AppCheck provides a REST API which is available to all customers. Below are the answers to some common questions about the API.
Where is the documentation?
How is access controlled?
Access to the API is restricted in two ways:
- By access token. You will need to provide an access token with each API request. You can have multiple tokens linked to different users.
- By IP address. API requests will only be accepted if they come from an IP address which is on your token's allow-list.
Is there rate limiting?
There is no fixed rate limiting, but the API is designed to handle a single request from any given customer at once, so you should wait for one request to complete before starting another.
How do I request access?
API tokens can be managed by admin users in the API Tokens page within the AppCheck Portal.
If you are an admin user and you do not see the API tokens page in the side bar, use this form to request access.
Click New API Token in the top right to create a new token, or the pencil icon next to an existing token to edit it.
You will need to provide the public IP address from which your API requests will come; often this will be the address of your outbound gateway or proxy server. Private (internal) addresses usually begin with 192, 172 or 10 - if this is the IP address you see then you may need to speak to your network administrator to get your public address. You may find you have multiple public addresses, which may be alternated between - in this case you will need to add them all to your account's allow list.
What if I want to access the API from the cloud and I don't know the source IP address?
If you are trying to access AppCheck's API from a cloud platform (Azure, AWS, Google Cloud, etc) and do not have a static IP address then it is advisable to configure a static IP gateway using NAT for outbound requests. The alternative would be to allow access from the entire cloud platform (or region/area, depending on our platform), which obvious security implications.
AppCheck do not maintain documentation on how to perform this, since it is configurable via your cloud provider, and the implementation details may change over time. However the following links may potentially be of use in investigating how to set this up for your cloud estate:
Microsoft Azure - https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-public-ip-address
Amazon AWS - https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html
Google Cloud (GCP) - https://cloud.google.com/nat/docs/overview
Comments
0 comments
Article is closed for comments.