I'm testing API product enforcement behavior on API keys, and I'm getting weird results. Just trying to understand what *should* work and what shouldn't. (I'd like to improve the docs.) I've already seen https://community.apigee.com/questions/13494/creating-api-product-on-pattern-matching.html, which is unresolved, but I wanted to start a different thread for the behavior I'm seeing.
In my API call, I've got this proxy prefix:
/foo/bar/hello/iloveapis
(and I'm attaching my Verify API Key policy on the PreFlow).
When I don't include my API key, I get a 401 on any call to the proxy, as expected.
On my API product, I've included my helloworld proxy, and I'm trying out different resource paths.
For example,
/foo/**
set on the product gives me a 200 all the time when I do a GET on /foo/bar/hello/iloveapis?apikey=[key]
in cURL or Trace.
Then, when I change the resource to allow only calls to
/foo/monkey/**
, I get a mix between 401s and 200s!
It also appears that mixing /* with /** sometimes works and sometimes doesn't:
Gives a mix between 401 and 200: /*/bar/*/iloveapis
Seems to mostly give 200: /foo/bar/**
Gives a mix between 401 and 200: /*/bar/**
Just trying to figure out which wildcard combos are supported and which aren't, and why random paths that I never use sometimes allow 200s. (Some caching/refresh cycle that needs to happen on the MPs?)
In the docs, we imply that you can use /, /*, and /**, and we don't note any particular restrictions on combinations.
Thanks for any insights.
Solved! Go to Solution.
we already raised a bug w/ support about this - MGMT-3273
I will let someone from Apigee share the fix roadmap.
Usually
1) *matches zero or more characters 2) **matches zero or more 'directories' in a path
The behavior you are seeing is it intermittent ?
Hey @naveen. Yeah, it's definitely intermittent, and mixing /* with /** in the same path seems to give more 401s than 200s.
we already raised a bug w/ support about this - MGMT-3273
I will let someone from Apigee share the fix roadmap.
Sweeeeeeet. Thanks a ton, @Benjamin Goldman. I'll keep my eye on that ticket.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |