CentraSite | API Gateway | Notes |
Service Principal Name Form: User | Service Principal Name Form: Username | Beginning with version 10.1, the parameter Service Principal Name Form is removed from CentraSite and API Gateway. This is because the service principal name form set to Host or Hostbased is no longer supported in Integration Server. Therefore, whenever the Evaluate Kerberos policy is defined for an API in CentraSite or API Gateway, the service principal name form defaults to User or Username. |
Service Principal Name Form: Host | Service Principal Name Form: Hostbased | |
Service Principal Name | Service Principal Name | |
Service Principal Password | Service Principal Password | |
Identify Consumer: Do Not Identify | Not applicable | When the parameter Identify Consumer is set to Do Not Identify in CentraSite, the policy Identify and Authorize Application that is used to identify an application is NOT included to the API's list of policies in API Gateway. |
Identify Consumer: Global Consumers | Application Lookup Condition: Global applications | When the parameter Identify Consumer is set to Global Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a global consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to Kerberos Token in the policy Identify and Authorize Application. |
Identify Consumer: Registered Consumers | Application Lookup Condition: Registered applications | When the parameter Identify Consumer is set to Registered Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a registered consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to Kerberos Token in the policy Identify and Authorize Application. |
CentraSite | API Gateway | Notes |
Service Principal Name Form: User | Service Principal Name Form: Username | Beginning with version 10.1, the parameter Service Principal Name Form is removed from CentraSite and API Gateway. This is because the service principal name form set to Host or Hostbased is no longer supported in Integration Server. Therefore, whenever the Evaluate Kerberos policy is defined for an API in CentraSite or API Gateway, the service principal name form defaults to User or Username. |
Service Principal Name Form: Host | Service Principal Name Form: Hostbased | |
Service Principal Name | Service Principal Name | |
Service Principal Password | Service Principal Password | |
Identify Consumer: Do Not Identify | Not applicable | When the parameter Identify Consumer is set to Do Not Identify in CentraSite, the policy Identify and Authorize Application that is used to identify an application is NOT included to the API's list of policies in API Gateway. |
Identify Consumer: Global Consumers | Application Lookup Condition: Global applications | When the parameter Identify Consumer is set to Global Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a global consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to Kerberos Token in the policy Identify and Authorize Application. |
Identify Consumer: Registered Consumers | Application Lookup Condition: Registered applications | When the parameter Identify Consumer is set to Registered Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a registered consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to Kerberos Token in the policy Identify and Authorize Application. |
CentraSite | API Gateway | Notes |
Identify Consumer: Do Not Identify | Not applicable | When the parameter Identify Consumer is set to Do Not Identify in CentraSite, the policy Identify and Authorize Application that is used to identify an application is NOT included to the API's list of policies in API Gateway. |
Identify Consumer: Global Consumers | Application Lookup Condition: Global applications | When the parameter Identify Consumer is set to Global Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a global consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to Kerberos Token in the policy Identify and Authorize Application. |
Identify Consumer: Registered Consumers | Application Lookup Condition: Registered applications | When the parameter Identify Consumer is set to Registered Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a registered consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to Kerberos Token in the policy Identify and Authorize Application. |
Authenticate User (check box) | Not applicable | When the parameter Authenticate User check box is selected (set to true) in CentraSite, the policy Inbound Authentication - Transport with the parameter HTTP Basic Authentication that is used to secure the API at the transport layer is included to the API's list of policies in API Gateway. When the parameter Authenticate User check box is NOT selected (set to false) in CentraSite, the policy Inbound Authentication - Transport that is used to secure the API at the transport layer is NOT included to the API's list of policies in API Gateway. Also, if the parameter Identify Consumer is set to Do Not Identify in CentraSite, the policy Validate HTTP Headers that is used to validate the presence of HTTP headers, or header values, or both in incoming API requests is included to the API's list of policies in API Gateway. |
CentraSite | API Gateway | Notes |
Identify Consumer: Global Consumers | Application Lookup Condition: Global applications | When the parameter Identify Consumer is set to Global Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a global consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to SSL Certificate in the policy Identify and Authorize Application. |
Identify Consumer: Registered Consumers | Application Lookup Condition: Registered applications | When the parameter Identify Consumer is set to Registered Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a registered consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to SSL Certificate in the policy Identify and Authorize Application. |
CentraSite | API Gateway | Notes |
Identify Consumer: Global Consumers | Application Lookup Condition: Global applications | When the parameter Identify Consumer is set to Global Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a global consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to Hostname Address in the policy Identify and Authorize Application. |
Identify Consumer: Registered Consumers | Application Lookup Condition: Registered applications | When the parameter Identify Consumer is set to Registered Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a registered consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to Hostname Address in the policy Identify and Authorize Application. |
CentraSite | API Gateway | Notes |
Identify Consumer: Global Consumers | Application Lookup Condition: Global applications | When the parameter Identify Consumer is set to Global Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a global consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to IP Address Range in the policy Identify and Authorize Application. |
Identify Consumer: Registered Consumers | Application Lookup Condition: Registered applications | When the parameter Identify Consumer is set to Registered Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a registered consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to IP Address Range in the policy Identify and Authorize Application. |
CentraSite | API Gateway | Notes |
Identify Consumer: Do Not Identify | Not applicable | When the parameter Identify Consumer is set to Do Not Identify in CentraSite, publishing of API form CentraSite to API Gateway fails with the following exception: Could not deploy the asset <asset_name> on given target <API Gateway_name>. To work around this issue, you have to set the value of the parameter Identify Consumer to either Global Consumers or Registered Consumers, and then publish the API to API Gateway. |
Identify Consumer: Global Consumers | Application Lookup Condition: Global applications | When the parameter Identify Consumer is set to Global Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a global consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to XPath expression in the policy Identify and Authorize Application. |
Identify Consumer: Registered Consumers | Application Lookup Condition: Registered applications | When the parameter Identify Consumer is set to Registered Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a registered consumer application is included to the API's list of policies in API Gateway. Also, the parameter Identification Type is set to XPath expression in the policy Identify and Authorize Application. |
Namespace: Prefix | Namespace: Namespace Prefix | |
Namespace: URI | Namespace: Namespace URI | |
XPath Expression | Identification Query: Query Expression |
CentraSite | API Gateway | Notes |
Identify Consumer: Do Not Identify | Not applicable | When the parameter Identify Consumer is set to any of the three options in CentraSite, the policy Identify and Authorize Application that is used to identify an application is included to the API's list of policies in API Gateway. The parameter Identification Type is set to OAuth2 Token in the policy Identify and Authorize Application. Also, the policy is internally defined to identify the application against the Registered Applications list in API Gateway. |
Identify Consumer: Global Consumers | ||
Identify Consumer: Registered Consumers | ||
Authenticate Access Token: True False | Not applicable |
Note: | Software AG recommends you to invoke the webMethods IS Service only after you migrate all OAuth 2.0 APIs from CentraSite to API Gateway. |
CentraSite | API Gateway | Notes |
Identify Consumer: Do Not Identify | Token Assertions: Require WSS Username token | When the parameter Identify Consumer is set to Do Not Identify in CentraSite, the policy Identify and Authorize Application that is used to identify an application is NOT included to the API's list of policies in API Gateway. However, the policy Inbound Authentication - Message with the parameter Require WSS Username token that is used to enforce the SOAP message security is included to the API's list of policies in API Gateway. |
Identify Consumer: Global Consumers | Application Lookup Condition: Global applications Token Assertions: Require WSS Username token | When the parameter Identify Consumer is set to Global Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a global consumer application is included to the API's list of policies in API Gateway. The parameter Identification Type is set to WS Security Username token in the policy Identify and Authorize Application. Also the policy Inbound Authentication - Message with the parameter Require WSS Username token that is used to enforce the SOAP message security is included to the API's list of policies in API Gateway. |
Identify Consumer: Registered Consumers | Application Lookup Condition: Registered applications Token Assertions: Require WSS Username token | When the parameter Identify Consumer is set to Registered Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a registered consumer application is included to the API's list of policies in API Gateway. The parameter Identification Type is set to Require WSS Username token in the policy Identify and Authorize Application. Also the policy Inbound Authentication - Message with the parameter Require WSS Username token that is used to enforce the SOAP message security is included to the API's list of policies in API Gateway. |
CentraSite | API Gateway | Notes |
Identify Consumer: Do Not Identify | Token Assertions: Require X.509 Certificate | When the parameter Identify Consumer is set to Do Not Identify in CentraSite, the policy Identify and Authorize Application that is used to identify an application is NOT included to the API's list of policies in API Gateway. However, the policy Inbound Authentication - Message with the parameter WS Security X.509 Certificate that is used to enforce the SOAP message security is included to the API's list of policies in API Gateway. |
Identify Consumer: Global Consumers | Application Lookup Condition: Global applications Token Assertions: Require X.509 Certificate | When the parameter Identify Consumer is set to Global Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a global consumer application is included to the API's list of policies in API Gateway. The parameter Identification Type is set to WS Security X.509 Certificate in the policy Identify and Authorize Application. Also the policy Inbound Authentication - Message with the parameter Require X.509 Certificate that is used to enforce the SOAP message security is included to the API's list of policies in API Gateway. |
Identify Consumer: Registered Consumers | Application Lookup Condition: Registered applications Token Assertions: Require X.509 Certificate | When the parameter Identify Consumer is set to Registered Consumers in CentraSite, the policy Identify and Authorize Application that is used to identify a registered consumer application is included to the API's list of policies in API Gateway. The parameter Identification Type is set to WS Security X.509 Certificate in the policy Identify and Authorize Application. Also the policy Inbound Authentication - Message with the parameter Require X.509 Certificate that is used to enforce the SOAP message security is included to the API's list of policies in API Gateway. |
CentraSite | API Gateway | Notes |
Not applicable | Identification Type: API Key | When the policy Require API Key Check is defined in CentraSite, the policy Identify and Authorize Application that is used to identify an application is included to the API's list of policies in API Gateway. The parameter Identification Type is set to API Key in the policy Identify and Authorize Application. |
CentraSite | API Gateway | Notes |
Encrypt By: Element Namespace: Prefix | Encrypted Elements Namespace: Namespace Prefix | |
Encrypt By: Element Namespace: URI | Encrypted Elements Namespace: Namespace URI | |
Encrypt By: Element Element Required to be Encrypted | Encrypted Elements XPath | |
Encrypt By: Part Encrypt Part Soap Body | Encrypted Parts Entire SOAP Body All SOAP Attachments | |
Encrypt By: Part Encrypt SOAP headers Name | Encrypted Parts SOAP Header: Header Name | |
Encrypt By: Part Encrypt SOAP headers Namespace | Encrypted Parts SOAP Header: Header Namespace |
CentraSite | API Gateway | Notes |
Sign By: Element Namespace: Prefix | Signed Elements Namespace: Namespace Prefix | |
Sign By: Element Namespace: URI | Signed Elements Namespace: Namespace URI | |
Sign By: Element Element Required to be Signed | Signed Elements XPath | |
Sign By: Part Sign Part Soap Body | Signed Parts Entire SOAP Body All SOAP Attachments | |
Sign By: Part Sign SOAP headers Name | Signed Parts SOAP Header: Header Name | |
Sign By: Part Sign SOAP headers Namespace | Signed Parts SOAP Header: Header Namespace |
CentraSite | API Gateway | Notes |
Client Certificate Required (check box) | Protocol: HTTP HTTPS | When the parameter Client Certificate Required check box is selected (set to true) in CentraSite, the policy Require HTTP / HTTPS with the parameter HTTPS is included (if not already included) to the API's list of policies in API Gateway. When the parameter Client Certificate Required check box is not selected (set to false) in CentraSite, the default policy Require HTTP / HTTPS with the default parameter HTTP is included to the API's list of policies in API Gateway. |
CentraSite | API Gateway | Notes |
Not applicable | Token Assertions: Require Timestamp | When the policy action Require Timestamps is included to the list of policies in a SOAP API, the corresponding policy Inbound Authentication - Message with the parameter Token Assertions set to Require Timestamp is included to the API's list of policies in API Gateway. |
CentraSite | API Gateway | Notes |
Token Assertions: Require SAML Token | When the policy action Require WSS SAML Token is included to the list of policies in a SOAP API, the corresponding policy Inbound Authentication - Message with the parameter Token Assertions set to Require SAML Token is included to the API's list of policies in API Gateway. | |
SAML Version: SAML 1.1 SAML 2.0 | SAML Version: SAML 1.1 SAML 2.0 | |
SAML Subject Confirmation: Bearer WS Trust Version VERSION_05_02 VERSION_05_12 Issuer Address Metadata Reference Address Key Size Request Security Token Template Parameters Key Value | SAML Subject Confirmation: Bearer of Token WS-Trust Version WS-Trust 1.0 WS-Trust 1.3 Encrypt Signature Issuer Address Metadata Reference Address Algorithm Suite Basic128 Basic128Rsa15 Basic128Sha256 Basic128Sha256Rsa15 Basic192 Basic192Rsa15 Basic192Sha256 Basic192Sha256Rsa15 Basic256 Basic256Rsa15 Basic256Sha256 Basic256Sha256Rsa15 TripleDe TripleDesRsa15 TripleDesSha256 Require Security Token Template Parameters Key Value | |
SAML Subject Confirmation: Holder of Key (Asymmetric) WS Trust Version VERSION_05_02 VERSION_05_12 Algorithm Suite Basic128 Basic128Rsa15 Basic128Sha256 Basic128Sha256Rsa15 Basic192 Basic192Rsa15 Basic192Sha256 Basic192Sha256Rsa15 Basic256 Basic256Rsa15 Basic256Sha256 Basic256Sha256Rsa15 TripleDe TripleDesRsa15 TripleDesSha256 Encrypt Signature Yes No Layout Lax LaxTsFirst LaxTsLast Strict Holder of Key Asymmetric Parameters Initiator Token Inclusion Always AlwaysToInitiator AlwaysToRecipient Never Once Recipient Token Inclusion Always AlwaysToInitiator AlwaysToRecipient Never Once Issuer Address Metadata Reference Address Key Size Request Security Token Template Parameters Key Value | SAML Subject Confirmation: Holder of Key - Public WS-Trust Version WS-Trust 1.0 WS-Trust 1.3 Encrypt Signature Issuer Address Metadata Reference Address Algorithm Suite Basic128 Basic128Rsa15 Basic128Sha256 Basic128Sha256Rsa15 Basic192 Basic192Rsa15 Basic192Sha256 Basic192Sha256Rsa15 Basic256 Basic256Rsa15 Basic256Sha256 Basic256Sha256Rsa15 TripleDe TripleDesRsa15 TripleDesSha256 Require Security Token Template Parameters Key Value | |
SAML Subject Confirmation: Holder of Key (Symmetric) WS Trust Version VERSION_05_02 VERSION_05_12 Algorithm Suite Basic128 Basic128Rsa15 Basic128Sha256 Basic128Sha256Rsa15 Basic192 Basic192Rsa15 Basic192Sha256 Basic192Sha256Rsa15 Basic256 Basic256Rsa15 Basic256Sha256 Basic256Sha256Rsa15 TripleDe TripleDesRsa15 TripleDesSha256 Encrypt Signature Yes No Layout Lax LaxTsFirst LaxTsLast Strict Holder of Key Symmetric Parameters Protection Token Inclusion Always AlwaysToInitiator AlwaysToRecipient Never Once Issuer Address Metadata Reference Address Key Size Request Security Token Template Parameters Key Value | ||
SAML Subject Confirmation: Holder of Key - Symmetric WS-Trust Version WS-Trust 1.0 WS-Trust 1.3 Encrypt Signature Issuer Address Metadata Reference Address Algorithm Suite Basic128 Basic128Rsa15 Basic128Sha256 Basic128Sha256Rsa15 Basic192 Basic192Rsa15 Basic192Sha256 Basic192Sha256Rsa15 Basic256 Basic256Rsa15 Basic256Sha256 Basic256Sha256Rsa15 TripleDe TripleDesRsa15 TripleDesSha256 Require Security Token Template Parameters Key Value |
CentraSite | API Gateway | Notes |
Allowed URIs: URI | Allowed URIs: URI | |
Match Criteria: Allow Sublevels | Match Criteria: Allow Sublevels | |
Match Criteria: Exact Match | Match Criteria: Exact Match |
CentraSite | API Gateway | Notes |
Validate SOAP Message: Request | Feature Name Feature Value: True False | When the parameter Validate SOAP Message is set to Request in CentraSite, the policy Validate Schema under Request Processing stage is included to the API's list of policies inAPI Gateway. |
Validate SOAP Message: Response | Feature Name Feature Value: True False | When the parameter Validate SOAP Message is set to Response in CentraSite, the policy Validate Schema under Response Processing stage is included to the API's list of policies inAPI Gateway. |
CentraSite | API Gateway | Notes |
Authenticate Using: Custom Credentials Username Password Domain | Authenticate using: Custom Credentials Username Password Domain | |
Authenticate Using: Secure Alias Alias Name | Authenticate scheme: Alias | |
Authenticate Using: Use Existing Credentials | Authenticate using: Incoming HTTP basic auth credentials |
CentraSite | API Gateway | Notes |
Authenticate Using: Custom Credentials Username Password Domain | Authenticate using: Custom Credentials Username Password Domain | |
Authenticate Using: Secure Alias Alias Name | Authenticate scheme: Alias | |
Authenticate Using: Transparent | Authenticate using: Transparent | |
Authenticate Using: Use Existing Credentials | Authenticate using: Incoming HTTP basic auth credentials |
CentraSite | API Gateway | Notes |
Authenticate Using: Custom Token Custom Credential OAuth2 Token | Authenticate using: Custom Credentials Custom credentials OAuth2 token | |
Authenticate Using: Secure Alias Alias Name | Authenticate scheme: Alias | |
Authenticate Using: Use Existing Token | Authenticate using: Incoming OAuth token |
CentraSite | API Gateway | Notes |
Authenticate Using: Custom Credentials Client Principal Client Password Service Principal Service Principal Form hostbased username | Authenticate using: Custom Credentials Client principal Client password Service principal Service principal nameform Username Hostbased | |
Authenticate Using: Delegating Incoming Credentials Client Principal Client Password Service Principal Service Principal Form hostbased username | Authenticate using: Delegating incoming credentials Client principal Client password Service principal Service principal nameform Username Hostbased | |
Authenticate Using: Secure Alias Alias Name | Authenticate scheme: Alias | |
Authenticate Using: Use Existing Credentials Service Principal Service Principal Form hostbased username | Authenticate using: Incoming HTTP basic auth credentials Service principal Service principal nameform Username Hostbased |
CentraSite | API Gateway | Notes |
Authenticate Using: Custom Credentials Client Principal Client Password Service Principal Service Principal Form hostbased username | Authenticate using: Custom Credentials Client principal Client password Service principal Service principal nameform Username Hostbased | |
Authenticate Using: Delegating Incoming Credentials Client Principal Client Password Service Principal Service Principal Form hostbased username | Authenticate using: Delegating incoming credentials Client principal Client password Service principal Service principal nameform Username Hostbased | |
Authenticate Using: Secure Alias Alias Name | Authenticate scheme: Alias | |
Authenticate Using: Use Existing Credentials Service Principal Service Principal Form hostbased username | Authenticate using: Incoming HTTP basic auth credentials Service principal Service principal nameform Username Hostbased |
CentraSite | API Gateway | Notes |
Not applicable | Authenticate scheme: Alias | |
Signing Alias | Signing configurations Keystore alias Key alias | This parameter refers to the authentication configurations that should be used for signing outbound messages. The parameter Signing Alias of CentraSite is mapped in to the parameter Key alias in API Gateway. The parameter Keystore alias is mapped in to the parameter Keystore alias as defined in the Keystore/Truststore configuration page (go to Username > Administration > General > Security) in API Gateway. |
Encryption Alias | Encryption configurations Truststore alias Certificate alias | This parameter refers to the authentication configurations that should be used for encrypting outbound messages. The parameter Encryption Alias of CentraSite is mapped in to the parameter Certificate alias in API Gateway. The parameter Truststore alias is mapped in to the parameter Truststore alias as defined in the Keystore/Truststore configuration page (go to Username > Administration > General > Security) in API Gateway. |
Issuer Communication Action Act as Delegation Normal Client | SAML Issuer Configuration Name Act as Delegation Normal Client | |
Issuer Communication Communicate Using: WSS Username (Message) WSS Username Configuration Username Password | SAML Issuer Configuration Communicate using: WSS Username Authenticate using: Custom credentials Username Password | |
Issuer Communication Communicate Using: Kerberos Over Transport (Message) Authentication Mode: Custom Credentials Client Principal Client Password Service Principal Service Principal Form Host Based Username Authentication Mode: Delegate Incoming Token Client Principal Client Password Service Principal Service Principal Form Host Based Username | SAML Issuer Configuration Communicate using: Kerberos Authenticate using: Custom Credentials Client Principal Client Password Service Principal Service Principal Form Username Hostbased Authenticate using: Delegate incoming credentials Client Principal Client Password Service Principal Service Principal Form Username Hostbased Authenticate using: Incoming HTTP basic auth credentials Service Principal Service Principal Form Username Hostbased | |
Endpoint | Endpoint URI | |
Applies to | Applies to | |
SAML Version SAML 1.1 SAML 2.0 | SAML Version SAML 1.1 SAML 2.0 | |
WS-Trust Version: VERSION_05_02 VERSION_05_12 | WS-Trust Version: WS-Trust 1.0 WS-Trust 1.3 | |
Signing Alias | Signing configurations: Keystore alias Key alias | This parameter refers to the authentication configurations that should be used for signing outbound messages. The parameter Signing Alias of CentraSite is mapped in to the parameter Key alias in API Gateway. The parameter Keystore alias is mapped in to the parameter Keystore alias as defined in the Keystore/Truststore configuration page (go to Username > Administration > General > Security) in API Gateway. |
Encryption Alias | Encryption configurations: Truststore alias Certificate alias | This parameter refers to the authentication configurations that should be used for encrypting outbound messages. The parameter Encryption Alias of CentraSite is mapped in to the parameter Certificate alias in API Gateway. The parameter Truststore alias is mapped in to the parameter Truststore alias as defined in the Keystore/Truststore configuration page (go to Username > Administration > General > Security) in API Gateway. |
Extended Parameters Key Size Key Type Signature Algorithm Encryption Algorithm CanonicalizationAlgorithm ComputedKeyAlgorithm Encryption ProofEncryption KeyWrapAlgorithm SignWith EncryptWith | Request security token template parameters: Key Value |
CentraSite | API Gateway | Notes |
Media Type: | Default Content-Type: | Though this policy is listed in the Policy catalog of a SOAP API, it is applicable only for a REST enabled SOAP API in API Gateway. |
CentraSite | API Gateway | Notes |
Media Type: | Default Accept Header: | Though this policy is listed in the Policy catalog of a SOAP API, it is applicable only for a REST enabled SOAP API in API Gateway. |
CentraSite | API Gateway | Notes |
Select Type: Transformation Alias Alias Name | XSLT Transformation Alias | |
Select Type: Transformation File Transformation File | XSLT Document XSLT File XSLT Features Feature Name Feature Value | Regardless of a XSLT file name, for example, PreProcessingXSLT.xsl defined in CentraSite, the XSLT file name is transformed into a default name, RequestProcessingXSLT_<X>.xsl in API Gateway. Here, X is an integer, which denotes the number of XSLT files that are mapped from CentraSite to API Gateway. Let us consider an API contains two Request Transformation polices, each defined with an unique XSLT file, PreProcessingXSLT1.xsl and PreProcessingXSLT2.xsl in CentraSite. When this API is published from CentraSite to API Gateway, the two Request Transformation polices are mapped into a single Request Transformation policy in API Gateway. The XSLT file names are transformed as RequestProcessingXSLT_1.xsl and RequestProcessingXSLT_2.xsl in API Gateway. |
CentraSite | API Gateway | Notes |
Select Type: Transformation Alias Alias Name | XSLT Transformation Alias | |
Select Type: Transformation File Transformation File | XSLT Document XSLT File XSLT Features Feature Name Feature Value | Regardless of a XSLT file name, for example, PostProcessingXSLT.xsl defined in CentraSite, the XSLT file name is transformed into a default name, ResponseProcessingXSLT_<X>.xsl in API Gateway. Here, X is an integer, which denotes the number of XSLT files that are mapped from CentraSite to API Gateway. Let us consider an API contains two Response Transformation polices, each defined with an unique XSLT file, PostProcessingXSLT1.xsl and PostProcessingXSLT2.xsl in CentraSite. When this API is published from CentraSite to API Gateway, the two Response Transformation polices are mapped into a single Response Transformation policy in API Gateway. The XSLT file names are transformed as ResponseProcessingXSLT_1.xsl and ResponseProcessingXSLT_2.xsl in API Gateway. |
CentraSite | API Gateway | Notes |
Select Type: webMethods IS Service webMethods IS Service | webMethods IS Service | |
Select Type: webMethods IS Service Alias webMethods IS Service Alias | webMethods IS Service |
CentraSite | API Gateway | Notes |
Select Type: webMethods IS Service webMethods IS Service | webMethods IS Service | |
Select Type: webMethods IS Service Alias webMethods IS Service Alias | webMethods IS Service |
CentraSite | API Gateway | Notes |
Error Conditions Type: HTTP Header Header Name Header Value | Error Conditions Type: Header Error Criteria Header Name Header Value | |
Error Conditions Type: Status Code Code | Error Conditions Type: Status Code Error Criteria Code | |
Error Conditions Type: XPath Expression XPath Expression Namespaces Prefix URI Value | Error Conditions Type: XPath Expression XPath Expression Namespace Namespace Prefix Namespace URI Value | |
Pre-Processing Type: ESB webMethods IS Service | Pre-Processing Type: Invoke webMethods Integration Server Service webMethods IS Service | |
Pre-Processing Type: XSLT Transformation File | Pre-Processing Type: XSLT Transformation XSLT Document XSLT File XSLT Features Feature Name Feature Value | |
Failure Message Content Type json text xml Error Template Use as default (check box) | Failure Message Failure Messages json text xml Error Template Use as default (check box) | |
Custom Error Variable Payload Type Request Response Name XPath Expression Namespaces Prefix URI | Custom Error Variable Payload Type Request Response Name XPath Expression Namespaces Namespace Prefix Namespace URI | |
Post-processing Type: XSLT Transformation File | Pre-Processing Type: XSLT Transformation XSLT Document XSLT File XSLT Features Feature Name Feature Value | |
Send Native Provider Fault Message (check box) | Send Native Provider Fault Message (check box) |
CentraSite | API Gateway | Notes |
Protocol HTTP HTTPS | Protocol HTTP HTTPS | When the policy Require SSL is included to the API's policy list in CentraSite, the parameter HTTPS is selected in API Gateway. |
SOAP Version SOAP 1.1 SOAP 1.2 | SOAP version SOAP 1.1 SOAP 1.2 |
CentraSite | API Gateway | Notes |
JMS Trigger | JMS Provider Endpoint Alias | When the policy Require SSL is included to the API's policy list in CentraSite, the parameter HTTPS is selected in API Gateway. |
SOAP Version SOAP 1.1 SOAP 1.2 | SOAP version SOAP 1.1 SOAP 1.2 |
CentraSite | API Gateway | Notes |
Connection URL | Connection URL | |
Destination Name | Reply to Destination | |
Priority | Priority | |
Timeout (ms) | Timeout (ms) | |
Delivery Mode Non Persistent Persistent | Delivery Mode Non Persistent Persistent |
CentraSite | API Gateway | Notes |
Property Name | JMS Property JMS Property Key | |
Property Value | JMS Property JMS Property Value |
CentraSite | API Gateway | Notes |
Header Name | JMS Property JMS Property Key | |
Header Value | JMS Property JMS Property Value |
CentraSite | API Gateway | Notes |
Payloads Request Response | Store Request Payload Store Response Payload Compress Payload Data | |
Log Generation Frequency Always On Failure On Success | Log Generation Frequency Always On Failure On Success | |
Send Log Data API Portal Audit Log CentraSite EDA / Database ElasticSearch E-mail Local Log SNMP | Send Log Data API Gateway API Portal Audit Log CentraSite Digital Events Elasticsearch E-mail JDBC Local Log: Log Level Error Info Warn SNMP | Beginning with version 10.1, API Gateway supports the following destinations: Audit Log CentraSite Digital Events Elasticsearch Email Local Log SNMP The destination name for database is changed from EDA / Database in CentraSite to JDBC in API Gateway. Therefore, when the parameter Send Log Data is set to EDA / Database in CentraSite, the pool alias definition and the corresponding configurations are mapped into JDBC in API Gateway. When the EDA / Database destination is selected in CentraSite, it also automatically selects the Digital Events destination in API Gateway. |
CentraSite | API Gateway | Notes |
Action Configuration: Name Availability Average Response Time Fault Count Maximum Response Time Minimum Response Time Successful Request Count Total Request Count | Action Configuration: Name Availability Average Response Time Fault Count Maximum Response Time Minimum Response Time Successful Count Total Request Count | |
Action Configuration: Operator Equal To Greater Than Less Than | Action Configuration: Operator Equal To Greater Than Less Than | |
Action Configuration: Value | Action Configuration: Value | |
Alert Parameters: Alert Interval (minutes) | Alert Interval: Unit: Minutes Hours Days Weeks | |
Alert for Consumer Applications | Consumer Applications | Names of the Consumer Applications in CentraSite are transformed into Application IDs in API Gateway. |
Alert Parameters: Alert Destination API Portal CentraSite EDA/Database Elasticsearch E-mail Local Log: Log Level Error Info Warn SNMP | Alert Destination API Gateway API Portal CentraSite Digital Events Elasticsearch Email JDBC Local Log: Log Level Error Info Warn SNMP | Beginning with version 10.1, API Gateway supports the following destinations: Audit Log CentraSite Digital Events Elasticsearch Email Local Log SNMP The destination name for database is changed from EDA / Database in CentraSite to JDBC in API Gateway. Therefore, when the parameter Send Log Data is set to EDA / Database in CentraSite, the pool alias definition and the corresponding configurations are mapped into JDBC in API Gateway. When the EDA / Database destination is selected in CentraSite, it also automatically selects the Digital Events destination in API Gateway. |
Alert Parameters: Alert Message | Alert Message |
CentraSite | API Gateway | Notes |
Actions: Name Availability Average Response Time Fault Count Maximum Response Time Minimum Response Time Successful Request Count Total Request Count | Action Configuration: Name Availability Average Response Time Fault Count Maximum Response Time Minimum Response Time Successful Count Total Request Count | The Soft Limit configuration of Throttling Traffic Optimization policy action under the Policy Enforcement > Traffic Management accordion in CentraSite is mapped into this policy in API Gateway. |
Actions: Operator Equal To Greater Than Less Than | Action Configuration: Operator Equal To Greater Than Less Than | |
Actions: Value | Action Configuration: Value | |
Alert Parameters: Alert Interval (minutes) | Alert Interval Unit Minutes Hours Days Weeks | |
Alert for Consumer Applications | Consumer Applications | Names of the consumer applications in CentraSite are transformed into Application IDs in API Gateway. As a pre-requisite the appropriate consumer applications should be migrated from CentraSite toAPI Gateway. |
Alert Parameters: Alert Frequency Every Time Only Once | Alert Frequency Every Time Only Once | |
Alert Parameters: Alert Destination API Portal CentraSite EDA/Database Elasticsearch E-mail Local Log: Log Level Error Info Warn SNMP | Alert Destination API Gateway API Portal CentraSite Digital Events Elasticsearch Email JDBC Local Log: Log Level Error Info Warn SNMP | Beginning with version 10.1, API Gateway supports the following destinations: Audit Log CentraSite Digital Events Elasticsearch Email Local Log SNMP The destination name for database is changed from EDA / Database in CentraSite to JDBC in API Gateway. Therefore, when the parameter Send Log Data is set to EDA / Database in CentraSite, the pool alias definition and the corresponding configurations are mapped into JDBC in API Gateway. When the EDA / Database destination is selected in CentraSite, it also automatically selects the Digital Events destination in API Gateway. |
Alert Parameters: Alert Message | Alert Message |
CentraSite | API Gateway | Notes |
Route To: | Endpoint URI: | |
Endpoint Properties: SOAP Optimization Method MTOM None SWA | SOAP Optimization Method: MTOM None SWA | |
Endpoint Properties: HTTP Connection Timeout (seconds) | HTTP Connection Timeout (seconds) | |
Endpoint Properties: Read Timeout (seconds) | Read Timeout (seconds) | |
Endpoint Properties: SSL Configuration Client Certificate Alias Keystore Alias | SSL Configuration Keystore Alias Key Alias | |
Endpoint Properties: WS-Security Header Pass all security headers Remove processed security headers | Pass WS-Security Headers (check box) | When the parameter WS-Security Header is set to Pass all security headers in CentraSite, the parameter Pass WS-Security Headers is selected in API Gateway. When the parameter WS-Security Header is set to Remove processed security headers in CentraSite, the parameter Pass WS-Security Headers is NOT selected in API Gateway. |
CentraSite | API Gateway | Notes |
Route To: | Default Route To: Endpoint URI | |
Endpoint Properties: SOAP Optimization Method MTOM None SWA | Default Route To : SOAP Optimization Method MTOM None SWA | |
Endpoint Properties: HTTP Connection Timeout (seconds) | Default Route To : HTTP Connection Timeout (seconds) | |
Endpoint Properties: Read Timeout (seconds) | Default Route To : Read Timeout (seconds) | |
Endpoint Properties: SSL Configuration Client Certificate Alias Keystore Alias | Default Route To: SSL Configuration Keystore Alias Key Alias | |
Endpoint Properties: WS-Security Header Pass all security headers Remove processed security headers | Default Route To : Pass WS-Security Headers (check box) | When the parameter WS-Security Header is set to Pass all security headers in CentraSite, the parameter Pass WS-Security Headers is selected in API Gateway. When the parameter WS-Security Header is set to Remove processed security headers in CentraSite, the parameter Pass WS-Security Headers is NOT selected in API Gateway. |
Not applicable | Rules : Name | Regardless of a rule name, for example, Custom Rule, defined in CentraSite, the rule name is transformed into a default name, Rule <X> in API Gateway. Here, X is an integer, which denotes the number of rules that are mapped from CentraSite to API Gateway. Let us consider an API contains the Context Based Routing policy action with two routing rules, each defined with an unique name, Custom Rule A and Custom Rule B in CentraSite. When this API is published from CentraSite to API Gateway, the two routing rules are mapped into the policy Context-based Routing in API Gateway. The rule names are transformed as Rule 1 and Rule 2 in API Gateway. |
Routing Rule: XPath Expression | Rules: XPath Expression | |
Routing Rule: Namespace Prefix URI | Rules: Namespace Namespace Prefix Namespace URI | |
Routing Rule: Route To | Rules: Route To |
CentraSite | API Gateway | Notes |
Route To: | Endpoint URI | |
Endpoint Properties: SOAP Optimization Method MTOM None SWA | SOAP Optimization Method MTOM None SWA | |
Endpoint Properties: HTTP Connection Timeout (seconds) | HTTP Connection Timeout (seconds) | |
Endpoint Properties: Read Timeout (seconds) | Read Timeout (seconds) | |
Endpoint Properties: SSL Configuration Client Certificate Alias Keystore Alias | SSL Configuration Keystore Alias Key Alias | |
Endpoint Properties: WS-Security Header Pass all security headers Remove processed security headers | Pass WS-Security Headers (check box) | When the parameter WS-Security Header is set to Pass all security headers in CentraSite, the parameter Pass WS-Security Headers is selected in API Gateway. When the parameter WS-Security Header is set to Remove processed security headers in CentraSite, the parameter Pass WS-Security Headers is NOT selected in API Gateway. |
Timeout (seconds) | Suspend duration (seconds) |
CentraSite | API Gateway | Notes |
Header Name | HTTP Header HTTP Header Key | |
Header Value | HTTP Header HTTP Header Value |
CentraSite | API Gateway | Notes |
Route To: | Default Route To: Endpoint URI | |
Endpoint Properties: SOAP Optimization Method MTOM None SWA | Default Route To : SOAP Optimization Method MTOM None SWA | |
Endpoint Properties: HTTP Connection Timeout (seconds) | Default Route To : HTTP Connection Timeout (seconds) | |
Endpoint Properties: Read Timeout (seconds) | Default Route To : Read Timeout (seconds) | |
Endpoint Properties: SSL Configuration Client Certificate Alias Keystore Alias | Default Route To: SSL Configuration Keystore Alias Key Alias | |
Endpoint Properties: WS-Security Header Pass all security headers Remove processed security headers | Default Route To : Pass WS-Security Headers (check box) | When the parameter WS-Security Header is set to Pass all security headers in CentraSite, the parameter Pass WS-Security Headers is selected in API Gateway. When the parameter WS-Security Header is set to Remove processed security headers in CentraSite, the parameter Pass WS-Security Headers is NOT selected in API Gateway. |
Routing Rule : Name | Rules : Name | Regardless of a rule name, for example, Custom Rule, defined in CentraSite, the rule name is transformed into a default name, Rule <X> in API Gateway. Here, X is an integer, which denotes the number of rules that are mapped from CentraSite to API Gateway. Let us consider an API contains the Context Based Routing policy action with two routing rules, each defined with an unique name, Custom Rule A and Custom Rule B in CentraSite. When this API is published from CentraSite to API Gateway, the two routing rules are mapped into the policy Context-based Routing in API Gateway. The rule names are transformed as Rule 1 and Rule 2 in API Gateway. |
Not applicable | Rules: Condition Operator Or And | |
Routing Rule: Condition Variable Consumer Custom Context Variable Date IP Address IPv6 Address Predefined Context Variable Time Consumer | Rules: Condition Variable Consumer Date IPV4 IPV6 Predefined Context Variable Custom Context Variable Time Variable Value | Beginning with version 10.1, API Gateway supports custom context variables in a routing rule that you create. The custom context variable name in CentraSite is automatically prefixed with mx: in API Gateway. For a list of the predefined context variables, see below. |
Routing Rule: Route To | Rules: Route To |
Display Name in CentraSite | Display Name in API Gateway |
Average Response Time | Not applicable |
Fault Count | Not applicable |
Minimum Response Time | Not applicable |
Maximum Response Time | Not applicable |
Success Count | Not applicable |
Total Count | Not applicable |
Client IP Address | Inbound IP |
Consumer | Consumer |
Inbound Content Type | Inbound Content Type |
Inbound HTTP Method | Inbound HTTP Method |
Inbound Protocol | Inbound Protocol |
Mediator Hostname | Gateway Hostname |
Mediator IP Address | Gateway IP |
Mediator Target Name | Not applicable |
Native Service Provider Error | Not applicable |
Native Service Response Message | Not applicable |
Outbound HTTP Method | Routing Method |
User | User |
Virtual Service Name | Not applicable |
Virtual Service Operation | Operation Name |
Virtual Service URI | Inbound Request URI |
Not applicable | Inbound Accept |
CentraSite | API Gateway | Notes |
Route using: Context Variable Header Header Name | Rule: Route Using Context Header Header Name | |
Route Through | Default Route To: Endpoint URI | |
Default Route-To | Route To | |
Endpoint Properties: SOAP Optimization Method MTOM None SWA | Default Route To: SOAP Optimization Method MTOM None SWA | |
Endpoint Properties: HTTP Connection Timeout (seconds) | Default Route To: HTTP Connection Timeout (seconds) | |
Endpoint Properties: Read Timeout (seconds) | Default Route To: Read Timeout (seconds) | |
Endpoint Properties: SSL Configuration Client Certificate Alias Keystore Alias | Default Route To: SSL Configuration Keystore Alias Key Alias | |
Endpoint Properties: WS-Security Header Pass all security headers Remove processed security headers | Default Route To: Pass WS-Security Headers (check box) | When the parameter WS-Security Header is set to Pass all security headers in CentraSite, the parameter Pass WS-Security Headers is selected in API Gateway. When the parameter WS-Security Header is set to Remove processed security headers in CentraSite, the parameter Pass WS-Security Headers is NOT selected in API Gateway. |
CentraSite | API Gateway | Notes |
Perform authorization against: List of users Users | List of Users | |
Perform authorization against: List of groups Groups | List of Groups |
CentraSite | API Gateway | Notes |
Allow Anonymous Usage True False | Allow anonymous | When the parameter Allow Anonymous Usage is set to True in CentraSite, the parameter Allow anonymous is selected in API Gateway. When the parameter Allow Anonymous Usage is set to False or if the policy action is NOT defined in CentraSite, the parameter Allow anonymous is NOT selected in API Gateway. |
CentraSite | API Gateway | Notes |
Hard Limit: Rule Name Total Request Count | Limit Configuration: Rule Name Total Request Count | |
Hard Limit: Operator Greater Than | Limit Configuration: Operator Greater Than | |
Hard Limit: Value | Limit Configuration: Value | |
Hard Limit: Alert Message for Hard Limit | Alert Message | |
Soft Limit : Rule Name Total Request Count | Action Configuration: Name Total Request Count | Depending on the value specified for the parameter Consumer Applications, the Soft Limit configuration of this policy action in CentraSite is mapped into one of the following policies under the Traffic Monitoring stage in API Gateway: If the value is set to a specific consumer, then this configuration is mapped into the policy Monitor Service Level Agreement. If the value is set to Any consumer application, then this configuration is mapped into the policy Monitor Service Performance. |
Soft Limit : Operator Greater Than | Action Configuration: Operator Greater Than | |
Soft Limit : Value | Action Configuration: Value | |
Soft Limit : Alert Message for Hard Limit | Alert Message | |
Consumer Applications | Consumer Applications | Names of the consumer applications in CentraSite are transformed into Application IDs in API Gateway. |
Interval Value Minutes Hours Days Weeks | Alert Interval Unit: Minutes Hours Days Weeks | |
Frequency Every Time Only Once | Alert Frequency Every Time Only Once | |
Alert Destination API Portal CentraSite EDA/Database Elasticsearch E-mail Local Log: Log Level Error Info Warn SNMP | Alert Destination API Gateway API Portal CentraSite Digital Events Elasticsearch E-mail JDBC Local Log: Log Level Error Info Warn SNMP | Beginning with version 10.1, API Gateway supports the following destinations: Audit Log CentraSite Digital Events Elasticsearch Email Local Log SNMP The destination name for database is changed from EDA / Database in CentraSite to JDBC in API Gateway. Therefore, when the parameter Send Log Data is set to EDA / Database in CentraSite, the pool alias definition and the corresponding configurations are mapped into JDBC in API Gateway. When the EDA / Database destination is selected in CentraSite, it also automatically selects the Digital Events destination in API Gateway. |
CentraSite | API Gateway | Notes |
Configure Caching based on: HTTP Header Header Name Add to Whitelist Whitelist (Cache only for these values) | Cache Criteria: HTTP Header Cache responses only for these values | |
Configure Caching based on: Path | No cache criteria | If none of the cache criteria is specified, then API Gateway internally uses the Path criteria for caching the API response. |
Configure Caching based on: XPath Expression Namespace Prefix URI XPath Expression Add to Whitelist Whitelist (Cache only for these values) | Cache Criteria: XPath Expression Namespace Prefix URI XPath Expression Cache responses only for these values | |
Not applicable | Cache Criteria: Query Parameters Parameter Name Cache responses only for these values | |
Time to Live (e.g., 5d 4h 1m) | Time to Live (e.g.,5d 4h 1m) | |
Maximum Response Payload Size (in KB, -1 = unlimited) | Maximum Response Payload Size (in KB) |
CentraSite | API Gateway | Notes |
Anonymous Usage Allowed Yes No | Allow anonymous | When the parameter Anonymous Usage Allowed is set to Yes in CentraSite, the parameter Allow anonymous is selected (set to True) in the policy Identify and Authorize Application. When the parameter Anonymous Usage Allowed is set to No in CentraSite, the parameter Allow anonymous is NOT selected (set to False) in the policy Identify and Authorize Application. |
Identify User Using IP Address | Identification Type IP Address Range | |
Identify User Using Token Derived from Host Name | Identification Type Hostname Address | |
Identify User Using Token Derived from HTTP Header | Identification Type HTTP Basic Authentication | |
Identify User Using Token Derived from WSS Header | Identification Type WS Security Username token | |
Identify User Using Token Derived from Custom XPATH | Identification Type XPath expression | |
Identify User Using Consumer Certificate | Identification Type WS Security X.509 Certificate | |
Identify User Using Client Certificate for SSL Connectivity | Identification Type SSL Certificate |
Note: | If this policy action is configured with Authorize Against Registered Consumer in CentraSite Control, the parameter Application Lookup Condition is set to Registered applications in the policy Identify and Authorize Application in API Gateway. If this policy action is NOT configured with Authorize Against Registered Consumer in CentraSite Control, then the parameter Application Lookup Condition is set to Global applications in the policy Identify and Authorize Application in API Gateway. |
CentraSite | API Gateway | Notes |
Not applicable | Application Lookup Condition: Registered applications | The parameter Application Lookup Condition is set to Registered applications in the policy Identify and Authorize Application. |
Note: | This policy action is dependent on the Identify Consumer action in CentraSite Control. |
CentraSite | API Gateway | Notes |
Authentication Required | HTTP Basic Authentication | When the parameter Authentication Required is selected in CentraSite, the parameter HTTP Basic Authentication is selected (set to True) in the policy Inbound Authentication - Transport. |