cancel
Showing results for 
Search instead for 
Did you mean: 

How to verify and Allow API calls from specific DNS in SAP API Management?

javajivishnu98
Discoverer
380

Hi Experts

I'm trying to allow only specific API calls from the frontend application having DNS for example "atapi2.company.com".

Is there any standard Policy or Script to achieve the above requirement?

Thanks in Advance 🙂

Vishnu

Accepted Solutions (0)

Answers (1)

Answers (1)

saisreenivas
Participant
0 Kudos

Hi sopan,

These are some of the ways that might help:

  • A OAuth2.0 with clientId, clientSecret and scope for atapi2.company.com might help. So, you will be expecting only this client to SAP APIM.
  • A token (such as a CSRF token) received from the server, which you then hash or transform in some way in the web client code in SAP APIM. Including the current date somewhere in the computation
  • Or a simple token in header or parameter from atapi2.company.com and verifying it in SAP APIM.

Hope it helps.

Br/ Sai Sreenivas Addepalli.

javajivishnu98
Discoverer
0 Kudos

Hi Sai,

Thank You for the Input.

It will work for verifying clients with OAUTH or Token verification.

I'm trying a different way to Lookup the DNS of the Client and verify IP's, successful verified IP's will only be allowed to the back end.

Br/Vishnu