AnsweredAssumed Answered

Role based access Restriction for APIs exposed from API Gateway

Question asked by Suneelthota on Sep 13, 2018
Latest reply on Sep 23, 2018 by Mark_HE

We have published APIs using swagger document from API Portal EE to API gateway servers. Our Application team developed a code using OAuth Scope to support "Role-based access to all published APIs on Gateway. We want to implement this functionality in API Gateway to reduce development and maintenance effort on backend applications.  

 

So, I want to know how to implement Role-based access restriction for APIs exposed from gateway using OAuth Scope? Currently OAuth token is working for all users without any type of access restriction in resource path.

 

Ex:

 

API Resource path:  /session/api/v1/{ID} -> GET POST DELETE

 

User1 -> GET

User2 -> GET POST

User3 -> DELETE

User4 -> GET POST DELETE

 

Hope this functionality supports in API Developer Portal & API Gateway server. Appreciate, any quick response and help to implement this functionality.

Outcomes