I have an existing backend API with methods like:
(GET) /user/{id}
(GET) /user/delete/{id}
(GET) /user/create/firstName={firstName},lastName={lastName}
(yes, not exactly RESTful, since everything is a GET)
I want to configure my Apigee proxy to reject "/delete/" and "/create/" paths making my proxy read-only. I'm not sure whether to use some kind of conditional flow for this. How is it done?
Thanks!
You can achieve this using the following steps:
Create three different resources in a proxy as:
a. /user/{id} - GET
b. /user/delete/{id} - GET
c. /user/create/{abc} - GET
Now, attach 'Raise Fault' policy to 'delete' and 'create' flows.
I hope that helps. Please let me know if you have any questions.
An alternate way of doing the same is using APIProducts.
1)Create an API product and add only a as the resource to the Product.
(a. /user/{id} - GET b. /user/delete/{id} - GET c. /user/create/{abc} - GET)
2)Attach your developer apikey to this product
3)When you do APIkey Validation automatically the developer will be allowed what is there in his APIProduct and nothing else.