This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

API Product to mandate addition of atleast one proxy

Posted on 06-14-2018 01:06 PM
gargi_talukdar
New Member
Reply posted on --/--/---- --:-- AM

Hi,

As per this document, https://docs.apigee.com/api-platform/publish/create-api-products

there is a warning saying that If you don't select an API proxy, any app associated with the product can make calls to any API in your entire organization.

Is there a way to mandate addition of atleast one proxy to the product so that if anybody misses to add a proxy to the product it does not expose all the APIs. If not, what is the best way to prevent this.

Solved Solved
0 4 520
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
mdunker
Staff
Reply posted on --/--/---- --:-- AM

As this is a situation that can bite you unexpectedly (this is the "skeleton key" mentioned by @wwitman in his excellent article here) -- it would be awesome to at least see a warning on the API Product page that warned when this condition exists. Silent superuser privilege seems dangerous...

View solution in original post

Jump to Solution
4 REPLIES 4