Hi, I'm Ask INFA!
What would you like to know?
ASK INFAPreview
Please to access Ask INFA.

Table of Contents

Search

  1. Preface
  2. API policies
  3. Security policies
  4. CORS policies
  5. Rate limit policies
  6. Response caching policies
  7. Privacy policies
  8. IP filtering policies
  9. Third-party authentication and authorization

API Policies

API Policies

Domain-level IP filtering

Domain-level IP filtering

You can use the
Domain IP Filtering
policy to manage IP-based access control for all managed APIs, managed API groups, and custom APIs within your organization. This policy defines access rules that either allow or deny IP addresses permission to invoke any API in your organization.
The
Domain IP Filtering
policy applies globally to every API in the organization by default. If you configure both managed API or managed API group and domain IP filtering policies, the managed API or managed API group policies take precedence over domain IP filtering policies.
When API Center receives an API invocation request, it checks the request's IP address against the IP filtering rules in the order they are listed. The first matching rule is applied to the request, either allowing or denying access.
You must use either allow rules or deny rules in the domain IP filtering policy. You can't use a combination of allow and deny rules.
Configuring a domain-level IP filtering policy provides centralized IP access control across all APIs in your organization, simplifying security management. You can combine the domain IP filtering policy with managed API, managed API group, or custom API-specific policies for greater flexibility. You can also control how policies are evaluated and enforced by ordering the rules.

0 COMMENTS

We’d like to hear from you!