This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to make more secured proxy in APIGEE?

Posted on 02-02-2016 10:41 AM
Not applicable
Reply posted on --/--/---- --:-- AM

I want to know how we can make more secured proxy.

As I am finding in web that,

if client credentials are hacked ,then Authentication layer will be passed in Verify APIKey policy.

if client credentials are hacked or even the access token,then the OAuth Authorisation layer will also be passed.

So,how can we build a strong security layer?Does SSL really matter to solve this case?

0 2 69
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

You can go with SSL/TLS (since you control both sides, forcing TLS 1.2 should be feasible).

During the SSL handshake the client will try to access your API with a Client Hello when making an API request for secure port. In turn the instance answering to the backendwould respond with a Server Hello in which it would present the client with its SSL server certificate. There is not a need for the client to have your SSL server certificate for this handshake in advanced.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

Couple of options here:

1) API is only accessible on private network

2) basic auth at the least, ideally token-based auth (e.g., OAuthv2) to access API

3) user-level credentials to access API

4) 2-way SSL with backend

Those are the big ones. You can surely use combinations of the above for increased security.

0 Likes