Access Control based on IP Address
Steps
1. Get IP Address
Go to ifconfig.me to check your IP Address.
Note. You can also use curl https://ifconfig.me command to get your host IP address.
2. Add Policy to API Product
Switch to 3scale admin web console, click API link in the Products panel from the main dashboard.
access control Select Integration -> Policies menu from left panel. Then click + Add policy link.
access control Look for the IP Check policy then click on it.
access control The policy will be added to Policy Chain. Click on the IP Check policy to configure it.
access control Enter following details, then click Update Policy button.
Specifies how to get the client IP....: Select
Get the IP from the X-Forwarded-For header (first IP of the list)List of IPs: Click + button and enter the IP address from step 1 above.
The type of check to apply: Select
Block the IPs included in the listNote. In reality, this option should be
Allow only the IPs included in the list. But for testing and demonstration purpose, using theBlock the IPs...option is easy to demonstrate.
access control You'll be directed to the Policies dashboard, click on Update Policy Chain button.
access control Select Integration -> Configuration menu from left panel, then click Promote v.n to Staging APIcast button and then click Promote v.n to Production APIcast button to promote the configuration to Staging APIcast and Production APIcast respectively.
access control 
access control
3. Testing
Open a new tab in Postman, then enter the APIcast API Gatway URL.
access control Copy user_key query parameter from 3scale web console.
access control Append the copied user_key to the URL in Postman (DO NOT forget to add
/character to the end of URL before append theuser_keyparam) and click Send button. You should get error response says IP address not allowed.
access control
Last updated