Message Image

Skip main navigation (Press Enter).

Layer7 API Management

Back to discussions

Expand all | Collapse all

Apikey validation

Jump to Best Answer

Legacy UserMay 22, 2017 05:14 AM

I need to verify incoming apikey( in header) with the key that is generated in the portal while registering ...

Zhijun HeMay 22, 2017 08:37 PMBest Answer

Hello alok612 , The apikey can be passed by request parameter/header, then in your policy, you can ...

1. Apikey validation

1 Recommend
Legacy User
Posted May 22, 2017 05:14 AM

Reply Reply Privately
I need to verify incoming apikey( in header) with the key that is generated in the portal while registering and App creation.
Following is the policy fragment that I have developed, In this the apikey field in lookupApikey assertion is hardcoded to what i got from portal and i think this assertion sets the {apikeyRecord.key} variable to this value.
But I don't want that, it has to be a context variable which should pick apikey that is generated from portal(so that if another App wants to use same API it can using different Apikey)

Is there something that I am missing. Please help.
L7_APIM
Regards,
Alok
2. Re: Apikey validation
Best Answer

0 Recommend
Broadcom Employee

Zhijun He
Posted May 22, 2017 08:37 PM

Reply Reply Privately
Hello alok612 ,
The apikey can be passed by request parameter/header, then in your policy, you can get the apikey from request and validate it via lookup api assertion, so the policy can be re-used.

ie. the client should be aware of the apikey of the application it is trying to call.

Regards,
Mark

Copyright 2023. All rights reserved.

Powered by Higher Logic