This guide describes the deployment of PingIntelligence for APIs in a sideband configuration with an Axway API Gateway. A PingIntelligence policy is installed in the Axway API Gateway and passes API metadata to PingIntelligence for detailed API activity reporting and attack detection with optional client blocking. PingIntelligence 4.0 software adds support for reporting and attack detection based on usernames captured from token attributes.

The following diagram shows the complete deployment:

Here is the traffic flow through Axway and PingIntelligence for APIs components.

  1. Client sends an incoming request to Axway
  2. Axway makes an API call to send the request metadata to ASE
  3. ASE checks the request against a registered set of APIs and checks the origin IP, cookie, API Key, or OAuth2 token in the PingIntelligence AI engine generated Blacklist. If all checks pass, ASE returns a 200-OK response to the Axway. If not, a different response code is sent to Axway. The request information is also logged by ASE and sent to the AI Engine for processing.
  4. If Axway receives a 200-OK response from ASE, then it forwards the request to the backend server. Otherwise, the Gateway optionally blocks the client.
  5. The response from the backend server is received by Axway.
  6. Axway makes a second API call to pass the response information to ASE which sends the information to the AI engine for processing.
  7. ASE receives the response information and sends a 200-OK to Axway.
  8. Axway sends the response received from the backend server to the client.