Enforce API | Specifies whether traffic to/from this service shall be checked against an API specification provided in the OpenAPI 3.0 or JSON format. If enforced is enabled, non-conform traffic will be blocked. API specifications can be uploaded via Submenu – API Security. |
Path Matching | Default value: Client view The Gateway mapping can be configured to rewrite the incoming URL to a different back-end URL (asymmetric mappings). Due to this rewriting, the incoming URL path (Client view) will be different from the back-end URL path (Back-end view). Select either Client view or Back-end view to match the URL path according to the path in your API specifications. |
Check responses against API specification | Enable or disable responses check. |
Log only | If enabled potential attack requests are only logged but not blocked. |
API | Select the specification to validate against. |
Offer API specification file publicly | Allow clients to download the API specification. |
File path and name | File path and name at which the API specification will be available externally. Note that the entry path will be added in front of it. |