You can protect an
API from unwanted access using
application programming interface (API)
A specification of interactions available for building software to access an application or service.
Before configuring your PingAccess deployment to protect an API:
- PingAccess must be installed and running. See Installing and Uninstalling PingAccess for the full procedure.
- You must have a configured token provider. The procedures vary depending on the token provider. For more information, see:
- You must have installed an agent on the web server or servers that host the API you want to protect. For more information, see:
After you have completed the following steps, your API is protected.
- Configure a virtual host – A virtual host represents the API you will protect and contains information about its location.
- Configure a rule – Rules control who can access what content under what circumstances.
- Configure an identity mapping – An identity mapping lets you share identity information with the protected API as headers.
- Configure an application – An application joins the other pieces together, giving users access to the API according to the configured rules.
- Configure a resource – A resource specifies an API
endpointand the methods that can be used to access it. endpoint One end in a communication channel, typically a URI.