Hi, I'm new to Google Cloud and have been having some trouble making my API work only with API key authentication.
I have a test app deployed on cloud run, which is a simple flask app with one endpoint.
I've been trying to only allow access to the API with an API key via API Gateway. Please see my API config file below.
However, although trying to access the app address (https://flask-test-abcd1234.a.run.app/hi) directly will return "Error: Forbidden" as expected after specifying to disallow unauthenticated requests, the API gateway url (https://gatename-abcde123.nw.gateway.dev/hi) will return the API response without adding an api_key=(key) query to the URL. I suspect it has something to do with my API config, but I cannot see exactly what's wrong.
Any help is greatly appreciated.
Deployed cloud run app:
"
from flask import Flask
app = Flask(__name__)
@App.route('/hi', methods=['GET'])
def hello_world():
return 'Hello, World'
if __name__ == '__main__':
app.run(debug=True
)
"
APIconfig.yaml:
"
# openapi2-run.yaml
swagger: "2.0"
info:
title: Sample Flask API d
description: A simple API for demonstration
version: 1.0.0
host: test-api.apigateway.projectname.cloud.goog
schemes:
- https
produces:
- application/json
security:
- api_key: []
x-google-backend:
address: >-
x-google-management:
metrics:
- name: "get-requests"
displayName: "get requests"
valueType: INT64
metricKind: DELTA
quota:
limits:
- name: "get-limit"
metric: "get-requests"
unit: "1/min/{project}"
values:
STANDARD: 1000
paths:
/hi:
get:
summary: Get hello
operationId: getHi
security: []
parameters: []
responses:
200:
description: A successful response
schema:
type: string
securityDefinitions:
api_key:
type: apiKey
name: key
in: query
definitions:
User:
type: object
properties:
username:
type: string
firstname:
type: string
lastname:
type: string
email:
type: string
"