Securing API Client access over the trusted IPs

View Only

Securing API Client access over the trusted IPs

By Nilesh Atal posted Fri May 21, 2021 08:35 AM

Like

Introduction

IBM Security Verify provides a vast collection of APIs which developers can leverage to build their own programming. In order to secure API access, an API client needs to be created which is used to generate the access token. Access token has powerful capability and hence use of these tokens need to be constrained over legitimate network. IBM Verify provides a way to define allowed / restricted list of network IPs for each API client.

Configuration

Tenant administrator can define the allowed / restricted list of network IPs while creating the API client.

Login to Verify as Tenant administrator
Navigate to Configuration > API acces > API clients

Click Add API client
Select Entitlements

Click Next
Click Next on Custom scopes
On IP filter step select checkbox for Enable IP filtering
Define Allow list / Deny list

Click Next on Additional properties step
Provide Name and Description on Confirm configuration step

Click Create API client
Newly created API client is ready to consume

Now the newly created API client can only be used over the allowed network IPs. IBM Verify will restrict the client if any request is not from the allowed IP list.

To know more read IBM Security Verify

---------------------------------------
NILESH ATAL
IBM Security (India Software labs)
---------------------------------------

#IBM-Security-Verify
#identity
#SAML
#Security
#Security-verify
#Verify

0 comments

10 views

IBM Technical Exchange India Security User Group

Securing API Client access over the trusted IPs

By Nilesh Atal posted Fri May 21, 2021 08:35 AM

Permalink