Before configuring your PingAccess deployment to protect an API:


After you have completed the following steps, your API is protected.

  1. Configure a virtual host – A virtual host represents the API you will protect and contains information about its location.
  2. Configure a rule – Rules control who can access what content under what circumstances.
  3. Configure an identity mapping – An identity mapping lets you share identity information with the protected API as headers.
  4. Configure an application – An application joins the other pieces together, giving users access to the API according to the configured rules.
  5. Configure a resource – A resource specifies an API endpoint and the methods that can be used to access it.