in this case it depends if the client is connecting directly to the API Gateway or if it's going through a proxy of some sort (i.e. a load balancer). If it's connecting directly, then I believe you can use the following context variable to get the hostname of the client: ${request.tcp.remoteHost}
However, you may have to enable reverse lookups as instructed in the link below, or else it will only return the IP address, same as ${request.tcp.remoteIP} would do.
See: Transport Layer Context Variables - CA API Gateway - 9.2 - CA Technologies Documentation
If however you're going through a proxy or load balancer, that IP/hostname would be that of the SNIP of the load balancer or proxy, so you'd have to first make sure that the X-Forwarded-For header is passed and then look at ${request.http.header.X-Forwarded-For} to get the IP... and that wouldn't give you the hostname... so hope that's not the case.
Then it would be up to you to add a Compare Expression assertion to check if the hostname matches what you're expecting.
Does that help?