You can use API Gateway to define user information on the API Gateway server. The definition of user contains the login ID, password, and group membership.

Alternatively, you can set up API Gateway to access the information from a local user management system or you can use webMethods Integration Server to configure the Lightweight Directory Access Protocol (LDAP) external directory that your site uses for user information:

webMethods Integration Server uses user information to authenticate clients and determine the server resources that a client is allowed to access. If the server is using basic authentication (username and password) to authenticate a client, it uses the login ID and passwords defined in user accounts to validate the credentials a client supplies.

API Gateway enables you to define user and group information to the API Gateway server. The user definition contains the user login ID, password, and group membership. The group definition contains the group name and a list of users in the group. Once a group is created, the functional privileges are associated to a group using Access profiles. For example, a user has the administrative privileges if he or she belongs to the Administrators group or to any other group added to the access profile having administrator functional privileges.

You can add and manage user information from the User Management page. This page lists all the basic information for the following:

User must be associated with atleast one access profile to access and login to API Gateway.

You must associate a user with a group and the group can be associated with an access profile. The user cannot access API Gateway if the corresponding user group is not associated with an access profile. For more information on access profiles, see Access Profiles.