i want to restrict a request for a resource which doesn't exist in API proxy , from hitting the "default" target.
One way is to add all the resources in API product for which access is permitted but this required api key to be passed in request.In my case api key is not passed in request.
Please suggest anyother way on how to do this check of blocking requests.
First, If your resources are all in a basepath like /v1, you should create a "catch-all" API that will block anything not in the /v1 API group. Create a new API with no target and a basepath of / -- you could then put an assign message or raise fault policy in there that returns a 404 error. this would look like:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ProxyEndpoint name="default">
<Description/>
<Flows/>
<PreFlow name="PreFlow">
<Request>
<Step>
<FaultRules/>
<Name>fault-not-found</Name>
</Step>
</Request>
<Response/>
</PreFlow>
<HTTPProxyConnection>
<BasePath>/</BasePath>
<VirtualHost>default</VirtualHost>
<VirtualHost>secure</VirtualHost>
</HTTPProxyConnection>
<RouteRule name="noroute"/>
<PostFlow name="PostFlow">
<Request/>
<Response/>
</PostFlow>
</ProxyEndpoint>
Then, you need to define each of your resources in your /v1 but create an endpoint on your proxy with no condition -- note this has to be at the end of all your other endpoints (listed as "flows" in the XML). As Apigee hits each condition (proxy.pathsuffix MatchesPath "/resource-1") it will stop processing additional Flows.
So when if it gets to the final Flow that raises a fault, your API consumer will be blocked:
<Flows>
<Flow name="Resource 1">
<Description/>
<Request/>
<Response/>
<Condition>(proxy.pathsuffix MatchesPath "/resource-1") and (request.verb = "GET")</Condition>
</Flow>
<Flow name="Resource 2">
<Description/>
<Request/>
<Response/>
<Condition>(proxy.pathsuffix MatchesPath "/resource-2") and (request.verb = "GET")</Condition>
</Flow>
<Flow name="catchall">
<Description/>
<Request>
<Step>
<FaultRules/>
<Name>fault-not-found</Name>
</Step>
<Response/>
</Flow>
</Flows>