This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Security of charging API

Posted on 08-30-2016 09:36 AM
Not applicable
Reply posted on --/--/---- --:-- AM

How APIGEE platform ensure security of any API which is related to charging.

Suppose a developer purchase charging API of edge from a telco company and he/she is now doing charging using charging API to any specific MSISDN with any amount, so how this kind of scenario will be handled by Edge?

Please assume the South Bound systen is a charging system which is exposed through API GW towards north bound.

0 1 106
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

In addition to enabling SSL on the Northbound side to the proxy running on Edge, enabling SSL on the southbound side between the Gateway and the charging backend, you can implement Oauth as an authentication mechanism to allow/deny access to the charging API in Edge. Edge supports out of the box all of the Oauth 2.0 grant-types and can act as an authorization server to generate and validate Oauth bearer tokens. There are policies which you can implement in your charging proxy to implement this.

Relevant links: http://docs.apigee.com/api-services/content/ssl

http://docs.apigee.com/api-services/content/using-oauth2-security-apigee-edge-management-api

0 Likes