTimeOut).
This means that if the retries parameter is set to 3, and the sendTimeOut parameter is set to 500 milliseconds, there is a 1.5 second delay before the thread sending the alert is available to send another event. Malfunctioning event destinations could delay the amount of time it takes API Gateway to report events, or it could cause discarded events when the queue reaches its maximum level.
pg.snmp.communityTarget.sendTimeOut
Specifies the time (in milliseconds) to wait before the SNMP trap times out because the server destination is not responding. This value schedules a timer that resends an SNMP event that has not yet completed when it expires. You must set a timeout value that ensures that the trap is sent to the SNMP server within the time frame. This parameter does not abort an event that is in progress. Set this parameter higher than the default when sending traps with large payloads.
The default value is 500.
This parameter works with pg.snmp.communityTarget.retries to determine the delay in re-sending SNMP traps to non-responsive SNMP servers (that is, it retries *sendTimeOut).
This means that if the retries parameter is set to 3, and the sendTimeOut parameter is set to 500 milliseconds, there is a 1.5 second delay before the thread sending the alert is available to send another event. Malfunctioning event destinations could delay the amount of time it takes API Gateway to report events, or it could cause discarded events when the queue reaches its maximum level.
pg.snmp.customTarget.connTimeout
Specifies the number of milliseconds before an inactive connection to the third-party SNMP server is closed. If set to 0, the socket remains open indefinitely.
pg.snmp.userTarget.maxRequestSize
Specifies the maximum size (in bytes) for SNMP traps.
The default value is 65535.
pg.snmp.userTarget.retries
Specifies the number of times to resend SNMP traps upon failure.
The default value is 1.
This parameter works with pg.snmp.userTarget.sendTimeOut to determine the delay in re-sending SNMP traps to malfunctioning SNMP servers (that is, it retries *sendTimeOut).
This means that if the retries parameter is set to 3, and the sendTimeOut parameter is set to 500 milliseconds, there is a 1.5 second delay before the thread sending the alert is available to send another event. Malfunctioning event destinations could delay the amount of time it takes API Gateway to report events, or it could cause discarded events when the queue reaches its maximum level.
pg.snmp.userTarget.sendTimeOut
Specifies the time (in milliseconds) to wait before the SNMP trap times out because the server destination is not responding. This value schedules a timer that resends an SNMP event that has not yet completed when it expires. You must set a timeout value that ensures that the trap is sent to the SNMP server within the time frame. This parameter does not abort an event that is in progress. Set this parameter higher than the default when sending traps with large payloads.
The default value is 500.
This parameter works with pg.snmp.userTarget.retries to determine the delay in resending SNMP traps to malfunctioning SNMP servers (that is, it retries *sendTimeOut).
This means that if the retries parameter is set to 3, and the sendTimeOut parameter is set to 500 milliseconds, there is a 1.5 second delay before the thread sending the alert is available to send another event. Malfunctioning event destinations could delay the amount of time it takes API Gateway to report events, or it could cause discarded events when the queue reaches its maximum level.
pg.soapToRest.typeConvertorEnabled
Specifies whether the key values in a SOAP request must be converted to their primitive type when a SOAP API is transformed to REST API. For example, if the XML is <number>10</number>, it is converted as "number" : 10.
Possible values:
*true. Values are converted to their primitive type. This is the default value.
*false. Values are not converted to their primitive type.
pg.suppress.IS.lcm
Specifies whether to override IS lifecycle manager with API Gateway lifecycle manager.
Possible values:
* true. Set this to true to use the API Gateway lifecycle manager.
*false. Set this to false to use the IS lifecycle manager. By default, the value is false.
API Gateway lifecycle manager provides options to specify the interval for deleting of cached MTOM files using the pg.MTOMStreaming.cachedFiles.delete.interval setting.
pg.uddiClient.publish.maxThreads
Specifies the maximum allowed number of threads to publish the performance metrics data to CentraSite.
The default value is 2.
pg.uddiClient.uddiClientTimeout
Specifies the connection and read timeout, in milliseconds, for publishing performance metrics to CentraSite.
The default value is 5000.
pgmen.quotaSurvival.addLostIntervals
Specifies whether API Gateway must restore the time duration between the shutdown and restart when the Subscription counters are restored back into restarted instance.
Possible values are true or false.
pgmen.quotaSurvival.interval
Specifies the periodical time interval, in minutes, in which API Gateway should run to persist the Subscription counters into the database.
To keep the Subscription counters active during the server restart, API Gateway would periodically store the counters to the database.
Default value is 1.
portClusteringEnabled
Specifies whether the port configuration synchronization across API Gateway cluster nodes is enabled or disabled.
When as an API Gateway Administrator you create, update or delete a port definition, you might prefer to do it in one of the nodes in the cluster and have it instantly reflected on the other nodes without having to restart them. This setting controls whether you want to synchronize these port configuration changes across the API Gateway cluster nodes.
In this context clustered environment refers to clustering being enabled under Administration > General > Clustering section.
In a clustered environment, the possible values are:
*true. This enables port configuration synchronization across API Gateway cluster nodes. This is the default value
The ports that are not configured through the API Gateway UI (that is ports configured through Integration Server) are ignored by API Gateway UI and are removed on a restart.
*false. This disables port configuration synchronization across API Gateway cluster nodes. The ports that are not configured through the API Gateway UI (that is ports configured through Integration Server) are displayed in the API Gateway UI and they are not removed on a restart.
In a non-clustered environment, the possible values are:
*true. The ports that are not configured through the API Gateway UI (that is ports configured through Integration Server) are ignored by API Gateway UI and are removed on a restart.
*false. The ports that are not configured through the API Gateway UI (that is ports configured through Integration Server) are displayed in the API Gateway UI and they are not removed on a restart.
Note:
Restart all the cluster nodes, when you change this parameter, for the changes to take effect.
promotionListSortByTime
Specifies whether the list of promotions in the Promotions tab of the Promotion management page are sorted by the promotion time.
Possible values:
*true. Promotion list is sorted by promotion time with the latest on top.
*false. Promotion list is sorted by promotion name. This is the default value.
retainSOAPResponseStatus
Specifies whether the native SOAP API status has to be sent to the client.
Possible values:
*true. The native API responses retain the SOAP response status in the response sent to the API clients upon a failure. The default value is true.
*false. All response codes from the native SOAP API are converted to HTTP 500 (Internal Server Error) before sending the response to the API clients.
retainResponseStatus
Specifies whether the native service status has to be sent to the client.
Possible values:
*true. A 401 HTTP response received from the native API with outbound authentication is passed on to API clients.
*false. A 401 HTTP response received from the native API with outbound authentication is not exposed to the API clients. A HTTP response 500 is sent instead. This is the default value.
return408ForConnectionTimeout
Specifies the status code to be included in the response when a request to the native service times out.
Possible values:
*true. The response contains 408 error code uniformly when a request to the native service is timed out. This is the default value.
*false. The response does not contain 408 error code.
saveAuditlogsWithPayload
Specifies whether the audit logs have to be saved along with payload.
Possible values:
*true. The audit logs have to be saved along with payload. This is the default value.
*false. The audit logs are not saved along with payload.
sendClientRequestURI
Specifies whether the URI that is present in a request must be decoded before sending it to the native service.
Possible values:
*true. The URI is not decoded. The unicode characters in a request are encoded.
*false. The URI is decoded without change in the path of the URL. This is the default value.
setDefaultContentType
Specifies that default content type to be included in the GET and DELETE methods, if the content type is missing in request.
Possible values:
*true. The default content type application/x-www-form-urlencoded is added, if content type is missing in request. This is the default value.
*false -The default content type is not added. The content-type is sent as is.
startDayOfTheWeek
Specifies the start day of a week for the unit of measurement of the Alert Interval configured, to monitor performance, before sending an alert.
By default, the start day of the week is set to Monday.
strictResourceMatching
Specifies whether API Gateway must perform a strict matching of the resource path from runtime invocation with the API definition of resource paths.
Possible values:
*true. API Gateway uses the strict resource matching criteria and the matching fails if it encounters any other characters than that are specified. This is the default value.
*false. API Gateway matches the best resource instead of using the strict resource matching criteria.
The extended setting functions as follows:
For example, consider a REST API with resource path /mypath
The request http://host:port/servicename/mypath/anytext with strictResouceMatching=true returns an HTTP response 404 immediately.
The request http://host:port/servicename/mypath/anytext with strictResouceMatching=false executes the request in an ordinary way.
tagsTypeAheadSearchResultSize
Specifies the number of existing tags to display during the type ahead search.
This is available while adding a tag to an API, where you can type a search term. A list of existing API tags appears depending on the search term. The number of API tags displayed in this list is restricted as per the value provided in the tagsTypeAheadSearchResultSize property.
The default value is 10.
The minimum value you can provide is 1. If you provide zero or an invalid value, the value of this property is set to the default value 10.
transferEncodingChunked_handleAsStream
Specifies whether the request and response payloads should be handled as stream.
Possible values:
*true. API Gateway checks for the following conditions to handle the request and response payloads as stream:
*Request payload is handled as stream, if the Transfer-encoding: chunked header is sent in the request.
*Response payload is handled as stream, if the application/octet-stream accept header is sent in the request.
*false. The payloads are not handled as streams (even though the conditions specified above are met). This is the default value.
Note:
The response from the native endpoint need not contain the Transfer-encoding: chunked header for the response payload to be handled as stream.
transformerPoolSize
Specifies the maximum size for transform pool that consists XSLT transformers. To reduce performance impacts, you can reuse the transformers from the pool instead of creating them for every request.
useTypeInIndexNameForESDestination
Specifies the index format used when sending data from API Gateway to a configured Elasticsearch destination.
The default value is true.
Elasticsearch verison 7.2 supports data with dedicated index for each of the event types. So, API Gateway sends data in different indexes for different event types if the value of this property is set to true. The event type is concatenated with the Elasticsearch destination index name. That is, the index name will be in the following format: {IndexName}_{EventType}. For example, database_transactionalevents; where default is the index name and transactional events in the event type.
If the value is set to false, the type name is not concatenated with the index name. In this case, the index created for each event is sub-indexed under a main index when data is sent to configured Elasticsearch destination. The value of this setting must be set to false, if the version of the destination Elasticsearch is 5.x or earlier.
validateTransportProtocolAgainstEGPort
Specifies whether the EG protocol in the transport protocol policy of APIs must be validated during the reverse invoke of APIs.
Possible values:
*true. Validation is performed to ensure an EG protocol is specified in transport protocol policy of APIs that are invoked using the reverse invoke method.
*false. No validation is performed. The default value is false.
wsdlPortLayout
Specifies which ports entries are exposed in a WSDL.
Possible values:
*service-port. All the port entries are exposed. This is the default value.
*service-only. Only one port (with servicename or version) is exposed. When this value is set, only the simple endpoint with the service name is generated.
*mediator-comp. When this value is set, the entries generated are in mediator compatibility mode. Note that custom endpoints do not appear in this case.
xmlToJSONConversion_keepString
Specifies whether the data type of fields in a response payload, after XML to JSON conversion, must be string or a corresponding data type.
The default value is true.
Possible values:
*true. The data type of the fields are retained as string.
*false. The data type of the fields is changed to a corresponding data type.
For example:
Sample XML payload:

<?xml version="1.0" encoding="UTF-8"?>
<EmployeeDetail>
<ID>12345</ID>
<Name>John</Name>
<Address>999 ABC Street</Address>
</EmployeeDetail>
*Sample response, if you set the extended setting to true:

{
"EmployeeDetail": {
"ID": "12345",
"Name": "John",
"Address": "999 ABC Street"
}
}
All fields in the response payload are retained as string.
*Sample response, if you set the extended setting to false:

{
"EmployeeDetail": {
"ID": 12345,
"Name": "John",
"Address": "999 ABC Street"
}
}
The data type of the field ID is integer.
5. You can configure the watt parameters in the Watt keys section by providing the required values.
The configured watt keys are listed under Watt settings below the Extended keys at the top of the page.
Only the following watt parameters get synchronized across nodes in a cluster setup:
*watt.security.ssl.client.ignoreEmptyAuthoritiesList
*watt.security.ssl.ignoreExpiredChains
*watt.server.url.alias.partialMatching
*watt.server.oauth.authServer.alias
*watt.server.oauth.requireHTTPS
*watt.net.http401.throwException
*watt.net.http501-599.throwException
*watt.server.SOAP.MTOMStreaming.enable
*watt.server.http.Strict-Transport-Security
*watt.server.rest.removeInputVariablesFromResponse
*watt.server.coder.responseAsXML
*watt.security.ssl.cacheClientSessions
*watt.server.enterprisegateway.ignoreXForwardedForHeader
If you modify the other watt parameters in one API Gateway instance they do not get synchronized across other nodes in a cluster setup. You have to manually modify them in the other instances.
6. Click Save.