Help Center/ API Gateway/ FAQs/ Product Consulting FAQs/ How Do I Ensure the Security of Backend Services Invoked by APIG?
Updated on 2024-12-04 GMT+08:00

How Do I Ensure the Security of Backend Services Invoked by APIG?

You can ensure the security of backend services invoked by APIG by using the following methods:

  • Bind signature keys to APIs

    After a signature key is bound to an API, APIG adds signature information to each request sent to the backend service. The backend service calculates the signature information in each request and checks whether the signature information is consistent with that on APIG.

  • Encrypt requests using HTTPS

    Ensure that the required SSL certificate exists.

  • Perform backend authentication

    Enable security authentication for backend services of the desired APIs to process only API requests that carry correct authentication information.