Hello, I am a newbie to API Gateway capabilities. Appreciate any insights they can offer with my requirement.
We have 2 IBM systems, which are connected to 2 backend user repositories generating their own individual LTPA Tokens. One IBM system can not understand other system's LTPA Token.
Can API Gateway's token translation service act as a broker and facilitate seemlees communication between 2 systems?
Technical flow would be:
A user logs into IBM System that is connected to Sun Directory -> LTPA 1 is generated
User goes to other IBM System -> LTPA can not be understood, so the second IBM System redirects the user to API Gateway STS along with LTPA 1
API Gateway should be able to read LTPA1 (assuming it has all the keys needed) , API Gateway creates LTPA2
APIGateway forwards the user to second IBM System along with LTPA 2 token.
Is it even possible? or am I getting the idea of STS completely wrong?
Also Another use case would be creating a LTPA token from SMSESSION token? Is it possible?