Request/Response visibility within the apigee proxy in clear text,Pay load in clear text within apigee component
How do we avoid clear text visibility of request/response payload within apigee proxy. I have a sensitive information that will pass through the API gateway. Concern over here is if someone can get hold of the request of response. I can encrypt the request/response payload so that it is of no use if accessed but what are the available options with in the proxy to avoid clear text visibility of request/response.
Answer by Dino-at-Google
·
Feb 03, 2020 at 10:51 PM
What do you mean by "visibility"? visibility by whom? How?
If your requirement is to never have the cleartext be instantiated within the proxy, then yes, you need to use application-level encryption and you must not store the keys within Apigee.
If your goal is to obscure the payloads from viewers who use Trace, then you can use a datamask for request.content and response.content. This latter approach will not prevent a rogue proxy developer from using AssignMessage to read response.content and ... maybe write it to a log file. Or send it to a remote endpoint. The response.content will still be readable by the proxy runtime, if not displayable in the Trace subsystem.
Sorry if the question was not clear. As you mentioned response/request content is always readable by proxy at runtime, Can this be avoided by proxy which doesn't need to do any manipulation in the payload ?
1. Disable trace for the api using permissions .
2. Also ensure not all users can modify the proxy.
If you enable streaming on request and response, then the payloads will not be visible in trace. Or you can use RBAC as Sujith suggested earlier today.
