Securing PingIntelligence ASE APIs
The primary and secondary API Security Enforcer (ASE) APIs added in the Akana API Gateway should be secured from unauthorized access of external clients.
About this task
To ensure the Akana API Gateway is secure, you must secure the ASE APIs using the API Consumer Application Security operational policy. The policy allows control on the clients attempting to access the ASE APIs.
To add the API Consumer Application Security operational policy to ASE APIs:
Steps
-
Sign on to Akana Policy Manager, navigate to the Tenant, and select the ASE API.
-
Click to expand and select Policies. Click Operational Policies and then click Add Policy on the bottom-right.
-
In the Add Policy wizard, select API Consumer Application Security Policy from the Add Policy drop-down list.
-
Enter a Policy Name, click Next, and then click Finish to save the policy.
Result:
The policy displays under Policies in the ASE API.
-
Click the policy. ClickModify under the API Consumer Application Security Policy section.
-
Click Apply on the Modify API Consumer Application Security Policy page without making any changes.
-
Next, click Activate Policy.
-
Select the ASE API and click Manage in the Policy Attachments section.
-
To attach the policy to ASE API, click Attach on the Manage Operational Policy Attachments for Organization page.
-
In the Attach Organization Policies window, select the policy added from the Policies window, and select the check box. For the policy click Apply.
-
Click Close.
-
To add the policy to a secondary ASE API, repeat steps 1-11.