Enforce Https with cloud endpoints Framework v2









up vote
0
down vote

favorite












I am currently using cloud endpoints framework on an Appengine application.



Is it possible to enforce Https protocol for exposed endpoints?

Now, I am able to call my endpoints in https but also in http.

I wonder if we can set a redirection to Https like we can in appengine with the "transport-guarantee" set to CONFIDENTIAL.



As an example when I call the drive API on Http, I get the following message




"error":
"errors": [

"domain": "global",
"reason": "sslRequired",
"message": "SSL is required to perform this operation."

],
"code": 403,
"message": "SSL is required to perform this operation."





I would like to have the same behavior with cloud endpoint framework.



Subsidiary questions I found no way to also set HTST on cloud endpoint framework whereas Google is promoting it.
Did I misunderstand something?



Thx!










share|improve this question



























    up vote
    0
    down vote

    favorite












    I am currently using cloud endpoints framework on an Appengine application.



    Is it possible to enforce Https protocol for exposed endpoints?

    Now, I am able to call my endpoints in https but also in http.

    I wonder if we can set a redirection to Https like we can in appengine with the "transport-guarantee" set to CONFIDENTIAL.



    As an example when I call the drive API on Http, I get the following message




    "error":
    "errors": [

    "domain": "global",
    "reason": "sslRequired",
    "message": "SSL is required to perform this operation."

    ],
    "code": 403,
    "message": "SSL is required to perform this operation."





    I would like to have the same behavior with cloud endpoint framework.



    Subsidiary questions I found no way to also set HTST on cloud endpoint framework whereas Google is promoting it.
    Did I misunderstand something?



    Thx!










    share|improve this question

























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I am currently using cloud endpoints framework on an Appengine application.



      Is it possible to enforce Https protocol for exposed endpoints?

      Now, I am able to call my endpoints in https but also in http.

      I wonder if we can set a redirection to Https like we can in appengine with the "transport-guarantee" set to CONFIDENTIAL.



      As an example when I call the drive API on Http, I get the following message




      "error":
      "errors": [

      "domain": "global",
      "reason": "sslRequired",
      "message": "SSL is required to perform this operation."

      ],
      "code": 403,
      "message": "SSL is required to perform this operation."





      I would like to have the same behavior with cloud endpoint framework.



      Subsidiary questions I found no way to also set HTST on cloud endpoint framework whereas Google is promoting it.
      Did I misunderstand something?



      Thx!










      share|improve this question















      I am currently using cloud endpoints framework on an Appengine application.



      Is it possible to enforce Https protocol for exposed endpoints?

      Now, I am able to call my endpoints in https but also in http.

      I wonder if we can set a redirection to Https like we can in appengine with the "transport-guarantee" set to CONFIDENTIAL.



      As an example when I call the drive API on Http, I get the following message




      "error":
      "errors": [

      "domain": "global",
      "reason": "sslRequired",
      "message": "SSL is required to perform this operation."

      ],
      "code": 403,
      "message": "SSL is required to perform this operation."





      I would like to have the same behavior with cloud endpoint framework.



      Subsidiary questions I found no way to also set HTST on cloud endpoint framework whereas Google is promoting it.
      Did I misunderstand something?



      Thx!







      google-cloud-platform google-cloud-endpoints google-cloud-endpoints-v2






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited yesterday

























      asked yesterday









      chaiyachaiya

      1,272913




      1,272913






















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote













          If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



          Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.






          share|improve this answer




















            Your Answer






            StackExchange.ifUsing("editor", function ()
            StackExchange.using("externalEditor", function ()
            StackExchange.using("snippets", function ()
            StackExchange.snippets.init();
            );
            );
            , "code-snippets");

            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "1"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













             

            draft saved


            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53224370%2fenforce-https-with-cloud-endpoints-framework-v2%23new-answer', 'question_page');

            );

            Post as a guest






























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            0
            down vote













            If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



            Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.






            share|improve this answer
























              up vote
              0
              down vote













              If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



              Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.






              share|improve this answer






















                up vote
                0
                down vote










                up vote
                0
                down vote









                If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



                Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.






                share|improve this answer












                If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



                Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered yesterday









                Andrew Gunsch

                511




                511



























                     

                    draft saved


                    draft discarded















































                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53224370%2fenforce-https-with-cloud-endpoints-framework-v2%23new-answer', 'question_page');

                    );

                    Post as a guest














































































                    Popular posts from this blog

                    Use pre created SQLite database for Android project in kotlin

                    Darth Vader #20

                    Ondo