API Observability and Monetization with NGINX OpenResty and Moesif Developer Portal

Overview

In this tutorial, you’ll use OpenResty to serve a high-performance API backend that possesses integrations with Moesif, Moesif Developer Portal , and Stripe. For API access control, we’ll use JWTs (JSON Web Token).

The guide assumes you have basic knowledge of the following:

• OpenResty and NGINX
• Lua
• JWT
• Docker

For the source code of the example application for this tutorial, see the OpenResty Docker demo GitHub repository.

Background

This guide sets up a very basic REST API using OpenResty. We use Moesif NGINX plugin to integrate Moesif with OpenResty, giving access to its rich suite of API analytics and observability features. We also integrate Stripe as the billing provider to illustrate API monetization with Moesif.

Here’s the core flow of how the components work together that this tutorial focuses on:

1. Auth0 manages user signups and logins.
2. You subscribe to products through the Developer Portal.
3. You use the Developer Portal to generate API key to access the API product you’ve subscribed to.
4. You make authorized requests to the API by including the JWT in an HTTP reqeuest header.
5. A Lua script in the backend verifies the JWT to determine whether to allow or deny access to the API.

The example application of this tutorial uses Docker. Notice the following main components of the application. We use a Docker container image for each of them:

• The OpenResty NGINX API backend
• The Moesif Developer Portal frontend
• The Moesif Developer Portal API backend

Objectives

1. Use OpenResty and it’s Lua-based scripting capabilities to create high-performance web applications directly on NGINX server.
2. Use Moesif OpenResty plugin to integrate Moesif’s API observability and monetization platform with OpenResty NGINX.
3. Use Moesif Developer Portal for provisioning JWT-based API keys.
4. Use Lua within OpenResty to verify JWTs and securely expose API endpoints to end users.
5. Use Moesif to track and meter application usage.
6. Use Stripe as the billing provider to monetize APIs based on the usage Moesif tracks and meters.

Before You Start

• Make sure you’re using an Ubuntu Linux operating system on a 64-bit machine.
• Install Docker.
• Make sure you have active accounts in the following platforms:
  • Moesif
  • Auth0
  • Stripe

You also need Moesif Application ID and Management API key when you connect your Moesif account with the application.

Clone the Example

Clone the OpenResty Docker example to your local machine.

Set Moesif Credentials

Set the following environment variables in docker-compose.yml to connect your Moesif account with the application:

• nginx.environment.MOESIF_APPLICATION_ID
• dev-portal-api.environment.MOESIF_APPLICATION_ID
• dev-portal-api.environment.MOESIF_MANAGEMENT_TOKEN

When you set the Management Token, make sure you omit the Bearer prefix.

To integrate Moesif with OpenResty using the Moesif OpenResty plugin, specify your Moesif Application ID in the OpenResty configuration file nginx.conf.d/main.conf:

config:set("application_id", "YOUR_MOESIF_APPLICATION_ID")

You can also set your Application ID as an environment variable and then fetch it from there:

config:set("application_id", os.getenv("YOUR_MOESIF_APPLICATION_ID"))

Obtain Your Moesif Application ID

During the onboarding process of your sign up, Moesif shows you your Application ID. You can always obtain your Application ID by following these steps any time:

1. Log into Moesif Portal.
2. Select the account icon to bring up the settings menu.
3. Select Installation or API Keys.
4. Copy your Moesif Application ID from the Collector Application ID field.

Obtain a Moesif Management Token

To generate a Management API key, follow these steps:

1. In Moesif Portal, select the account icon to bring up the settings menu.
2. Select API Keys.
3. From the Management API Key section, select the necessary scopes and optionally set the key’s expiration time.
4. Select Generate Token.

Make sure you at least select the Read scopes for the monetization, analytics, and dashboards resources so you can view your plans, prices, subscriptions, and embedded workspaces in the developer portal frontend.

Set up Auth0

Moesif Developer Portal generates the JWT keys that you must use to make authorized requests to the OpenResty API. However, you still need to use Auth0 to sign into the Developer Portal. So let’s configure Auth0 by following these steps:

Create Auth0 Application

• Log into or sign up for Auth0.
• From your Auth0 dasoboard, select Applications > Applications > Create Application.
• Name your application and choose Single Page Web Applications as the application type.
• Select Create.
• Select the Settings tab and scroll down to the Application URIs section.
• Add http://127.0.0.1:4000, or the URL where you host the developer portal, in the list of Allowed Callback URLs, Allowed Logout URLs, and Allowed Web Origins.
• Select Save Changes.

Add Environment Variables

Now set the following environment variables in dev-portal.environment and dev-portal-api.environment inside the Docker Compose file docker-compose.yaml.

• dev-portal.environment.REACT_APP_AUTH_PROVIDER=Auth0
• dev-portal.environment.REACT_APP_AUTH0_DOMAIN
• dev-portal.environment.REACT_APP_AUTH0_CLIENT_ID
• dev-portal-api.AUTH_PROVIDER=Auth0
• dev-portal-api.AUTH0_DOMAIN=

To get client ID and domain values, follow these steps:

1. Go to your Auth0 dashboard and select Applications > Applications.
2. Select the application you’ve created.
3. Select the Settings tab.
4. From the Basic Information section, copy the Domain and Client ID values.

Set up Stripe

This tutorial uses Stripe as the billing provider that monetizes your OpenResty application. Moesif tracks the product usage, meters the usage according to a billing meter, and sends the details to Stripe. Stripe then charges the customer.

To configure Stripe for this tutorial, follow the instructions in Configure Stripe for Checkout.

Integrate Stripe with Moesif

1. Log into Moesif Portal.
2. Select the account icon to bring up the settings menu.
3. Select Extensions .
4. Search for Stripe and then follow the instructions.

Important: Make sure you select the Extension Enabled toggle on.

Add Stripe in the Application

1. Set the following environment variables for the Developer Portal API backend:

    dev-portal-api.environment.STRIPE_API_KEY=
   

2. Set the following environment variables for the Developer Portal frontend:

    dev-portal.environment.REACT_APP_STRIPE_PUBLISHABLE_KEY=
    dev-portal.REACT_APP_STRIPE_MANAGEMENT_URL=https://billing.stripe.com/p/login/test_6oEg0zcmPdBB492eUU
   

   To get the Stripe API keys, see Reveal secret or restricted API keys.

The other environment variable holds link to the Stripe customer portal. For instructions on how to set up the customer portal, see Activate the no-code customer portal.

Create Product in Stripe

Stripe Products map to Plans in Moesif. In the Developer Portal, you can see the existing Plans and choose to subscribe to the ones you want. So if you don’t have any existing Products in Stripe, create them.

Set up Billing Meter in Moesif

Billing meters in Moesif performs two important tasks in API monetization process:

• Track usage based on specific criteria.
• Report that usage to the billing provider.

To create a Billing Meter, follow the instructions in Creating Meters.

Set Up JWT

1. Set the dev-portal-api.environment.PLUGIN_APIM_PROVIDER environment variable to JWT.

2. Set the following environment variables:

   • dev-portal-api.environment.PLUGIN_JWT_SECRET
   • dev-portal-api.environment.PLUGIN_JWT_EXPIRES_IN
   • dev-portal-api.environment.PLUGIN_JWT_KID
3. Set the nginx.environment.JWT_SECRET environment variable to the same JWT secret value you set in the preceding step.

These environment variables specify the secret to sign the JWT with and the expiration period for the JWT token. By default, the Developer Portal uses HS256 algorithm for JWTs. If you want to use RS256, set the dev-portal-api.environment.PLUGIN_JWT_ALGORITHM variable to RS256.

Run the Example

1. Build the container images:

    docker buildx build --platform linux/amd64 -t openresty-docker-demo ./
   

2. Start the application:

    docker compose up
   

After the process finishes, open your browser at http://127.0.0.1.4000 for the developer portal frontend. The OpenResty API backend listens in port 8000 by default.

Subscribe

You can see the Stripe products you’ve created earlier in the Plans page of the developer portal. To simulate a real-world scenario, the Developer Portal only generates an API key after youu’ve subscribed to a product.

Get the JWT API Key

After you’ve subscribed to a plan, go to the API Keys page and select Create Key. Copy the key and send a request to the API with the Authorization HTTP request header set to the JWT you just generated:

curl -X GET -H "Authorization: JWT_KEY" https://localhost:8000

You should get the following response back:

{
  "message": "Hello World",
  "completed": true
}

Moesif tracks and meters the API usage according to the billing meter and sends them to Stripe to charge the users accordingly.

Add Analytics Dashboards in the Application

You can embed different API analytics visualizations in the developer portal that appear in the Dashboards page. For configuration instructions, see Configuring the Dashboards in Moesif Developer Portal documentation.

Troubleshoot

For a general troubleshooting guide that can help you solve common problems, see Server Troubleshooting Guide.

Other troubleshooting supports:

• FAQ
• Moesif support email

Next Steps

• Get started with Moesif.
• Explore Moesif Developer Portal docs
• See example Moesif-OpenRestly application
• See source code and documentation for Moesif Lua plugin for NGINX
• Explore Moesif API analytics and user analytics.
• Explore other server integrations from Moesif.
• Learn to set up real-time monitoring and alerts.
• Invite team members to collaborate.