API Security Gateway

Quickly Identity-enable Backend Applications and Services

Identity-enable APIs for secure integration with services. Check and enforce identity to protect APIs from unauthenticated and unauthorized users. Leverage any standards-compliant identity provider to integrate the Identity Gateway into the existing architecture. Single sign-on and single sign-off dramatically improves the user experience and will improve adoption and consumption of services.

The ForgeRock Identity Gateway checks the validity of the requestor’s credentials to ensure they are correctly authenticated and authorized to access the requested resource.

• Offers flexible credentials: OAuth 2.0, OpenID Connect, SAML & UMA 2.0
• Allows you to utilize pre-shared keys using the Access Management Secure Token Service (STS)
• Provides consistent levels of service by throttling access requests based on business need with parameters for time, day, week, user, domain, IP Address, and subscription levels
• Regulates spikes in traffic volume to reduce the risk of malicious attackers attempting denial-of-service (DDoS) attacks
• Extends authorization by leveraging the Identity Gateway as an independent policy enforcement point that is built on OAuth 2.0 and SAML standards
• Provides agent-less architecture to augment an existing WAM deployment
• Ensures consistent, secure access with single session sign-on and sign-out
• Simplifies and speeds configuration capabilities with a powerful design studio that lets developers configure Identity Gateway into a test or production environment only once

API Protection

Watch this quick overview of ForgeRock Identity Gateway and key features like throttling.