Layer7 API Management

  • 1.  Secure Token Service

    Posted Sep 12, 2017 11:11 AM

    Hello, I am a newbie to API Gateway capabilities. Appreciate any insights they can offer with my requirement.


    We have 2 IBM systems, which are connected to 2 backend user repositories generating their own individual LTPA Tokens. One IBM system can not understand other system's LTPA Token.

    Can API Gateway's token translation service act as a broker and facilitate seemlees communication between 2 systems?

    Technical flow would be:

    A user logs into IBM System that is connected to Sun Directory -> LTPA 1 is generated
    User goes to other IBM System -> LTPA can not be understood, so the second IBM System redirects the user to API Gateway STS along with LTPA 1
    API Gateway should be able to read LTPA1 (assuming it has all the keys needed) , API Gateway creates LTPA2
    APIGateway forwards the user to second IBM System along with LTPA 2 token.

    Is it even possible? or am I getting the idea of STS completely wrong?

    Also Another use case would be creating a LTPA token from SMSESSION token? Is it possible?