Springboot SDK Guide
To integrate your Springboot Java application with APItoolkit, you need to use this SDK to monitor incoming traffic, aggregate the requests, and then send them to APItoolkit's servers. Kindly follow this guide to get started and learn about all the supported features of APItoolkit's Springboot SDK.
Prerequisites
Ensure you have already completed the first three steps of the onboarding guide.
Installation
To install the SDK, kindly add the following dependency to your pom.xml file within the <dependencies> section, like so:
<dependency>
<groupId>io.apitoolkit.springboot</groupId>
<artifactId>apitoolkit-springboot</artifactId>
<version>1.0.6</version>
</dependency>
Configuration
First, add your APItoolkit API key to the application.properties file, like so:
apitoolkit.apikey={ENTER_YOUR_API_KEY_HERE}
# Other configuation options
apitoolkit.debug=false
# ...
Tip
The {ENTER_YOUR_API_KEY_HERE} demo string should be replaced with the API key generated from the APItoolkit dashboard.
Then, initialize the SDK, like so:
package com.example.demo;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
// Import APItoolkit annotation
import io.apitoolkit.springboot.annotations.EnableAPIToolkit;
// END Import APItoolkit annotation
import org.springframework.web.bind.annotation.*;
@SpringBootApplication
// Add APIToolkit custom annotation
@EnableAPIToolkit
// END Add APIToolkit custom annotation
@RestController
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
@GetMapping("/greet/{name}")
public String getUser(@PathVariable String name) {
return "Hello, " + name;
}
}
Redacting Sensitive Data
If you have fields that are sensitive and should not be sent to APItoolkit servers, you can mark those fields to be redacted (the fields will never leave your servers).
To mark a field for redacting via this SDK, you need to provide additional configuration options to the application.properties file with paths to the fields that should be redacted. There are three arguments you can provide to configure what gets redacted, namely:
redactHeaders: A list of HTTP header keys.redactRequestBody: A list of JSONPaths from the request body.redactResponseBody: A list of JSONPaths from the response body.
JSONPath is a query language used to select and extract data from JSON files. For example, given the following sample user data JSON object:
{
"user": {
"name": "John Martha",
"email": "[email protected]",
"addresses": [
{
"street": "123 Main St",
"city": "Anytown",
"state": "CA",
"zip": "12345"
},
{
"street": "123 Main St",
"city": "Anytown",
"state": "CA",
"zip": "12345"
}
],
"credit_card": {
"number": "4111111111111111",
"expiration": "12/28",
"cvv": "123"
}
}
}
Examples of valid JSONPath expressions would be:
| JSONPath | Description |
|---|---|
$.user.addresses[*].zip | In this case, APItoolkit will replace the zip field in all the objects of the addresses list inside the user object with the string [CLIENT_REDACTED]. |
$.user.credit_card | In this case, APItoolkit will replace the entire credit_card object inside the user object with the string [CLIENT_REDACTED]. |
Tip
To learn more about JSONPaths, please take a look at the official docs or use this JSONPath Evaluator to validate your JSONPath expressions.
You can also use our JSON Redaction Tool to preview what the final data sent from your API to APItoolkit will look like, after redacting any given JSON object.
Here's an example of what the configuration would look like with redacted fields:
apitoolkit.redactHeaders=content-type,Authorization,HOST
apitoolkit.redactRequestBody=$.user.email,$.user.addresses
apitoolkit.redactResponseBody=$.users[*].email,$.users[*].credit_card
Note
- The
apitoolkit.redactHeadersconfig field expects a list of case-insensitive headers as strings. - The
apitoolkit.redactRequestBodyandapitoolkit.redactResponseBodyconfig fields expect a list of JSONPaths as strings. - The list of items to be redacted will be applied to all endpoint requests and responses on your server.
Error Reporting
With APItoolkit, you can track and report different unhandled or uncaught errors, API issues, and anomalies at different parts of your application. This will help you associate more detail and context from your backend with any failing customer request.
To manually report specific errors at different parts of your application, use the reportError() method, passing in the request and exception parameters, like so:
package com.example.demo;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.web.bind.annotation.*;
import jakarta.servlet.http.HttpServletRequest;
import io.apitoolkit.springboot.APErrors;
import io.apitoolkit.springboot.annotations.EnableAPIToolkit;
@EnableAPIToolkit
@SpringBootApplication
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
@GetMapping("/hello")
public String hello(@RequestParam(value = "name", defaultValue = "World") String name, HttpServletRequest request) {
try {
System.out.print(1 / 0); // This will throw an ArithmeticException
} catch (Exception e) {
// Report the error to APItoolkit
APErrors.reportError(request, e);
}
return String.format("Hello %s!", name);
}
}
Monitoring Outgoing Requests
Outgoing requests are external API calls you make from your API. By default, APItoolkit monitors all requests users make from your application and they will all appear in the API Log Explorer page. However, you can separate outgoing requests from others and explore them in the Outgoing Integrations page, alongside the incoming request that triggered them.
The Springboot SDK provides the ObserveRequest class for monitoring outgoing requests using the Apache HTTP client. First, you will create an instance of the class, then use the instance to create a new HTTP client, passing in the current request context and an optional url_path string (for URLs with path parameters), like so:
package com.example.demo;
import java.util.List;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.util.EntityUtils;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import io.apitoolkit.springboot.annotations.EnableAPIToolkit;
import io.apitoolkit.springboot.integrations.ObserveRequest;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.web.bind.annotation.*;
@SpringBootApplication
@EnableAPIToolkit
@RestController
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
// Create an instance of the ObserveRequest class
private ObserveRequest observingClient = new ObserveRequest(
// Optional parameters to redact headers and request/response body
List.of("content-type", "Authorization", "HOST"),
List.of("$.user.email", "$.user.addresses"),
List.of("$.users[*].email", "$.users[*].credit_card")
);
@GetMapping("/hello")
public String hello(HttpServletRequest request) {
// Use the observingClient instance to create an HTTP Client
CloseableHttpClient httpClient = observingClient.createHttpClient(request, "/posts/{post_id}");
try {
HttpGet httpGet = new HttpGet("https://jsonplaceholder.typicode.com/posts/1");
CloseableHttpResponse response = httpClient.execute(httpGet);
String responseStr = EntityUtils.toString(response.getEntity());
return responseStr;
} catch (Exception e) {
e.printStackTrace();
return "Error occurred while processing the request...";
}
}
}
Explore the Springboot SDK