Complete the following before configuring the Axway API Gateway:
- Confirm the Axway version PingIntelligence 4.0 works with Axway 7.5.3 or later.
- OAuth token store: If you wish to detect username based attacks, make sure that OAuth token store is configured in Axway.
Install PingIntelligence software
PingIntelligence should be installed and configured. Refer to the PingIntelligence deployment guide for your environment.
Verify that ASE is in sideband modeCheck that ASE is in sideband mode by running the following ASE command:
If ASE is not in
/opt/pingidentity/ase/bin/cli.sh status API Security Enforcer status : started mode : sideband http/ws : port 80 https/wss : port 443 firewall : enabled abs : enabled, ssl: enabled abs attack : disabled audit : enabled sideband authentication : disabled ase detected attack : disabled attack list memory : configured 128.00 MB, used 25.60 MB, free 102.40 MB
sidebandmode, then stop ASE and change the mode by editing the
sidebandand start ASE.
Enable sideband authentication: For a secure communication between Axway and ASE,
enable sideband authentication by entering the following ASE command:
# ./bin/cli.sh enable_sideband_authentication -u admin –p
Generate sideband authentication token
A token is required for Axway to authenticate with ASE. To generate the token in ASE, enter the following ASE command:
Save the generated authentication token for further use.
# ./bin/cli.sh -u admin -p admin create_sideband_token
Port for AAD
If you are using AAD to automate API definition updates on PingIntelligence, open the following ports:
- Open the management port to fetch API definitions from Axway. The default port is 8075.
- Open port 8010 in ASE for AAD to add API definitions.
To connect PingIntelligence ASE with Axway API Gateway, complete the following steps:
- Import the Axway Policy in Axway Policy Studio
- Deploy the Axway Policy
- Import the APIs from the Management VM to Axway API Manager.