AppCheck provides a REST API which is available to all customers. Below are the answers to some common questions about the API.
Where is the documentation?
How is access controlled?
Access to the API is restricted in two ways:
- By access key. You will need to provide an access key with each API request. You can have multiple keys linked to different users.
- By IP address. API requests will only be accepted if they come from an IP address which is on your account's allow-list.
Is there rate limiting?
There is no fixed rate limiting, but the API is designed to handle a single request from any given customer at once, so you should wait for one request to complete before starting another.
How do I request access?
API access requires a key, which can be provided by AppCheck Support. You can have multiple keys, and each key will be associated with a user. You can have a key associated with your own user, or you can create a dedicated user for it.
Once you have decided which user to associate with the API key, use this form to raise a request with AppCheck Support.
You will need to provide the public IP address from which your API requests will come; often this will be the address of your outbound gateway or proxy server. Private (internal) addresses usually begin with 192, 172 or 10 - if this is the IP address you see then you may need to speak to your network administrator to get your public address. You may find you have multiple public addresses, which may be alternated between - in this case you will need to add them all to your account's allow list.
What if I want to access the API from the cloud and I don't know the source IP address?
If you are trying to access AppCheck's API from a cloud platform (Azure, AWS, Google Cloud, etc) and do not have a static IP address then it is advisable to configure a static IP gateway using NAT for outbound requests. The alternative would be to allow access from the entire cloud platform (or region/area, depending on our platform), which obvious security implications.
AppCheck do not maintain documentation on how to perform this, since it is configurable via your cloud provider, and the implementation details may change over time. However the following links may potentially be of use in investigating how to set this up for your cloud estate:
Microsoft Azure - https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-public-ip-address
Amazon AWS - https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html
Google Cloud (GCP) - https://cloud.google.com/nat/docs/overview
Comments
0 comments
Article is closed for comments.