Hi all,
If I am going to expose my internal APIs to the internet so Apigee can proxy it, how do I ensure developers don't call my internal APIs directly?
I have read about whitelisting IP addresses used by Apigee, but how would you go about this if your company's current Apigee setup does not have dedicated IP addresses?
Solved! Go to Solution.
Hi @Nicnic Nicnic,
If you are using APIGEE cloud version you can request for IPs which can be whitelisted from your backend. Still there are the options for you to protect your backend -
Even you whitelist Apigee IP, you should still consider to have above points as a part of better security model.
Hope this helps, and let me know if you need more information.
Hi @Nicnic Nicnic,
If you are using APIGEE cloud version you can request for IPs which can be whitelisted from your backend. Still there are the options for you to protect your backend -
Even you whitelist Apigee IP, you should still consider to have above points as a part of better security model.
Hope this helps, and let me know if you need more information.
I prefer 2-way TLS.
User | Count |
---|---|
5 | |
2 | |
1 | |
1 | |
1 |