How Can I Protect My APIs?

  • Identity authentication

    Configure IAM or App authentication for APIs to prevent malicious calling.

  • Access control policies

    Configure a whitelist or blacklist of IP addresses/IP address ranges or accounts for APIs to secure access.

  • Request throttling policies

    By default, an API can be called up to 200 times per second. If your backend service does not support this access rate, decrease the quota accordingly.