Layer7 API Management

 View Only
  • 1.  API portal - Internal and External access

    Posted May 23, 2017 03:34 PM

    We are evaluating API portal to host APIs for customer integration and have almost everything set in gateway.


    We have planned to setup LDAP based access for internal roles and external be with portal.


    We recently have been asked by application security team to check on the feasibility to ensure that the login of users with internal roles integrated with LDAP(internal) be accessed only over intranet not in internet.


    Is this possible, awaiting for answers.




  • 2.  Re: API portal - Internal and External access
    Best Answer

    Broadcom Employee
    Posted May 23, 2017 10:05 PM

    If my understand your question correctly ...


    I assume the portal server is located in intranet, and if there is a gateway (for example, in DMZ) working as reverse proxy for the portal server (ie. the portal server does not expose to internet directly),  then, you should be able to do some validations to restrict the internal LDAP users/roles cannot login portal from internet.