---
title: Sideband API configuration basics
description: The sideband API provides fine-grained access control to supported third-party API gateways through an API integration.
component: pingauthorize
version: 11.0
page_id: pingauthorize:pingauthorize_server_administration_guide:paz_sideband_api_config
canonical_url: https://docs.pingidentity.com/pingauthorize/11.0/pingauthorize_server_administration_guide/paz_sideband_api_config.html
revdate: October 7, 2022
section_ids:
  example: Example
---

# Sideband API configuration basics

The sideband API provides fine-grained access control to supported third-party API gateways through an API integration.

The sideband API consists of the following components.

* Sideband API Shared Secrets

  Defines the authentication credential *(tooltip: \<div class="paragraph">
  \<p>Information used to identify a subject for access purposes (for example, username and password). A credential can also be a certificate.\</p>
  \</div>)* that the sideband API might require an API gateway adapter *(tooltip: \<div class="paragraph">
  \<p>Plug-in software that allows Ping products to interact with web applications and authentication systems.\</p>
  \</div>)* to present. For more information, see [Sideband API authentication](paz_authn_sideband_api.html).

* Sideband API HTTP Servlet Extension

  Represents the sideband API itself. If you require shared secrets, you might need to configure this component. For more information, see [Sideband API authentication](paz_authn_sideband_api.html).

* Sideband API Endpoints

  Represents a public path prefix that the sideband API accepts for handling proxied requests. A sideband API endpoint *(tooltip: \<div class="paragraph">
  \<p>One end in a communication channel, typically a URI.\</p>
  \</div>)* configuration defines the following items:

  * The base path (`base-path`) for requests that the sideband API accepts

  * Properties that relate to policy processing, such as `service`, which targets the policy requests that are generated for the sideband API endpoint to specific policies

PingAuthorize Server's default configuration includes a default sideband API endpoint that accepts all API requests and generates policy requests for the service `Default`. To customize policy requests further, an administrator can create additional sideband API endpoints. For more information about using the sideband API endpoint configuration to customize policy requests, see [Sideband API policy requests](paz_sideband_api_policy_reqs.html).

|   |                                                                                                                                                                                                       |
| - | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|   | Changes to these components do not typically require a server restart to take effect. For more information, see the *Configuration Reference*, located in the server's `docs/config-guide` directory. |

## Example

The following example commands create a pair of sideband API endpoints that target specific requests to a consent service.

```json
{pingauthorize}/bin/dsconfig create-sideband-api-endpoint \
  --endpoint-name "Consent Definitions" \
  --set base-path:/c/definitions \
  --set service:Consent

{pingauthorize}/bin/dsconfig create-sideband-api-endpoint \
  --endpoint-name "Consent Records" \
  --set base-path:/c/consents \
  --set service:Consent
```