PingAuthorize

PingAuthorize Integrations

API gateway integrations enable you to use PingAuthorize for attribute-based access control and policy decisions with your API gateway.

PingAuthorize supports authorization integrations with third-party API gateways through integration kits. PingAuthorize also integrates natively with PingGateway.

The following diagram outlines how API requests flow through your API gateway and PingAuthorize:

Diagram of the API gateway request and response flow between the API client, the API gateway, the PingAuthorize policy engine, policy information points, and the API target

  1. The client sends a request to the API gateway.

  2. The API gateway-specific integration kit processes the client’s request and sends it to the PingAuthorize Server for policy processing.

  3. The PingAuthorize Server determines whether to permit or deny the API request based on policies defined in the PingAuthorize Policy Editor.

  4. The API gateway analyzes the response from the PingAuthorize Server to determine whether to forward the request to the upstream API and, if so, whether to modify the request.

  5. The API gateway passes the original or modified request to the API target.

  6. The API resource server sends a response to the gateway with the requested resources.

  7. The integration kit processes the resource server’s response and forwards it to the PingAuthorize Server for policy processing.

  8. The PingAuthorize Server determines whether to forward the API response to the client based on policies defined in the PingAuthorize Policy Editor.

  9. The PingAuthorize Server sends a final response to the API gateway.

  10. The API gateway processes the response and forwards the requested API resource to the client.

PingAuthorize supports the following API gateway integrations: