PingIntelligence

Securing PingIntelligence ASE APIs

The primary and secondary API Security Enforcer (ASE) APIs added in the Akana API Gateway should be secured from unauthorized access of external clients.

About this task

To ensure the Akana API Gateway is secure, you must secure the ASE APIs using the API Consumer Application Security operational policy. The policy allows control on the clients attempting to access the ASE APIs.

To add the API Consumer Application Security operational policy to ASE APIs:

Steps

  1. Sign on to Akana Policy Manager, navigate to the Tenant, and select the ASE API.

  2. Click to expand and select Policies. Click Operational Policies and then click Add Policy on the bottom-right.

    A screenshot of the Add Policy button on the Policies Summary page in Akana Policy Manager.
  3. In the Add Policy wizard, select API Consumer Application Security Policy from the Add Policy drop-down list.

    A screenshot of the Select Policy Creation Option page in Akana Policy Manager.
  4. Enter a Policy Name, click Next, and then click Finish to save the policy.

    A screenshot of the Policy Details page in Akana Policy Manager.

    Result:

    The policy displays under Policies in the ASE API.

  5. Click the policy. ClickModify under the API Consumer Application Security Policy section.

    A screenshot of the policy API Consumer Application Security Policy section
  6. Click Apply on the Modify API Consumer Application Security Policy page without making any changes.

    A screenshot of the Modify API Consumer Application Security Policy page.
  7. Next, click Activate Policy.

    A screenshot of the policy details page.
  8. Select the ASE API and click Manage in the Policy Attachments section.

    A screenshot of the Policy Attachments section.
  9. To attach the policy to ASE API, click Attach on the Manage Operational Policy Attachments for Organization page.

    A screenshot of the Manage Operational Policy Attachments for Organization page.
  10. In the Attach Organization Policies window, select the policy added from the Policies window, and select the check box. For the policy click Apply.

    A screenshot of the Attach Organization Policies page.
  11. Click Close.

  12. To add the policy to a secondary ASE API, repeat steps 1-11.