Skip to main content
Skip table of contents

APISIX Routes

To add the APISIX Route

  • Edit the custom-values.yaml for each chart mentioned below and add the APISIX configuration to the global section of the custom-values.yaml

APISIX Configuration for global section
CODE 
  apisix:
    # --- Default Keycloak OIDC Config ---
    # Used IF a route has plugins.enableAuth = true
    keycloak:
      discoveryUrl: "http://keycloak.ef-external.svc/auth/realms/expertflow/.well-known/openid-configuration" # Internal URL
      realm: "expertflow"
      clientId: "cim"
      # !! IMPORTANT: Use Helm secrets or external secret management for clientSecret !!
      clientSecret: "ef61df80-061c-4c29-b9ac-387e6bf67052"
      # Default behavior settings
      bearerOnly: true
      tokenSigningAlg: "RS256"
      setAccessTokenHeader: false # Don't pass token header to backend
      setUserInfoHeader: false    # Don't pass userinfo header to backend
      # Default Audience/Scopes (OVERRIDE PER ROUTE if needed)
      defaultAudience: ["cim", "account", "realm-management"]
      defaultScopes: ["email", "profile"]

    # --- Default Plugin Settings ---
    plugins:
      cors:
        enabled: false # Default CORS disabled unless enabled per route
        allowOrigins: "*"
        allowMethods: "GET, POST, PUT, DELETE, PATCH, OPTIONS"
        allowCredentials: true
      rewrite:
        stripPrefix: true # Default rewrite action

  • Remove the Ingress section and replace it with the apisixRoutes defined below for the respective component

CX Core

Component

APISIX Route

Agent-Manager

APISIX Route for Agent-Manager
CODE 
ingress: { enabled: false }
apisixRoutes:
  # Route 1: Login Exclusion
  - nameSuffix: "login-unsecured"
    enabled: true
    priority: 10
    paths: ["/agent-manager/agent/login"]
    backendServicePort: 3000
    plugins:
      enableAuth: false
      enableRewrite: true
      rewriteStripPrefix: false
      rewriteRegexUriFrom: "^/agent-manager/agent/login$"
      rewriteRegexUriTo: "/agent/login"
  # Route 2: Socket.IO Exclusion
  - nameSuffix: "socketio-unsecured"
    enabled: true
    priority: 10
    paths: ["/agent-manager/socket.io/*"]
    backendServicePort: 3000
    enableWebsocket: true
    websocketTimeout: { connect: "5s", send: "3600s", read: "3600s" }
    plugins:
      enableAuth: false
      enableRewrite: true
      rewriteStripPrefix: false
      rewriteRegexUriFrom: "^/agent-manager/(socket\\.io/.*)"
      rewriteRegexUriTo: "/$1"
  # Route 3: Main Secured Route
  - nameSuffix: "secured"
    enabled: true
    priority: 0
    paths: ["/agent-manager/*"]
    backendServicePort: 3000
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix
      customPlugins:
        - name: limit-count # Example 1: Rate Limiting
          enable: false
          config:
            count: 2000
            time_window: 60
            key_type: var
            key: remote_addr
            rejected_code: 429
        - name: ip-restriction # Example 2: IP Whitelisting
          enable: false
          config:
            whitelist:
              - "192.168.1.0/24"
              - "127.0.0.1"
        - name: response-rewrite # Example 3: Add response header
          enable: false
          config:
            headers:
              set:
                X-Handled-By: AgentManager-Route
        # --- START: Added client-control plugin ---
        - name: client-control
          enable: false
          config:
            max_body_size: 8m # Set max request body size to 8 Megabytes
        # --- END: Added client-control plugin ---
      # ######################################################## #
      # END: Added customPlugins section                         #
      # ######################################################## #

Bot-framework

APISIX Route for Bot-Framework
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/bot-framework/*"]
    backendServicePort: 8082
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

Customer-Channel-Manager

APISIX Route for CCM
CODE 
ingress: { enabled: false }
apisixRoutes:
  # Route 1: Agents Exclusion
  - nameSuffix: "agents-unsecured"
    enabled: true
    priority: 10
    paths: ["/ccm/agents/*"] # Path from verified YAML
    backendServicePort: 8081
    plugins:
      enableAuth: false
      enableRewrite: true
      rewriteStripPrefix: false
      rewriteRegexUriFrom: "^/ccm/(.*)"
      rewriteRegexUriTo: "/$1" # Strip /ccm/
  # Route 2: Channels Service ID Exclusion
  - nameSuffix: "channels-svc-id-unsecured"
    enabled: true
    priority: 10
    paths: ["/ccm/channels/service-identifier/*"]
    backendServicePort: 8081
    plugins:
      enableAuth: false
      enableRewrite: true
      rewriteStripPrefix: false
      rewriteRegexUriFrom: "^/ccm/(.*)"
      rewriteRegexUriTo: "/$1" # Strip /ccm/
  # Route 3: Widget Configs Exclusion
  - nameSuffix: "widget-configs-unsecured"
    enabled: true
    priority: 10
    paths: ["/ccm/widget-configs/*"]
    backendServicePort: 8081
    plugins:
      enableAuth: false
      enableRewrite: true
      rewriteStripPrefix: false
      rewriteRegexUriFrom: "^/ccm/(.*)"
      rewriteRegexUriTo: "/$1" # Strip /ccm/
  # Route 4: Main Secured Route
  - nameSuffix: "main-secured"
    enabled: true
    priority: 0
    paths: ["/ccm/*"]
    backendServicePort: 8081
    plugins:
      enableAuth: false # Enable Auth
      enableRewrite: true # Uses default stripPrefix

Cim-Customer

APISIX Route for Cim-Customer
CODE 
ingress: { enabled: false }
apisixRoutes:
    - nameSuffix: "main"
      enabled: true
      paths: [ "/cim-customer/*" ]
      backendServicePort: 8080
      plugins:
        enableAuth: false
        enableRewrite: true # Uses default stripPrefix

Conversation-Manager

APISIX Route for Conversation-Manager
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/conversation-manager/*"]
    backendServicePort: 8080
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

Conversation-Monitor

APISIX Route for Conversation-Monitor
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/conversation-monitor/*"]
    backendServicePort: 8080
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

Customer-Widget

APISIX Route for Customer-Widget
CODE 
ingress:
    enabled: false
    ingressAssets:
        enabled: false
apisixRoutes:
  # Route 1: Main path
  - nameSuffix: "main"
    enabled: true
    paths: ["/customer-widget/*"]
    backendServicePort: 80
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix
  # Route 2: Assets path
  - nameSuffix: "assets"
    enabled: true
    paths: ["/widget-assets/*"]
    backendServicePort: 80
    plugins:
      enableAuth: false
      enableRewrite: false # No rewrite needed
      enableCors: true

File-Engine

APISIX Route for File-Engine
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/file-engine/*"]
    backendServicePort: 8080
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix
    # Note: proxy-body-size needs APISIX global config or maybe a specific plugin if available

Historical Reports

APISIX Route for Historical-Reports
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/historical-reports/*"]
    backendServicePort: 8081
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

License Manager

APISIX Route for License-Manager
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/license-manager/*"]
    backendServicePort: 8888
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

Realtime-Reports

APISIX Route for Realtime-Reports
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/realtime-reports/*"]
    backendServicePort: 8080
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

Routing-Engine

APISIX Route for Routing-Engine
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/routing-engine/*"]
    backendServicePort: 8081
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

StateEvents-Logger

No changes

Team-Announcement

APISIX Route for Team-Announcement
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/team-announcement/*"]
    backendServicePort: 8080
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

Unified-Admin

APISIX Route for Unified-Admin
CODE 
ingress:
   enabled: false
   defaultIngress: false
apisixRoutes:
  # Route 1: Main /unified-admin/* path
  - nameSuffix: "main"
    enabled: true
    paths: ["/unified-admin/*"]
    backendServicePort: 3000
    plugins:
      enableAuth: false
      enableRewrite: true
      rewriteStripPrefix: false # Custom rewrite for slash
      rewriteRegexUriFrom: "^/unified-admin/?(.*)"
      rewriteRegexUriTo: "/$1"
      enableCors: true
  # Route 2: Default /* route
  - nameSuffix: "default"
    enabled: true
    priority: -10
    paths: ["/*"]
    backendServicePort: 3000
    plugins:
      enableAuth: false # No auth on default
      enableRewrite: false # No rewrite needed

Web-Channel-Manager

APISIX Route for Web-Channel-Manager
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/web-channel-manager/*"]
    backendServicePort: 7000
    enableWebsocket: true # Enable websocket
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

Business-Calendar

APISIX Route for Business-Calendar
CODE 
ingress: { enabled: false }
apisixRoutes:
  - nameSuffix: "main"
    enabled: true
    paths: ["/business-calendar/*"]
    backendServicePort: 8443
    # backendScheme: https # Add if needed
    plugins:
      enableAuth: false
      enableRewrite: true # Uses default stripPrefix

Agent-Desk

agent-desk

Click here to expand...
CODE 
    ingress:
        enabled: false
        ingressAssets:
          enabled: false
          annotations: {}
          path: /assets
  
    apisixRoutes:
      # Route 1: Main application path
      - nameSuffix: "main"
        enabled: true
        priority: 0 # Default priority
        paths: ["/unified-agent", "/unified-agent/*"] # Matches /unified-agent/ and everything after
        backendServicePort: 80
        plugins:
          enableAuth: false      # Assumed: Main application endpoints require auth
          enableRewrite: true   # Corresponds to rewrite-target removing /unified-agent
          # rewriteStripPrefix: true is implied by enableRewrite: true unless overridden
          enableCors: true      # From ingress annotations
      # Route 2: Assets path
      - nameSuffix: "assets"
        enabled: true
        priority: 0 # Same priority should be fine as paths are distinct prefixes
        paths: ["/assets/*"]    # Matches /assets/* directly
        backendServicePort: 80
        plugins:
          enableAuth: false     # Assumed: Assets typically don't require auth
          enableRewrite: false  # No rewrite annotation was present for assets ingress
          enableCors: true      # From ingress annotations

grafana

Click here to expand...
CODE 
  ingress: { enabled: false } # Disabled in favor of APISIX
  apisixRoutes:
    - nameSuffix: "main"
      enabled: true
      # Translating path /grafana(/|$)(.*) to APISIX prefix match
      paths: ["/grafana/*"]
      backendServicePort: 3000 # Matches assumed service port
      plugins:
        enableAuth: false # Assuming Grafana requires auth
        enableRewrite: true # Use default stripPrefix to remove /grafana
        # enableCors: false # No CORS annotations were present for Grafana ingress

Channels

connect360

Click here to expand...
CODE 
   ingress: { enabled: false }
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/360connector/*"]
       backendServicePort: 8080
       plugins:
         enableAuth: false          # <-- *** AUTH DISABLED ***
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

facebook-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/facebook-connector/*"]
       backendServicePort: 8080
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

instagram-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/instagram-connector/*"]
       backendServicePort: 8080
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

smpp-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/smppconnector/*"]
       backendServicePort: 8115
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

telegram-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/telegram-connector/*"]
       backendServicePort: 8664
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

twilio-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/twilio-connector/*"]
       backendServicePort: 8085
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

twitter-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/twitter-connector/*"]
       backendServicePort: 8080
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

viber-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/viber-connector/*"]
       backendServicePort: 8080
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

email-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/email-connector/*"]
       backendServicePort: 8080
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

whatsapp-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/whatsapp-connector/*"]
       backendServicePort: 8080
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

ms-email-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/ms-email-connector/*"]
       backendServicePort: 8080
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

youtube-connector

Click here to expand...
CODE 
  ingress: {enabled: false} # <-- Explicitly disable standard Ingress
  apisixRoutes:
    - nameSuffix: "main"
      enabled: true
      priority: 0
      paths: ["/youtube-connector/*"]
      backendServicePort: 8080
      plugins:
        enableAuth: false
        enableRewrite: true
        enableCors: false
        enableTrailingSlashRedirect: false

linkedin-connector

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/linkedin-connector/*"]
       backendServicePort: 9001
       plugins:
         enableAuth: false
         enableRewrite: true
         enableCors: false
         enableTrailingSlashRedirect: false

Campaigns

campaign-backend

Click here to expand...
CODE 
   ingress: { enabled: false } # Using APISIX
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/campaigns/*"]     # From ingress path
       backendServicePort: 3000    # From ingress backend
       # backendServiceName: ""    # Optional: Defaults to chart service name
       # backendNamespace: ""    # Optional: Defaults to release namespace
       # backendScheme: "http"     # Optional: Defaults to http
       # methods: ["GET", "POST"]  # Optional: Defaults to all
       # enableWebsocket: false    # Optional: Defaults to false
       plugins:
         enableAuth: false          # Assumed: Requires auth
         enableRewrite: true       # From ingress rewrite-target (implies default prefix strip)
         # rewriteStripPrefix: true # Template default when enableRewrite=true and no custom regex
         enableCors: false         # No CORS annotations on specific ingress
         enableTrailingSlashRedirect: false # No redirect needed

campaign-studio

Click here to expand...
CODE 
   ingress: { enabled: false } # Using APISIX
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/campaign-studio/*"] # From ingress path
       backendServicePort: 1880    # From ingress backend
       plugins:
         enableAuth: false          # Assumed: Requires auth
         enableRewrite: true       # Enable rewrite for custom rule
         rewriteStripPrefix: false # MUST be false to allow custom regex below
         rewriteRegexUriFrom: "^/campaign-studio(/|$)(.*)" # Specific rule from ingress rewrite-target: /red/$2
         rewriteRegexUriTo: "/red/$2"
         enableCors: true          # CORS annotations were present on specific ingress
         enableTrailingSlashRedirect: true #

scheduled-activities

Click here to expand...
CODE 
  ingress: { enabled: false } # Using APISIX
  apisixRoutes:
    - nameSuffix: "main"
      enabled: true
      priority: 0
      paths: ["/scheduler/*"]     # From ingress path
      backendServicePort: 8894    # From ingress backend
      plugins:
        enableAuth: false          # Assumed: Requires auth
        enableRewrite: true       # From ingress rewrite-target (implies default prefix strip)
        # rewriteStripPrefix: true # Template default when enableRewrite=true and no custom regex
        enableCors: false         # No CORS annotations on specific ingress
        enableTrailingSlashRedirect: false # No redirect needed

Surveys

surveys-backend

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/survey-backend/*"] # From original ingress path
       backendServicePort: 3000     # From original ingress backend port
       plugins:
         enableAuth: false          # <-- Default: Auth Disabled
         enableRewrite: true        # From original ingress rewrite-target (default strip)
         enableCors: false          # No specific CORS rules in original
         enableTrailingSlashRedirect: false # No redirect needed

surveys-studio

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- Explicitly disable standard Ingress
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/survey-studio/*"] # From original ingress path
       backendServicePort: 1880    # From original ingress backend port
       plugins:
         enableAuth: false          # <-- ASSUMPTION: Auth needed due to /red/ target. Confirm please!
         enableRewrite: true       # Enable rewrite for custom rule
         rewriteStripPrefix: false # MUST be false for custom rule
         rewriteRegexUriFrom: "^/survey-studio(/|\\$)(.*)" # From original path + rewrite target
         rewriteRegexUriTo: "/red/$2"                  # From original rewrite target
         enableCors: true          # CORS enabled in original annotations
         enableTrailingSlashRedirect: true # Trailing slash redirect needed from original snippet

Eleveo

eleveo-api

Click here to expand...
CODE 
   ingress: { enabled: false } # Explicitly disable standard Ingress ***
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/eleveo-connector-api/*"] # From original ingress path
       backendServicePort: 8080          # From original ingress backend port
       plugins:
         enableAuth: false               # Auth Disabled as confirmed
         enableRewrite: true             # From original ingress rewrite-target (default strip)
         enableCors: false               # No CORS specified
         enableTrailingSlashRedirect: false # No redirect specified

eleveo-runner

Click here to expand...
CODE 
   ingress: {enabled: false} # <-- *** CORRECTED: Explicitly disable standard Ingress ***
   apisixRoutes:
     - nameSuffix: "main"
       enabled: true
       priority: 0
       paths: ["/eleveo-recording-runner/*"] # From original ingress path
       backendServicePort: 8080             # From original ingress backend port
       plugins:
         enableAuth: false                  # Auth Disabled as confirmed
         enableRewrite: true                # From original ingress rewrite-target (default strip)
         enableCors: false                  # No CORS specified
         enableTrailingSlashRedirect: false    # No redirect specified
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close