Help Center/ API Gateway/ User Guide (Kuala Lumpur Region)/ FAQs/ API Control Policies/ Access Control/ Are Client IP Addresses Verified for Access Control?

Updated on 2024-08-07 GMT+08:00

View PDF

Are Client IP Addresses Verified for Access Control?

Not necessarily.

In APIG, access control is based on the value of $remote_addr. $remote_addr indicates a client IP address and is determined by the access mode. If a client accesses APIG without using any proxy, remote_addr is the client's IP address. If a client accesses APIG using a proxy, the client first accesses the proxy, and the proxy then forwards the request to APIG. In this case, remote_addr is the proxy's IP address.

Parent topic: Access Control

Previous topic: How Do I Exclude a Specific IP Address for Identity Authentication of an API?

Next topic: API Publishing

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.