Chen, Junjie 91c429e341 APIG UMN 20230331 version

Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Chen, Junjie <chenjunjie@huawei.com>
Co-committed-by: Chen, Junjie <chenjunjie@huawei.com>

2023-06-01 08:59:08 +00:00

2.0 KiB

Raw Blame History

How Do I Ensure the Security of Backend Services Invoked by APIG?

You can ensure the security of backend services invoked by APIG by using the following methods:

Bind signature keys to APIs
After a signature key is bound to an API, APIG adds signature information to each request sent to the backend service. The backend service calculates the signature information in each request and checks whether the signature information is consistent with that on APIG.
Encrypt requests using HTTPS
Ensure that the required SSL certificate exists.
Perform backend authentication
Enable security authentication for backend services of the desired APIs to process only API requests that carry correct authentication information.

Parent topic: API Security

2.0 KiB Raw Blame History

How Do I Ensure the Security of Backend Services Invoked by APIG?

2.0 KiB

Raw Blame History