How to Enable Advanced API Security in Apigee

white ipad
Reading Time: 3 minutes

Hello Readers! In this blog we’ll see How toEnable Advanced API Security in Apigee. Firstly we’ll see apigee api security overview and after that we’ll see that how to Enable Advanced API Security in Apigee. So stick to the end with me and see how we can do that.

Let’s get started !!!

Overview

Apigee Advance API Security protects the APIs from attacks by malicious agents, such as bots. Apigee provides two main tools for identifying threats and vulnerabilities. They are as follows:

  • Bot detection
  • Identifying API misconfigurations

To know about the bot detection and identification API misconfigurations tools follow below link : 

https://cloud.google.com/apigee/docs/api-security#identifying-api-misconfigurations

Now To access the Security Job reports and Scores the Advanced API Security must be enabled. Let’s see how we can enable the Advanced API Security .

Enabling Advanced API Security for Generating Security Reports

Prerequisites

If I talk about the prerequisite , one should have the following access for the below roles.

Security Report TaskRequired Role(s)
Enable or disable Advanced API SecurityApigee Organization Admin (roles/apigee.orgAdmin)
Create and view reportsApigee Organization Admin (roles/apigee.orgAdmin)Apigee Security Admin (roles/apigee.securityAdmin)
View reportsApigee Security Viewer (roles/apigee.securityViewer)Apigee Security Admin (roles/apigee.securityAdmin)

Now let’s see How we can enable it .

Get a token using Google Cloud credentials

  • Authorize gcloud to access cloud platform
gcloud auth login
  • Set project id as 
gcloud config set project PROJECT_ID
  • Get the oauth token
gcloud auth print-access-token
  • Export auth token 
export TOKEN=$(gcloud auth print-access-token)

Check Advanced API Security is already enabled or not 

Run the below command in the terminal to check whether the advance api security is already enabled or not : 

curl "https://apigee.googleapis.com/v1/organizations/YOUR_ORG" \

  -X GET \

  -H "Content-type: application/json" \

  -H "Authorization: Bearer $TOKEN"

Note: YOUR_ORG : is the name of your project_id 

If the section below is present , then it means your security is enable

"apiSecurityConfig": {

          "enabled": "true"

      }

Enabling Advanced API Security

If not enabled , enable it using the command as : 

curl "https://apigee.googleapis.com/v1/organizations/YOUR_ORG:setAddons" \

  -X POST \

  -H "Authorization: Bearer $TOKEN" \

  -H "Content-type: application/json" \

  -d '{

    "addonsConfig": {

      "apiSecurityConfig": {

          "enabled": "true"

      },

    "integrationConfig": {

          "enabled": "true"

      },

    "monetizationConfig": {

          "enabled": "true"

      }

    }

  }'

After you send the request, you will see a response like the following:

{

  "name": "organizations/apigee-docs-d/operations/0718a945-76e0-4393-a456-f9929603b32c",

  "metadata": {

    "@type": "type.googleapis.com/google.cloud.apigee.v1.OperationMetadata",

    "operationType": "UPDATE",

    "targetResourceName": "organizations/apigee-docs-d",

    "state": "IN_PROGRESS"

  }

}

Note: It will take sometime to enable this advanced api security 

Once API Security is enable look for the following sections:

Security report Jobs

Security scores

Disabling Advanced API Security

To disable the Advanced API Security use the below command:

curl "https://apigee.googleapis.com/v1/organizations/$ORG:setAddons" \

  -X POST \

  -H "Authorization: Bearer $TOKEN" \

  -H "Content-type: application/json" \

  -d '{

    "addonsConfig": {

      "apiSecurityConfig": {

          "enabled": "false"

      }

     <Include current add-ons configuration>

    }

  }'

Note: current add-ons configuration includes the below configuration:

"addonsConfig": {

      "apiSecurityConfig": {

          "enabled": "true"

      },

    "integrationConfig": {

          "enabled": "true"

      },

    "monetizationConfig": {

          "enabled": "true"

      }

    }

Once the advanced API Security is enable it can be showed in the APIGEE UI as:

So, this is how we can enable the advanced api security for mionitoring the apigee api performance .

Conclusion

So, In this blog we have seen How to Enable Advanced API Security in Apigee. Hope this blog is helpful for you to learn the apigee for minitoring the api performance.

Thank You !!!

Happy Learning !!!

Reference

https://cloud.google.com/apigee/docs/api-security/enable-security

Written by 

Deeksha Tripathi is a Software Consultant at Knoldus Inc Software. She has a keen interest toward learning new technologies. Her practice area is DevOps. When not working, she will be busy in listening music , and spending time with her family .

Leave a Reply