This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

How to secure communication between Apigee Edge Proxy and Backend service?

Posted on 09-20-2016 08:25 AM
Not applicable
Reply posted on --/--/---- --:-- AM

I have read a lot of documentation about configuring apigee's proxies and it seems there are not many options to secure your backend endpoint (which is behind the proxy)

  • with white-list policy - in that way backend endpoint will accept requests only from apigee proxy and deny everything else;
  • two-way TLS as described here

Which one is a best practice? Is there any other way to secure backend endpoint? Please, share your experience and, if possible, point me to some resources I can read about security measures you have applied.

Solved Solved
1 5 1,973
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
ceber
Staff
Reply posted on --/--/---- --:-- AM

Here's the documentation describing the configuration of two-way TLS: http://docs.apigee.com/api-services/content/configuring-ssl-edge-backend-service#configuringtwowaytl...

I believe there is a video; I'll try to track it down if someone doesn't beat me to it.

You can combine whitelisting with two-way TLS if you wish to add that extra bit to the equation; it's not a one vs. the other sort of thing.

View solution in original post

Jump to Solution
5 REPLIES 5