AnsweredAssumed Answered

Role based access Restriction for APIs exposed from API Gateway

Question asked by Suneelthota on Sep 13, 2018
Latest reply on Sep 23, 2018 by Mark_HE

We have published APIs using swagger document from API Portal EE to API gateway servers. Our Application team developed a code using OAuth Scope to support "Role-based access to all published APIs on Gateway. We want to implement this functionality in API Gateway to reduce development and maintenance effort on backend applications.  


So, I want to know how to implement Role-based access restriction for APIs exposed from gateway using OAuth Scope? Currently OAuth token is working for all users without any type of access restriction in resource path.




API Resource path:  /session/api/v1/{ID} -> GET POST DELETE


User1 -> GET

User2 -> GET POST

User3 -> DELETE



Hope this functionality supports in API Developer Portal & API Gateway server. Appreciate, any quick response and help to implement this functionality.