Admin Panel
QvaSoft Gateway includes a built-in web-based admin panel for managing all gateway configuration without editing JSON files manually.
Accessing the Panel
Navigate to:
http://localhost:4000/admin
First-Time Registration
On first launch (when no users exist in the database), the panel shows a registration form:
- Enter your email, full name, and password
- Select your account type (Personal or Company)
- Click Register
You'll be automatically logged in after registration.
Registration is only available once. After the first user is created, the registration endpoint is disabled.
Password Requirements
- Minimum 8 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one digit
Dashboard
The dashboard provides an overview of:
- Endpoints -- Total configured routes
- Swagger -- Swagger endpoint configurations
- Aggregation -- Configured request aggregations
Managing Routes
Add a Route
- Navigate to Endpoints
- Click the + button
- Fill in the inbound and outbound configuration
- Click Save
Edit a Route
- Select a route from the table
- Click the Edit (pencil) button
- Modify the configuration
- Click Save
Duplicate a Route
Select a route and click the Duplicate button to create a copy with a new ID.
Delete Routes
Select one or more routes and click the Delete button.
Bulk Change Downstream
Select multiple routes and click Change Outbound to update the downstream host/port for all selected routes at once.
Import / Export
- Export -- Download routes as a JSON file (selected or all)
- Import -- Upload a JSON file to add new routes (duplicates are skipped)
Search & Filter
Use the search box to filter routes by path, host, or key. Toggle the regex icon to enable regular expression search.
Route Configuration Options
Each route supports the following tabs in the form:
| Tab | Description |
|---|---|
| Route | Inbound/outbound paths, methods, host and ports |
| Authentication | Provider keys, allowed scopes, anonymous access |
| Claims Transformation | Transform claims to headers, queries, or path params |
| Header Transformation | Modify request and response headers |
| Rate Limiting | Request throttling per time window |
| Cache Options | Response caching with TTL |
| QoS Options | Circuit breaker and timeout settings |
| Security Options | IP allow/block lists |
| Load Balancer | Distribution strategy for multiple hosts |
| Tracing | Enable request tracing |
| Metadata | Custom key-value pairs |
Global Configuration
Navigate to Global Configuration to manage settings that apply to all routes:
- Base URL
- Request ID key
- Default metadata
- Service discovery
- Global security options
Swagger Configuration
Manage Swagger/OpenAPI endpoint configurations that aggregate documentation from your downstream services.
Aggregation
Configure request aggregation to combine responses from multiple downstream services into a single response.
Admin API Endpoints
The admin panel communicates through these API endpoints:
| Method | Endpoint | Description |
|---|---|---|
POST | /admin-api/register | First-time admin registration |
POST | /admin-api/login | Authenticate and get JWT token |
GET | /admin-api/data | Get current gateway configuration |
POST | /admin-api/data | Save gateway configuration |
All endpoints except /register and /login require a valid JWT token with the Administrator role.
Customization
Customize the admin panel appearance in appsettings.json:
{
"AdminApi": {
"AppName": "My Company Gateway",
"PrimaryColor": "#6200ea",
"LogoUrl": "https://example.com/logo.png"
}
}
Account Lockout
After 3 failed login attempts, the account is locked for 15 minutes. Use the CLI to unlock:
ApiGateway set-password
This resets the password and unlocks the account.