API Gateway 10.11 | Administering API Gateway | Security Configuration | Kerberos Settings
 
Kerberos Settings
 
Configuring API Gateway to Use Kerberos
Kerberos is an authentication protocol that uses symmetric encryption and a trusted third party system to validate the identity of clients. The Kerberos protocol provides authentication over open and insecure networks in which communication between the hosts can be intercepted.
You can use API Gateway to configure Kerberos authentication for API requests. API Gateway provides support for using Kerberos authentication for inbound and outbound HTTP and HTTPs requests at the transport and the message level.
Kerberos authentication system consists of a Kerberos client that needs to access and use Kerberos services, a trusted third-party system, specifically a Key Distribution Center (KDC), and a server that hosts APIs that are accessible using Kerberos authentication.
Note:
You can configure the kerberos settings through API Gateway and Integration Server UI. But, Software AG recommends to use API Gateway UI to configure or modify instrospection endpoint.