The gateway handles proxied requests in the following phases:

  • Inbound phase – When a client submits an API request to PingDataGovernance Server, the gateway forms a policy request based on the API request and submits it to the policy decision point (PDP) for evaluation. If the policy result allows it, PingDataGovernance Server forwards the request to the API server.
  • Outbound phase – After PingDataGovernance Server receives the upstream API server's response, the gateway again forms a policy request, this time based on the API server response, and submits it to the PDP. If the policy result is positive, PingDataGovernance Server forwards the response to the client.
PingDataGovernance API Security Gateway sequence diagram

The API gateway supports only JSON requests and responses.