Configuring tags for decoy APIs
About this task
You can configure decoy APIs in Axway API Manager. A decoy API is an API for which the traffic does not reach the backend API servers. The decoy API is deployed to gather information about potential threats that your API ecosystem may face. Traffic directed to a decoy API configured in Axway API Gateway is redirected to ASE, which functions as the backend server. ASE sends a preconfigured response, such as 200 OK, for requests sent to a decoy API.
You need to configure the following TAGS and VALUES in the API tab for ** in Axway API Manager:
Steps
-
In Axway API Manager, go to Frontend API → API tab.
-
Configure the following tags and values:
ping_ai – true
ping_decoy – true
Example:
The converted API JavaScript Object Notation (JSON) will have the decoy section configured as highlighted in the following JSON file:
{ "api_metadata": { "protocol": "https", "url": "/decoy", "hostname": "*", "cookie": "", "cookie_idle_timeout": "", "logout_api_enabled": false, "cookie_persistence_enabled": false, "oauth2_access_token": false, "apikey_qs": "", "apikey_header": "", "enable_blocking": true, "login_url": "", "api_mapping": { "internal_url": "" }, "api_pattern_enforcement": { "protocol_allowed": "", "http_redirect": { "response_code": "", "response_def": "", "https_url": "" }, "methods_allowed": [], "content_type_allowed": "", "error_code": "", "error_def": "", "error_message_body": "" }, "flow_control": { "client_spike_threshold": "0/second", "server_connection_queueing": false }, "api_memory_size": "64mb", "health_check": false, "health_check_interval": 60, "health_retry_count": 4, "health_url": "/", "server_ssl": false "servers": [], "decoy_config": \{ "decoy_enabled":true, "response_code": 200, "response_def": "OK", "response_message": "OK", "decoy_subpaths": [] } } }