Overview of Security Configuration in API Gateway
You must have the API Gateway's manage security configurations functional privilege assigned to perform the following tasks in the security configuration section of API Gateway:
Configure the keystores and truststores required for incoming and outgoing message-level and transport-level security.
Configure ports of
API Gateway.
Configure the SAML issuer to use in
API Gateway outbound authentication to fetch the SAML token from the STS (Security Token Service).
Configure the custom assertions to use in inbound authentication of
API Gateway.
Configure Kerberos settings.
Manage master password.
Configure JSON web token(JWT), OAuth, and OpenID authorization servers and third-party providers.