Security Service Providers
This section describes the following types of security service providers:
Authenticated Service provider ensures that access is restricted to authenticated user. To access the web services managed by the API Exchange Gateway, the user must include an appropriate token in the SOAP header to authenticate.
The supported authentication tokens are:
- Web Services Security usernameToken
- Web Services Security X.509 Certificate
- Web Services Security SAML token profile
- Identity Service Providers
Identity service providers makes use of public and private credentials for common trust and identity operations such as token signing, data encryption and creation of SSL connections. The main types of identity service providers are Trust Identity Provider and Subject Identity Provider.