API Access Management Gateway deployment table

This deployment table describes the important configuration options for deploying an API Gateway.

For specific use case information, see Deploying for Gateway API Access Management in the Deployment Guide.

Step	Description
Configure the connection to the PingFederate OAuth Authorization Server.	PingAccess uses this connection and credentials to validate incoming access tokens for securing application programming interface (API) calls.
Configure the OpenID Connect Relying Party Client for PingAccess.	The client must be registered with PingFederate and the client credentials configured in PingAccess to authenticate PingAccess when validating incoming access tokens.
Generate or Import Key Pairs and configure HTTP Listeners.	Defines the certificates and keys used to secure access to the PingAccess administrative console and secure incoming HTTPS requests at runtime.
Set up your cluster for high availability.	Facilitates high availability of critical services, and increases performance and overall system throughput.
Add trusted CA certificates.	Defines trust to certificates presented during outbound secure HTTPS connections.
Create a trusted certificate group.	Provides a trusted set of anchor certificates for use when authenticating outbound secure HTTPS connections.
Define virtual servers for protected applications.	Allows one server to share PingAccess Resources without requiring all sites on the server to use the same host name. If SNI is available (Java 8), specific key pairs can be assigned to virtual hosts.

Step

Description

Configure the connection to the PingFederate OAuth Authorization Server.

PingAccess uses this connection and credentials to validate incoming access tokens for securing application programming interface (API) calls.

Configure the OpenID Connect Relying Party Client for PingAccess.

The client must be registered with PingFederate and the client credentials configured in PingAccess to authenticate PingAccess when validating incoming access tokens.

Generate or Import Key Pairs and configure HTTP Listeners.

Defines the certificates and keys used to secure access to the PingAccess administrative console and secure incoming HTTPS requests at runtime.

Set up your cluster for high availability.

Facilitates high availability of critical services, and increases performance and overall system throughput.

Add trusted CA certificates.

Defines trust to certificates presented during outbound secure HTTPS connections.

Create a trusted certificate group.

Provides a trusted set of anchor certificates for use when authenticating outbound secure HTTPS connections.

Define virtual servers for protected applications.

Allows one server to share PingAccess Resources without requiring all sites on the server to use the same host name. If SNI is available (Java 8), specific key pairs can be assigned to virtual hosts.