Internal Service
API Gateway provides internal APIs that work on identified applications that are identified based on identifiers such as APi Key, OAuth token, IP address and so on.
API Gateway provides the following REST API and the resources to manage application identification:
POST/{apigateway}/security/getJsonWebToken: Generates JSON Web token with custom claims supplied in the request.
POST/{apigateway}/security/exchangeIDToken: Generate an access token for the given ID Token.
For details on the REST API see the swagger file APIGatewayInternalService.json, located at Install directory/IntegrationServer/instances/default/packages/WmAPIGateway/resources/apigatewayservices.