iam-policy-management

IAM Policy Management

Today everyone is tending toward mobility and exposing their backend systems as REST APIs, which could be a result of multiple reasons. First, organizations want to use those services as reusable components across multiple departments, hence exposing them as REST APIs is a best solution. Second, organizations prefer providing their services on multiple devices and REST APIs are the best solution for devices to be accessed for services in an agnostic way. Third, in order to monetize their services by providing them publicly they would again have to do that over HTTP/HTTPS in the form of REST APIs. If the goal is to monetize by providing them to the outside world, you need a way to identify and provide access to the consumer of your services. It can be achieved by providing your consumer an identity and giving them an access to your APIs.

App42 API Gateway has the option to create IAM (Identity Access Management) users and give that IAM user access to your APIs. Once the access is given, IAM user can access the APIs by passing the required credentials along with the request. Whatever authentication policy an API provider has applied on the APIs, request would be validated as per that policy. For more information on Authentication Policies, please refer here.

API provider can also set the different traffic policy parameters for different IAMs. Traffic Policy parameters set for an IAM user would override the global settings for an API. For more information on Traffic Policies, please refer here.

Note: API access to an IAM user can be provided at granular level. You can provide access to an operation of an API while restricting the other operation of the same API.

Create IAM

Steps to create IAM:

  • 1.Go to IAMs -> Manage -> Click on Create IAM
  • 2.Provide IAM name ( email and Redirection URL are optional)
  • 3.Click on Create and you can see your IAM with its credentials

MAP API to IAM

To securely provide control access to API resources for your users, you can attach IAM to your APIs.

Steps to MAP API to IAM:

  • 1.Go to IAMs -> API Mappings
  • 2.Select IAM to which you want to map API
  • 3.Click on MAP API
  • 4.Select Project
  • 5.Select APIs which you want to MAP to this IAM
  • 6.Select Traffic Policy (optional) if you want to attach with this mapping
  • 7.Provide price for API requests (optional)
  • 8.Click on Submit
  • 9.You can see the API mapping with the IAM