Skip to Content

Changes for page Data Exchange

Last modified by Erik Bakker on 2026/01/02 10:46
From version 19.1
edited by Erik Bakker
on 2026/01/02 10:46
Change comment: There is no comment for this version
To version 18.1
edited by Erik Bakker
on 2024/09/05 14:00
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -34,7 +34,7 @@
34 34  
35 35  === 3.2 API Gateway ===
36 36  
37 -A structure with roles and rights per role can be specified within the portal to secure the front end of the API Gateway in eMagiz. Note that for the backend of the API Gateway, the same logic applies as stated above for messaging, which means that eMagiz supports the industry standard. Therefore, you as a user should confer with the external party about the correct method.
37 +A structure with roles and rights per role can be specified within the portal or via an external IDP to secure the front end of the API Gateway in eMagiz. Note that for the backend of the API Gateway, the same logic applies as stated above for messaging, which means that eMagiz supports the industry standard. Therefore, you as a user should confer with the external party about the correct method.
38 38  
39 39  ==== 3.2.1 Portal ====
40 40  
... ... @@ -42,12 +42,12 @@
42 42  
43 43  [[image:Main.Images.Fundamental.WebHome@fundamental-emagiz-security-guide--api-gateway-portal-feedback.png]]
44 44  
45 -==== 3.2.2 IDP ====
45 +==== 3.2.2 (External) IDP ====
46 46  
47 -Apart from configuring the roles, users, and rights within the portal itself, data needs to be exchanged with an identity provider (IDP).
47 +Apart from configuring the roles, users, and rights within the portal itself, it is also possible to hook the API Gateway up to an (external) IDP.
48 48  By communicating with this IDP via the OAuth2.0 protocol, a check is done every time a client calls a specific operation to see whether that client has sufficient rights to access the operation.
49 49  
50 -If the client has sufficient rights, the process continues. On the other hand, if the client has insufficient rights, the client receives a 401 Unauthorized.
50 +If the client has sufficient rights, the process continues. For example, if the client has insufficient rights, the client receives a 401 Unauthorized.
51 51  
52 52  ==== 3.2.3 Error Handling ====
53 53