The gateway handles proxied requests in the following phases:
- Inbound phase – When a client submits an API request to PingAuthorize Server, the gateway forms a policy request
based on the API request and submits it to the policy decision point (PDP) for
evaluation. If the policy result allows it, PingAuthorize Server forwards the
inboundrequest to the API server. inbound A direction of message flow coming into a service. The type of message depends service's identity access management role.
- Outbound phase – After PingAuthorize Server
receives the upstream API server's response, the gateway again forms a policy request,
this time based on the API server response, and submits it to the PDP. If the policy
result is positive, PingAuthorize Server forwards
outboundresponse to the client. outbound The direction of transaction flow from a service or server.
The API gateway supports only