--- title: API Access Management Gateway deployment table description: The following table describes the important configuration options for deploying an API Gateway. You can find specific use case information in Deploying for Gateway API Access Management. component: pingaccess version: 9.0 page_id: pingaccess:reference_guides:pa_api_access_management_gateway_deployment_table canonical_url: https://docs.pingidentity.com/pingaccess/9.0/reference_guides/pa_api_access_management_gateway_deployment_table.html revdate: November 18, 2025 --- # API Access Management Gateway deployment table The following table describes the important configuration options for deploying an API Gateway. You can find specific use case information in [Deploying for Gateway API Access Management](pa_deploy_for_gateway_api_access_management.html). > **Collapse: Configuration steps** > > | Step | Description | > | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | > | [Configure the connection to the PingFederate OAuth Authorization Server](../pingaccess_user_interface_reference_guide/pa_configuring_oauth_resource_servers.html). | PingAccess uses this connection and credentials to validate incoming access tokens for securing application programming interface (API) *(tooltip: \
\

A specification of interactions available for building software to access an application or service.\

\
)* calls. | > | [Configure the OpenID Connect Relying Party Client for PingAccess](https://docs.pingidentity.com/pingfederate/latest/introduction_to_pingfederate/pf_client_management.html). | You must register the client with PingFederate and the client credentials configured in PingAccess to authenticate PingAccess when validating incoming access tokens. | > | [Generate or Import Key Pairs and configure HTTP Listeners](../pingaccess_user_interface_reference_guide/pa_key_pairs.html). | Define the certificates and keys used to secure access to the PingAccess admin console and secure incoming HTTPS requests at runtime. | > | [Set up your cluster for high availability](pa_clustering_ref_guide.html). | Configure a cluster to facilitate high availability of critical services and increase performance and overall system throughput. | > | [Add trusted CA certificates](../pingaccess_user_interface_reference_guide/pa_importing_certificates.html). | Defines trust to certificates presented during outbound secure HTTPS connections. | > | [Create a trusted certificate group](../pingaccess_user_interface_reference_guide/pa_creating_trusted_certificate_groups.html). | Provides a trusted set of anchor certificates for use when authenticating outbound secure HTTPS connections. | > | [Define virtual servers for protected applications](../pingaccess_user_interface_reference_guide/pa_creating_new_virtual_hosts.html). | Allow one server to share PingAccess resources without requiring all sites on the server to use the same host name.You can assign specific key pairs to virtual hosts. |