Layer7 API Management

 View Only
  • 1.  How to Secure an API

    Posted May 13, 2019 01:57 PM

    Basically our idea is to protect api using consumer key i.e even though the API's are published and exposed to the world, can be access only if valid key is sent in the request.

    I do see few information by integrating OTK with developer portal. But as of now, we didn't require any of these products for our requirement. So, what is the best way to get this achieved using ca api gateway? 

     

    Thanks, 

    S giridharan



  • 2.  Re: How to Secure an API

    Posted May 21, 2019 02:17 PM

    Hi. 

     

    OTK can be used independently of developer portal. Just install the OTK solution kit and you are ready to go. 

     

    OTK provides an implementation for OAuth where you use an oauth flow to generate access_tokens and use this access_token to gain access to your API while the access_token is not expired.