API governance enables you to restrict access to your APIs or add custom headers based on historical usage patterns of your API. Proper API governance enables the foundation for a good API security program. For example, Moesif’s governance rules can block access to users who are maliciously scraping your API or accessed an abnormally large number of items.
Besides API security, you can also leverage governance for business requirements and continuity. For example, you can create a rule to block access to customers with overdue invoices or add deprecation warning headers when customers access an old version of your API.
Governance rules work by interacting with the Moesif SDK or plugin to block or modify the response on the fly.
Besides installing the SDK, no other action is needed for governance to work. Governance rules is not limited to making decisions from just API requests. You can add governance rules based on any customer demographics or behavior tracked by Moesif such as to block customers with overdue invoices or to add paywalls to your API.