policy to manage IP-based access control for all managed APIs, managed API groups, and custom APIs within your organization. This policy defines access rules that either allow or deny IP addresses permission to invoke any API in your organization.
The
Domain IP Filtering
policy applies globally to every API in the organization by default. If you configure both managed API or managed API group and domain IP filtering policies, the managed API or managed API group policies take precedence over domain IP filtering policies.
When API Center receives an API invocation request, it checks the request's IP address against the IP filtering rules in the order they are listed. The first matching rule is applied to the request, either allowing or denying access.
You must use either allow rules or deny rules in the domain IP filtering policy. You can't use a combination of allow and deny rules.
Configuring a domain-level IP filtering policy provides centralized IP access control across all APIs in your organization, simplifying security management. You can combine the domain IP filtering policy with managed API, managed API group, or custom API-specific policies for greater flexibility. You can also control how policies are evaluated and enforced by ordering the rules.