Forum Discussion
Daniel_Wolf
Jun 06, 2023MVP
Hi DocteurBGP,
the APM Policy can
- import an Open API Spec file
- verify that the API call is made to an allowed API endpoint.
- verify that clients makes only unauthenticated API calls and verify JWT access tokens
- do Rate Limiting
The AWAF Policy can
- import an Open API Spec file and validate that the API request conforms to the spec file
- protect against Web Application Threats
To my surprise the AWAF Policy can import an Open API Spec file but does not build a list of allowed URLs (methods / endpoints) from it.
KR
Daniel