Forum Discussion

Nimbostratus

Mar 12, 2018

Using X-API-Key header to secure an LTM pool of API servers

Is it possible to use any of the modules on a BIG-IP to secure a pool of API servers. I'm guessing at an APM or iRule solution but struggling to find examples. We have ASM, APM and LTM modules instal...

application delivery

BIG-IP Access Policy Manager (APM)

security

Yann_Desmarest

Cirrus

Apr 27, 2018

Hi,

you can use an irule to retrieve the header valie and then use either a sideband connection to validate the token or an access policy using ACCESS::policy evaluate command with an access profile containing a HTTP AAA server to validte the token

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Using X-API-Key header to secure an LTM pool of API servers

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

Guide for exam 402 F5 Certified Solution Expert

HA pair when both Tenants reside on the same Velos chassis

SMTP SNAT vs iRule header

Replace stream if condition is met

Best practice for network communication with LDAP server

Related Content

Rewrite Host Header to Server Name

Remove X- Headers From Web Server Response

Remove the "Server" header

F5 NGINX HTTP Request Header Rules: What’s Permitted and What’s Not

Security Headers Insertion

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS