Skip to content

Gateway Policies

On Yappes, the Gateway Policies functionality in the API Manager provides you with capabilities to enhance security and governance on the APIs by implementing different policies, such as Blacklist IP Address and Throttling.

This allows you to improve the adaptability of your APIs for a particular organization within which they are onboarded and monetized.

You can ensure that no malicious actors are taking part in the API usage and everything is working smoothly without affecting any other APIs and resources. Furthermore, these policies enable you to authenticate calls of your APIs as well as control how much one can utilize the resources within a set period of time.

Benefits of Yappes Gateway Policies

Gateway Policies is an effective functionality for governing and securing your API landscape. The available policies you can create in the API Manager:

Types of Gateway Policies

Throttling - By creating and attaching a Throttling policy to an API, you can control how many requests one can make based on the set Hours, Minutes or Seconds. It helps you limit the bandwidth available to users of an API communication.

Blacklist IP Address - Blocks a range of IP addresses. If you don’t want to provide access to some IP addresses, whether for security reasons or organizational-based decisions, you can create this type of gateway policy and attach it to the API.

Whitelist IP Address - Allows access from only a preapproved range of IP addresses.

Message Signature - Validates the authentication signature passed in an API request with the signature policy created on the platform and attached to the API.

You can create these policies and attach them to APIs through API Groups, allowing you to globally enforce standards across all APIs within a group, eliminating the need to implement them separately for each API.

Gateway Policy Components

You can access the Gateway Policies in the API Manager by simply clicking the Gateway Policies option in the sidebar.

Accessing Gateway Policies

This opens the following window, where you get a different set of options with policy info if already created.

Gateway Policies Window

  • Search bar
  • Policy Name
  • Policy Type
  • Attached Subscription
  • Edit
  • Delete
  • Create Policy

In the Attached to subscriptions column, if the is visible, it means the policy is attached to a subscription(s). Simply click it to view the subscriptions it is applied to.

To create a policy or attach it, follow the instructions mentioned in the following articles:

πŸ“„ Creating a policy (w/edit and delete)

πŸ“„ How to attach policies to an API