DataPower

Expand all | Collapse all

How do we whitelist API endpoints in Datapower ?

  • 1.  How do we whitelist API endpoints in Datapower ?

    Posted Sat November 28, 2020 03:24 PM
    How do we whitelist API endpoints in Datapower ? 
    Currently we are using access control list in Datapower to allow specific in address which are allowed to connect to Datapower, but the requirement is now to whitelist backend api endpoints and load balance it from Datapower. Is this something we can configure in Datapower loadbalancer group ?


    ------------------------------
    Sarada Sahoo
    ------------------------------


  • 2.  RE: How do we whitelist API endpoints in Datapower ?

    Posted Sat November 28, 2020 09:00 PM
    I'm trying to understand your question. As the developer of the service have full control as to what endpoints are accessed in the backend. You can create a load balancer group and create a member for each of one of your endpoints, and DataPower will load balance amongst them depending on the algorithm you choose (least connections, round robin, etc.). But I don't understand your question about whitelisting. The multi-protocol GW service or WSP has either a hardcoded static backend or a dynamic backend which is under your control. The client side (front side) can't decide what backend to access unless you are doing something strange like constructing the backend endpoint based on supplied information. You should know exactly what endpoints are allowed as they are either in a routing table or some other means. There really is no need for any type of ACL for the backend.
    --Charlie

    ------------------------------
    Charlie Sumner
    ------------------------------