Domain Access Control Flow

📄️ Flow Configuration Template

Flow Configuration

📄️ Flow Example

In this configuration:

The Domain Access Control Flow enforces access rules based on domain names and custom headers.

Using flexible filtering, it allows or blocks requests based on domain patterns and header values. The flow utilizes a Filter processor to generate 403 Forbidden responses for blocked requests, ensuring only authorized domains and headers access the API while enabling detailed monitoring of access events.

Scenarios

1. Domain-Based Control: Restrict API access to approved domains, maintaining security in multi-tenant environments.
2. Header-Based Authorization: Refine access control using custom headers, integrating with identity management systems.
3. Access Monitoring: Log and monitor access events for compliance and auditing.
4. Flexible Configuration: Easily adjust domain patterns and headers to meet security needs without code changes.
5. Quick Response to Unauthorized Access: Automatically issue 403 responses to block unauthorized requests, ensuring system security.