About kctreacy

kctreacy · 06-06-2019

Does the management API support setting an expiration when adding a new api key and secret? I tried and it does not appear to respect the 'expiresAt' setting. Is setting the expiration only available when creating a completely new application?

kctreacy · 04-08-2016

Is it possible to specify multiple logging policies for an API proxy? I have configured four logging polices: preflow-request, preflow-response, postflow-request and postflow-response, but only see one logging entry being sent to the target Syslog se...

kctreacy · 11-21-2019

The JWT specification defines the 'jti' claim for this exact purpose. The 'jti' claim serves as a 'nonce' that can be used to prevent replay attacks / enforce "one-time" use of the JWT.Note that you do not explicitly invalidate the JWT. Instead you p...

kctreacy · 03-01-2019

You need to think about encryption at two-levels: 1) transport-level encryption and 2) data or message-level encryption. In most scenarios only transport-level security is used. In that scenario the data/message is only encrypted while in transit on-...

kctreacy · 11-29-2017

We are running Apigee internally (private) and had the same requirement: to have the Developer Portal support multiple Organizations like Apigee Edge does. Per Apigee at the time we were implementing that was not supported -- Developer Portal only su...

kctreacy · 04-27-2016

Can you please confirm/verify the syntax. The first convention described in your response uses 'conf/http.properties+' as the property name prefix and the second one uses 'conf_http_' as the property name prefix. Are there really two different conven...

My Stats

kctreacy's Bio

Badges kctreacy Earned

Recent Activity

Set new consumer key expiration

Multiple logging policies

Re: How to invalidate a JWT Token after Verify

Re: Encryption-Decryption in APIGEE

Re: Can we connect developer portal to multiple edge organizations?

Re: How to do forward proxying using Apigee Edge for the Private Cloud?