From 0cca3472549d8d2a8aa40dd3e0d2f59b438ea43a Mon Sep 17 00:00:00 2001
From: pasant9 <pasan96tennakoon@gmail.com>
Date: Wed, 30 Oct 2024 11:53:59 +0530
Subject: [PATCH 1/2] Add allow list to expose Developer portal

---
 ...curity-guidelines-for-production-deployment.md | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md b/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md
index 8cb339a773..b7e3ce23d2 100644
--- a/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md
+++ b/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md
@@ -892,12 +892,25 @@ This section provides a list of security guidelines for configuring the network
 <p><strong>Note:</strong> </p>
 <p>It is recommended to use an allowlisting approach when allowing access to resources in your product from the DMZ level.</p>
 
+<p>For the API-M Developer Portal, access to the following paths would be sufficient:</p>
+    <ul>
+      <li>https://&lt;host&gt;:&lt;port&gt;/devportal</li>
+      <li>https://&lt;host&gt;:&lt;port&gt;/devportal/*</li>
+      <li>https://&lt;host&gt;:&lt;port&gt;/api/am/devportal/v3/*</li>
+      <li>https://&lt;host&gt;:&lt;port&gt;/oauth2/*</li>
+      <li>https://&lt;host&gt;:&lt;port&gt;/oidc/*</li>
+      <li>https://&lt;host&gt;:&lt;port&gt;/authenticationendpoint/*</li>
+      <li>https://&lt;host&gt;:&lt;port&gt;/logincontext</li>
+      <li>https://&lt;host&gt;:&lt;port&gt;/oauth2/authorize</li>
+      <li>https://&lt;host&gt;:&lt;port&gt;/commonauth</li>
+      <li>https://&lt;host&gt;:&lt;port&gt;/accountrecoveryendpoint/*</li>
+   </ul>
+
 </td>
 </tr>
 </tbody>
 </table>
 
-
 ## Configure client authentication
 
 Client authentication is used to identify the application or the client that is making the request. 

From be12931c1063a8963863ac55ffc49ebe13190602 Mon Sep 17 00:00:00 2001
From: Pasan Tennakoon <pasan96tennakoon@gmail.com>
Date: Wed, 30 Oct 2024 12:08:59 +0530
Subject: [PATCH 2/2] Update
 en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md

Co-authored-by: Tharika Madurapperuma <tharikaGitHub@users.noreply.github.com>
---
 .../security-guidelines-for-production-deployment.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md b/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md
index b7e3ce23d2..1ba8a02130 100644
--- a/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md
+++ b/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md
@@ -892,7 +892,7 @@ This section provides a list of security guidelines for configuring the network
 <p><strong>Note:</strong> </p>
 <p>It is recommended to use an allowlisting approach when allowing access to resources in your product from the DMZ level.</p>
 
-<p>For the API-M Developer Portal, access to the following paths would be sufficient:</p>
+<p>For the API-M Developer Portal, exposing the following paths would be sufficient:</p>
     <ul>
       <li>https://&lt;host&gt;:&lt;port&gt;/devportal</li>
       <li>https://&lt;host&gt;:&lt;port&gt;/devportal/*</li>