Creating API-level (Layer-7) policies for Hosted Websites

  • Updated on Jun 06, 2022

Banyan policies for hosted web services provide API-level (Layer-7) access controls, so you can manage access down to specific paths and APIs.

To set up API-level controls, navigate to Secure Access > Policies > + Create Policy and create a Web Policy.

Enter your Policy Name and Description.

Then, define your policy, according to Trust Level, Role, permissible Actions, and permissible Resources.

  • Actions are READ, WRITE, CREATE, UPDATE, or ALL (*)
  • Resources are list of URL paths. Each resource can have a wildcard prefix, suffix, or both.

Use a “!” prefix to DENY. This will override any other rule that allows access.

Once you’ve defined your policy’s rules and access groups, click on Create Policy to save it.

In the following example, the policy’s access block says users with the Admins role can access any path on the website. Users with the Contractors role can access every path except paths that start with /admin.