Secure Access to REST / SOAP APIs with Luminate
Modern IT environments often require applications and services located in different sites / datacenters to communicate directly via Application Programming Interfaces (APIs). The challenge with allowing such a communication is often in creating a secure way for providing connectivity (from API clients to API servers) and securely authenticating and authorizing clients. Complex security solutions, such as VPNs, Proxies, API/SOA Gateways are usually used to accomplish this task.
Luminate Secure Access Cloud provides a secure and easy to set up way to enable authenticated and authorized clients to access any API servers (exposed via HTTPS) using standard authentication protocols.
Below diagram depicts the typical environment:
The API Client will use a standard OAuth2/OpenID Connect protocol for authentication and authorization to access the API Server. Naturally, multiple API Servers can be "exposed" for authorized access with this method, located at different sites.
As an additional benefit of this brokered approach, API Servers (and their underlying infrastructure) can be migrated from one location to another without any effect on the clients.
The attached document describes the required configuration steps, as well as the steps required to be taken by the developers of API Clients.