A PingIntelligence policy is installed in the Axway API Gateway and passes API metadata to PingIntelligence for detailed API activity reporting and attack detection with optional client blocking. PingIntelligence 4.0 software adds support for reporting and attack detection based on usernames captured from token attributes.

The following diagram shows the complete deployment:

A diagram of the deployment of PingIntelligence for APIs in a sideband configuration with an Axway API Gateway.

The following is the traffic flow through Axway and PingIntelligence for APIs components.

  1. Client sends an incoming request to Axway.
  2. Axway makes an API call to send the request metadata to API Security Enforcer (ASE).
  3. ASE checks the request against a registered set of APIs and checks the origin IP, cookie, API Key, or OAuth2 token in the PingIntelligence artificial intelligence (AI) engine-generated deny list. If all checks pass, ASE returns a 200-OK response to the Axway. If not, a different response code is sent to Axway. The request information is also logged by ASE and sent to the AI engine for processing.
  4. If Axway receives a 200-OK response from ASE, then it forwards the request to the backend server. Otherwise, the Gateway optionally blocks the client.
  5. The response from the backend server is received by Axway.
  6. Axway makes a second API call to pass the response information to ASE, which sends the information to the AI engine for processing.
  7. ASE receives the response information and sends a 200-OK to Axway.
  8. Axway sends the response received from the backend server to the client.