AnsweredAssumed Answered

API Key validation

Question asked by Piau on Jul 5, 2018
Latest reply on Jul 10, 2018 by Mark_HE


I am publishing our APIs by the Portal and setting the security to use API Key.

However, the auto generated policy that validate the API Key gets the Key only from the query parameter.

Is there a way to change the auto generated policy to get the Key from the header (without to do it mannualy by Policy Manager)?

For our scenario this is a security issue, because the API Key can be easily captured when it is used as a query parameter.

Thanks in advance!

César Piau