Additional concepts to consider include request routing and Bearer token authorization.
- Request routing
- You configure request routing by defining a Gateway API Endpoint in the PingAuthorize Server configuration. Each Gateway API Endpoint determines which incoming HTTP requests are proxied to an API server and how PingAuthorize Server translates the HTTP request into a policy decision request.
- Bearer token authorization
- The testing in Testing the reverse proxy uses this authorization. The
token itself is a mock access token, which is a special kind of
Bearer token that a PingAuthorize Server in test environments can accept. A
mock Bearer token is formatted as a single line of JSON, with the same fields
used in standard JWT access tokens, plus a boolean
"active"field, which indicates whether the token should be considered valid. When you use mock access tokens, you do not need to obtain an access token from an actual OAuth 2 auth server, which saves you time during testing.