AnsweredAssumed Answered

Prevent internally facing policies from being accessible on externally facing listeners.

Question asked by JasonGill on Jan 11, 2019
Latest reply on Jan 15, 2019 by Mark.ODonohue

We're currently deploying a new CA API Management gateway environment to provide the security layer between ourselves and B2B partners.

 

Our new API GW tier will front partner facing API policies to our partners connecting into our organisation but will also publish internally facing APIs for our internal systems connecting out to partners (for this use case, the GWs will be used for inspection of the responses coming back from partner APIs).

 

With the way listeners work on the CA product, when we choose to publish business APIs to a listener, we can't be selective about which policies are published on that listener.  As all published APIs will reside on the listener, this means our partner facing as well as our internally facing API policies are exposed to partners.

 

I've been given a few suggestion from CA support on methods to work around this, but just wondering if anyone in the community has also tackled this issue.

Outcomes