Disable access to the API when OAuth 2.0 authentication mode is enabled, Two-way SSL Security Mode is set to exclusive, and the user call's the API directly on port 443 without presenting a valid certificate

In the future we will be removing basic auth from the platform, before that we will make it an optional feature as oposed to the current mandatory option, but unfortunately today you cannot disable it. Sorry.

From your last comment I see that you would like to also block all ingresses based on a single/set of client certificates, and again as part of the work to make basic auth optional we will introduce the concept of client services that will define the authentication type. You will then decide which resources will be given access to client service.

Currently, the APIs exposed on our IPaaS are secured using OAuth2 authentication, as shown in the attached screenshot. However, Basic Authentication is still enabled, allowing access via this less secure method.

We would like to disable Basic Authentication on these APIs, keeping OAuth2 as the only authentication method to strengthen security.

Additionally, we aim to enhance security by implementing mTLS between Apigee gateway and IPaaS. This setup would ensure that the APIs are accessible exclusively via Apigee by requiring a valid client certificate for verification on port 8443.

Could you please confirm if this configuration is possible and provide any relevant guidance?

I don't understand your request here. Currently there is no way to set the authentication mode for an API in Integration. It's either basic auth or private, so can you explain your current process in more detail please.