Request/Response visibility within the apigee prox...

klchetan · 02-03-2020 07:05 AM

How do we avoid clear text visibility of request/response payload within apigee proxy. I have a sensitive information that will pass through the API gateway. Concern over here is if someone can get hold of the request of response. I can encrypt the request/response payload so that it is of no use if accessed but what are the available options with in the proxy to avoid clear text visibility of request/response.

dchiesa1

What do you mean by "visibility"? visibility by whom? How?

If your requirement is to never have the cleartext be instantiated within the proxy, then yes, you need to use application-level encryption and you must not store the keys within Apigee.

If your goal is to obscure the payloads from viewers who use Trace, then you can use a datamask for request.content and response.content. This latter approach will not prevent a rogue proxy developer from using AssignMessage to read response.content and ... maybe write it to a log file. Or send it to a remote endpoint. The response.content will still be readable by the proxy runtime, if not displayable in the Trace subsystem.

klchetan

Sorry if the question was not clear. As you mentioned response/request content is always readable by proxy at runtime, Can this be avoided by proxy which doesn't need to do any manipulation in the payload ?

sjm2000-1

1. Disable trace for the api using permissions .

2. Also ensure not all users can modify the proxy.

dchiesa1

If you enable streaming on request and response, then the payloads will not be visible in trace. Or you can use RBAC as Sujith suggested earlier today.

Request/Response visibility within the apigee proxy in clear text,Pay load in clear text within apigee component