HCL Marketing Platform | Security | API management | [Product] | (API configuration template)

For each product, the first part of the URI is resolved by the security framework, as follows: http[s]://host:port/context root/api/product

Therefore, in this field you should enter only the resource name or names of the API you want to configure. You can obtain the string you need to enter from the product's API documentation.

The value used for this property must start with a / (forward slash); otherwise the configuration is ignored by the security framework.

This property supports an exact URL match as well a pattern match for the configured APIs.

• For an exact match, the URI may end with a forward slash ( / ) or the resource name.
• For a pattern match, the URI must end with an asterisk ( * ).

If you set the value of this property to /* the settings you use for the other properties in the category apply to all APIs for the product.

Undefined

Select this option when you want to prevent an API from accessing a product. This option is not selected by default.

When an API is blocked, the security filter returns the HTTP status code 403 (forbidden).

Select this option when you want to allow the API to access a product only over HTTPS. This option is selected by default.

When an API with this property enabled is accessed over HTTP rather than HTTPS, the security filter returns the HTTP status code 403 (forbidden).

Select this option when you want to require an API to authenticate before it can access a product. This option is selected by default.

When an API with this property enabled is accessed with invalid credentials, the security filter returns the HTTP status code 401 (unauthorized).