RelyREST Concepts
How it works
RelyREST is configured through resource definition files (YAML or JSON) that describe:
- OpenAPI resources — an OpenAPI 2.0 or 3.x specification (referenced by path/URL or inlined) plus proxy settings.
- RelyAuth resources — an authentication configuration applied globally across all proxied APIs.
At startup, RelyREST loads all resource files matching glob patterns defined in the server configuration. It builds a routing tree from each OpenAPI spec and registers HTTP handlers. Incoming requests are authenticated (if a RelyAuth resource is configured), matched to a route, optionally transformed, and forwarded to the upstream server.
Key concepts
| Concept | Description |
|---|---|
| Server configuration | Top-level config for ports, TLS, CORS, telemetry, and resource file discovery |
| Resource definitions | YAML/JSON files that define OpenAPI specs and auth config |
| Security schemes | Credentials are injected when calling upstream APIs |
| Transformations | Path, header, and body rewriting per operation |
Deployment modes
RelyREST ships two services for different deployment patterns:
REST gateway
The REST gateway exposes your OpenAPI-defined endpoints directly. Each API resource is mounted at a configurable base path. Clients send requests to RelyREST, which proxies them to your upstream services.
DDN plugin
RelyREST is responsible as a Hasura DDN plugin. RelyREST runs a /ddn/pre-route endpoint
that DDN uses for request routing, enabling REST APIs to be consumed inside a GraphQL/DDN environment.