Forum Discussion

Contributor

6 years ago

Solved

Securing exposed API endpoint for triggered task

It is my understanding that when we create a Triggered Task for a pipeline there are only two ways of securing the API endpoint, 1) the bearer token and 2) basic authentication in the endpoint URL as...

triggered

christwr
6 years ago
Like who? I assume folks who didn’t keep the bearer token private, or changed it to something bad…

A few ways to add “extra” security to triggered tasks:

IP whitelisting (Access Control)

Front the triggered task with an API Gateway (that handles the auth switching)

Add some other checker logic to your triggered pipeline (JWT, etc.)

christwr

Contributor III

6 years ago

Like who? I assume folks who didn’t keep the bearer token private, or changed it to something bad…

A few ways to add “extra” security to triggered tasks:

IP whitelisting (Access Control)
Front the triggered task with an API Gateway (that handles the auth switching)
Add some other checker logic to your triggered pipeline (JWT, etc.)

dwhansen-cbg
Contributor
6 years ago
I won’t say who it happened to, but I know the company he works for has had an issue in the past and I would like to avoid it at my company.

@christwr thank you for your suggestions! These are all great suggestions and we will probably employ IP whitelisting and an API gateway to lock things down a little more. Thanks!

Forum Discussion

Securing exposed API endpoint for triggered task

Recent Discussions

How to get filename from file reader

Generate expression file from database query

Can we generate XML file in pretty print format using native snapLogic snaps?

401 error with HTTP Client and NTLM

Pagination and nextCursor in header