API Management 10.4 | Using CentraSite | Runtime Governance | Run-Time Policy Management | Built-In Run-Time Actions Reference (CentraSite Business UI) | Built-in Actions for Run-Time Policies (CentraSite Business UI) | Evaluate IP Address
 
Evaluate IP Address
If you have a native API that requires to authenticate a client to the Integration Server using the IP address, you can use the Evaluate IP Address action to extract the client's IP address from the HTTP request header, and verify the client's identity.
This action extracts the specified IP address from an incoming request and locates the client defined by that IP address. For example, when you have configured this action for a proxy API, the PEP extracts the IP address from the request’s HTTP header at run time and searches its list of consumers for the client defined by the IP address.
Mediator evaluates the incoming request to identify and validate that the client's request originated from a particular IP address.
Mediator rejects requests that do not include the IP address of an Integration Server user.
If Mediator cannot identify the client, Mediator fails the request and generates a Policy Violation event.
Input Parameters
Identify Consumer
(String). The list of consumers against which the IP address should be validated for identifying requests from a particular client.
Value
Description
Registered Consumers
Mediator tries to verify the client's credentials against the list of consumer applications who are registered as consumers for the specified API.
Mediator evaluates whether the request header contains the X-Forwarded-For, which is used for identifying the IP address of a client through an HTTP proxy.
Global Consumers
(Default). Mediator tries to verify the client's credentials against a list of all global consumers available in the Mediator.

Copyright © 2015- 2019 | Software AG, Darmstadt, Germany and/or Software AG USA, Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors.
Innovation Release