Security architecture
Architecture of API Gateway and API Portal from a security perspective.
1 minute read
API Gateway architecture
The following diagram shows the product architecture from a security perspective. The legend explains the security level on connections (SSL by default, always SSL, can be SSL, and so on) and on data storage (signed or encrypted).
The diagram includes the following components:
- ES Conf: Entity Store Configuration, which is a file-based store for all policy data.
- Domain Creds: Salted hash of administrator user credentials.
- LDAP/IDM: Identity Management products, such as authentication or authorization servers.
- Domain: An administrative entity comprising at least one Admin Node Manager and at least one API Gateway. These logical components can be located on the same physical or virtual host or separated across multiple physical or virtual hosts as required.
API Portal architecture
The following diagram shows the API Portal architecture from a security perspective. The legend explains the security level on connections (SSL by default, always SSL, can be SSL, and so on) and on data storage (signed or encrypted).
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
Last modified December 8, 2020: RMF-30 Fix broken links in APIM (#1499) (0a1028b1)