Yarp API Gateway with Identity SPA 8 -> When deployed to docker, how do you hide the internal API endpoints/structure and make sure they are not exposed to the consumer? #2715
-
|
I have a .NET YARP docker gateway and I'm using Identity SPA for authentication and authorization within it. When deployed to docker, how do you hide the internal API endpoints/structure and make sure they are not exposed to the consumer and force all http calls through the YARP gateway? The API services need to be secure and kept internal, I want to make the APIs which are behind the Yarp gateway impossible to call upon. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
You should only publicly expose the port for the YARP service. |
Beta Was this translation helpful? Give feedback.
-
|
This is perfect, you're right. I'm a dev not a sys admin, so this is perfect. I'll do this. Thanks. |
Beta Was this translation helpful? Give feedback.
You should only publicly expose the port for the YARP service.
Or do you mean how to prevent other services within the docker network to talk to those without going through YARP?