i want a solution to apply in gateway to allow access for specific IP addresses that only these IPs could call all APIs I created.in which step of Message Flow in the API Manager Gateway I must add this functionality : The handlers or Mediation extensions or
In sequence and out sequence?
Asked
Active
Viewed 62 times
0
Ali farahzadi
- 274
- 2
- 10
2 Answers
2
This question is a bit different from the old ones you asked, do you need a global policy to apply across all APIs? In that case, you can simply create Deny Policies, which will block access to all the APIs for specific IP(s).
Going further you can even add a Firewall rule in the GW server to restrict access. (This is the most efficient and the most secure way, to block the connection even before reaching the server)
iptables -A INPUT -m iprange –src-range [START]-[END] -j DROP
ycr
- 12,828
- 2
- 25
- 45
-
1thanx so much @ycr actually I set invert to true for giving access to only some IP addresses – Ali farahzadi Mar 04 '23 at 10:12
1
Apart from the solutions suggested by @ycr, let me also help you understand how/ where Handlers or Mediation extensions come into play.
- Handlers - this can be applied globally and this will engage for all the APIs which are deployed at the Gateway
- Mediations - these are API-specific and can be applied either for In-flow (request) or Out-flow (response) or Fault-flow (error). If you want to apply some custom business logic, depending on the path (in/ out/ error) you can apply custom mediations. However, you need to be a bit careful when applying mediations for each API as they will add extra latency to the APIs
Joy Rathnayake
- 485
- 4
- 8