API access management proof of concept deployment architecture
The proof of concept environment emulates an API access management environment for testing purposes.
In the test environment, PingAccess can be set up with the minimum hardware requirements. Given these conditions, do not use this proposed architecture in a production deployment because it does not provide high availability.
The following table describes the three zones within this proposed architecture.
Zone | Description |
---|---|
External Zone |
External network where incoming application programming interface (API) requests originate. |
DMZ |
Externally exposing segment where PingAccess is accessible to API clients. PingAccess is a standalone instance in this environment, serving as both a runtime and an administrative port. |
Protected Zone |
Backend controlled zone in which sites hosting the protected APIs are located. All requests to these APIs must be designed to pass through PingAccess. PingFederate is accessible to API clients in this zone and is a standalone instance, serving as both a runtime and an administrative port. |