This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Restricting consumers to access api proxy urls

Posted on 04-15-2016 02:28 PM
Not applicable
Reply posted on --/--/---- --:-- AM

I am finding out solution on how clients can be restricted to access Proxy url.

In browser based clients,if we have one-way SSL/TLS,we can setup CORS Allow-origin to static client's domain name,instead of " * " or "request.header.origin", so that we can restrict a particular client's access to Proxy url.

Or,if we have 2-way SSL/TLS,we can ensure only authenticated clients access the proxy url.

In Application based clients,only way is to enable Two-way SSL.Is JWT token also helps in this case?

I am not sure whether this understanding is correct.Please suggest if any other solutions.

I am trying to restrict access before even some unknown client tries to access Proxy url by submitting their credentials,in case of one-way SSL.

0 1 137
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
gnanasekaran
Staff
Reply posted on --/--/---- --:-- AM

Hello @RK4,

You can restrict consumers as long as you can identify the consumers.So basically you need to establish an mechanism for identifying the consumer of your APIs, which can be done either at the transport level or at the application level

At the transport level, you could use

> IPs

> Certs - 2-way SSL

or

At an application level, you could do things like,

> Basic Authentication

> Key based authentication

> Oauth, 1.0a or 2.0

> JWT

> SAML

etc.. basically any application authentication scheme.

So as long as you enforce any of these authentication scheme for your APIs - you could easily restrict consumers to access your API [In Apigee, this is basically the proxy URLs]

Thanks,

0 Likes