Manage Users, Groups, and Teams
You can use API Gateway to define user information on the API Gateway server. The definition of user contains the login ID, password, and group membership.
Alternatively, you can set up API Gateway to access the information from a local user management system or you can use webMethods Integration Server to configure the Lightweight Directory Access Protocol (LDAP) external directory that your site uses for user information.
Note:
Central User Management is not supported with API Gateway.
webMethods Integration Server uses user information to authenticate clients and determine the server resources that a client is allowed to access. If the server is using basic authentication (username and password) to authenticate a client, it uses the login ID and passwords defined in user accounts to validate the credentials a client supplies.
API Gateway enables you to define user and group information to the API Gateway server. The user definition contains the user login ID, password, and group membership. The group definition contains the group name and a list of users in the group. After creating users and groups, users can be given the required functional privileges based on the teams that they are part of. A user can have different set of functional privileges in the teams that they are part of. For example, a user can have administrative privileges in a team and view privileges in another.
You can add and manage user information from the User Management page. This page lists all the basic information for the following:
Users: User personas who can access
API Gateway and perform tasks. A predefined user is an Administrator who has administrator privileges.
Groups: The group membership identifies the groups to which a user belongs. User can create a group, associate users to the group, and delete a group in
API Gateway.
Teams: Users who share a common role or responsibility can be grouped as teams. When the Team feature is enabled, The members of teams can access the
API Gateway assets of their teams and they can perform actions on these assets based on the functional privileges assigned to their teams.
Account settings: You can define the password restrictions, password expiry and the account lock settings here.
LDAP configuration: You can configure
API Gateway to use LDAP and manage LDAP directories here.