Last updated: 09 January 2019.
Wellcome Collection provides multiple APIs to interact with our data. A single API can be made up of multiple services, providing responses at different endpoints.
Some API endpoints require authentication, while others are public and would benefit from rate limiting.
In order to provide a consistent location for Wellcome Collection APIs we'd like to serve all APIs from api.wellcomecollection.org.
As of 09/01/2019 we are focusing on serving the storage and catalogue APIs from api.wellcomecollection.org. The storage API requires authentication, the catalogue API does not.
We are using AWS API Gateway to host our REST APIs and making use of a private integration to serve requests via an AWS ECS Service.
We wish to segregate infrastructure projects into different AWS accounts for simplicity and security. See RFC: 009-aws_account_layout.
Currently it is not possible to point a Custom Domain from one account to another account using API Gateway.
The recommended solution is to use an AWS CloudFront Distribution to field requests to api.wellcomecollection.org and then use Custom Origins to serve requests from API Gateway in other accounts using their own Custom Domains.
See:
