Table of Contents

Search

  1. Preface
  2. Introduction to API Manager
  3. API management
  4. Organizational access policies
  5. API-specific policies
  6. API groups
  7. Authentication and authorization
  8. API Microgateway Service
  9. Analytics

API Manager Guide

API Manager Guide

Organizational IP filtering policy

Organizational IP filtering policy

The organizational IP filtering policy consists of a set of access rules that determine IP addresses that are allowed or denied permission to invoke managed APIs and custom APIs. The policy applies to all the APIs in the organization. API-specific IP filtering policies and API group IP filtering policies override the organizational IP filtering policy.
When API Manager receives a request to invoke an API, it checks the IP address of the request against the rules in the policy, in the order that the rules are listed in. API Manager applies the first rule in the rules table that matches the request IP address to the request. You can change the order of the rules by moving them up or down.
To allow access to specific IP addresses and deny access to all other IP addresses, add the rules that allow access before the rule that denies access. To deny access to specific IP addresses and allow access to all other IP addresses, add the rules that deny access before the rule that allows access.

IP Filtering Policy Example

The following table lists rules that allow access to several IP address ranges, and deny access to all other IP addresses:
Access Type
From IP address
To IP address
Allow
9.10.11.12
9.10.25.27
Allow
5.6.7.8
5.6.15.17
Allow
1.2.3.4
1.2.12.14
Deny
0.0.0.0
255.255.255.255

0 COMMENTS

We’d like to hear from you!