Apigee proxy forwards event updates to a previously registered callback endpoint. The callback endpoint is stood up by the app developer. As a service provider what options are available to secure such a callback.
Can an app credentials (apigee issued) be used to derive a token to secure such calls.
I dont think using app credentials would be a good idea, I doubt it would be applicable.
If I understand correctly, to make it secure you may insist to communicate over HTTP(s) only for all call backs to all the client systems.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |