Authenticating by using your enterprise user registry
IBM® API Connect for IBM Cloud supports a variety of user registry types for authenticating users and securing APIs.
You can use your enterprise user registry for authentication in IBM API Connect for IBM Cloud if it is of one of the following types:
- LDAP directory
- If your user registry uses Lightweight Directory Access Protocol (LDAP), you can use it in IBM API Connect for IBM Cloud for both user authentication and API security.
- Authentication URL
- You can configure a non-LDAP user registry by using an authentication URL. An authentication URL enables integration with third-party authentication providers. You can use an authentication URL in IBM API Connect for IBM Cloud for both user authentication and API security.
- SCIM
- Important: Support for the SCIM registry type is deprecated and the feature will not be available after the IBM API Connect Version 5.0 release.IBM API Connect for IBM Cloud can authenticate with a user registry by using the System for Cross-domain Identity Management (SCIM) standard. Consider using SCIM if you have a custom user registry; you can implement a SCIM
bridge
to enable IBM API Connect for IBM Cloud to connect to your registry. SCIM can be used for user authentication but not for API security.Note: The SCIM user registry type is supported only with a custom developer portal that is based on the public IBM API Connect for IBM Cloud REST APIs. - Local User Registry
- You can authenticate users with a local user registry. A local user registry is an internal registry stored within API Connect for IBM Cloud.