Solved: IP whitelisting using a list at run time - Page 2

scase · 06-25-2015 06:19 AM

Sorry, I accidentally posted early.

We would like to add the ability to whitelist by requestor IP. We have done this before using the Access Control policy, but this time we would like to load a list of them from Custom Attributes per Developer App so that we don't have to re-deploy or manually change in the gateway if these change. So we wouldn't know at deployment what the values are nor how many there are.

Is this even possible? Would we need to do this using javascript to access the object associated with access control?

gnanasekaran

IP whitelisting details are here, http://apigee.com/docs/api-services/reference/access-control-policy

You need to provide concrete IPs for this work, so you cannot use variables, to resolve at runtime.

So back to your question, you could update [only] this policy at runtime using the API

PUT /v1/o/{orgname}/apis/{apiname}/revisions/{revision}/policies/{access_control_policy}

.. new payload with updated IPs..

Thanks,

View solution in original post

jonesfloyd

All - Apologies for the delay on this. I've created the following SmartDocs topics

Unfortunately, the API for update of a policy definition is still under internal review and and should currently be considered deprecated. While you can delete policy using the update/get URI, I didn't include it in SmartDocs because that could be a little dangerous. Deleting policies, IMO, should be more deliberate. There's no "Are you sure?" involved with the API policy delete, and if the policy was being used in a deployed proxy, that would wreak havoc. Thanks.

View solution in original post