We are evaluating API portal to host APIs for customer integration and have almost everything set in gateway.
We have planned to setup LDAP based access for internal roles and external be with portal.
We recently have been asked by application security team to check on the feasibility to ensure that the login of users with internal roles integrated with LDAP(internal) be accessed only over intranet not in internet.
Is this possible, awaiting for answers.
If my understand your question correctly ...
I assume the portal server is located in intranet, and if there is a gateway (for example, in DMZ) working as reverse proxy for the portal server (ie. the portal server does not expose to internet directly), then, you should be able to do some validations to restrict the internal LDAP users/roles cannot login portal from internet.