Security provides you with a way to apply API custom security configuration including Web Application Firewall (WAF) from the Find and Use an API Management Portal.
API custom WAF security configuration can be applied at 2 levels:
API scope - API scope security configuration using the custom WAF when set will apply to and limited to individual or specified APIs.
Environment scope - Environment scope security configuration using the custom WAF when set, will apply to and affect all hosted APIs within a specified environment (Dev, Staging or Live).
Within the Security page, you can do the following conveniently grouped within the relevant scope:
API scope
- Creating an API scope security configuration
- Viewing an API scope security configuration
- Editing an API scope security configuration
- Deleting an API scope security configuration
- Adding an API scope WAF policy exclusions
- Viewing an API scope WAF policy exclusion
- Editing an API scope WAF policy exclusion
- Deleting an API scope WAF policy exclusion
Environment scope
- Creating an Environment scope security configuration
- Editing an Environment scope security configuration
- Viewing an Environment scope security configuration
- Deleting an Environment scope security configuration
- Adding an Environment scope WAF policy exclusion
- Viewing an Environment scope WAF policy exclusion
- Editing an Environment scope WAF policy exclusion
- Deleting an Environment scope WAF policy exclusion