Saltbox API Gateway Overview

Saltbox API Gateway

Saltbox API Gateway supports the creation of customized API’s which integrate into any number of systems, securely and reliably. Routes are built with customized business logic using Saltbox Integration workflows and our library of Connectors.

Because Saltbox API Gateway relies on workflows, all of the tools available to a workflow can be used to support API customization and troubleshooting. These include workflow message trace, visual data mapper, and iterative testing tools.

Best Practices


At this time, Saltbox API Gateway supports synchronous requests, whose responses must be provided within 30 seconds. To support timely responses, workflows should be optimized for speed and message size.

  • In general, requests and responses should be kept as small as possible.
  • Send only what’s necessary to complete a request (for example, send targeted fields rather than a whole data object).

Workflow Design

  • Minimize the number of actions to keep the workflow succinct.
  • Minimize data object and query lookups. The more external touch-points, the longer the workflow will take to execute. To minimize external touch-points, use efficient and targeted queries where possible instead of general-purpose data object lookups. For example, one object request in SAP Business One does secondary lookups for related data. This can add delays in the workflow execution.


API Gateway supports a request-response pattern of synchronous workflow execution.

Due to technical limitations, all synchronous requests must be completed within 30 seconds.

Request and response sizes should be limited to 100 KB to avoid adding delays to the response. Larger sizes are possible but may result in workflow timeouts.

Start using Saltbox API Gateway

For setup instructions, see Saltbox API Gateway Setup.

Exception Handling and API Error Codes

HTTP Response Codes are generated when a request cannot be processed. Refer to the list below for instructions on how to resolve known issues.

HTTP Response Code Error / Description
400 Content not in expected format

This error is returned when the workflow’s input message is in the wrong format.
401 Unauthorized, The platform API token Key is not valid

This error is typically caused by an incorrect API key.
403 Forbidden, User is not authorized to access this resource with an explicit deny

This error can be caused by an incorrect API key or insufficient access to a project or workflow.
404 The specified Project \ Project Version doesn't exist

This error is typically caused by using the incorrect URL.
422 Missing parameters

This indicates that the message was un-processable in some way. See response details for a root cause.
422 Un-processable message

This indicates that the message was un-processable in some way. See response details for a root cause.
500 unexpected error

This is a general-purpose error message. It is sometimes temporary, so wait briefly before attempting the API call again.
503 Integration Application Server was unavailable or Attempt to access Integration Application Server was unauthorized

This error indicates that access was unsuccessful, for example, if the supporting application server is offline.

Release Notes

The release notes below provide a snapshot of recent feature releases for API Gateway.