Extending the Gateway server behavior

To support your enterprise requirements, you can extend the Gateway servers within IBM® API Connect to provide extra enforcement behavior.

Before you begin

Before you develop your extensions, consider the guidelines in the following topics depending on which type of gateway you are using:

For information on the different types of gateway, see API Connect gateway types.

About this task

API Connect Gateway servers uses a subset of DataPower® enforcement capabilities. You can supply DataPower Extensions to customize these enforcement capabilities further.

The DataPower extensibility function can be used to perform actions that include schema validation, antivirus scanning, message filtering, authentication, and authorization, token translation, message enrichment, encryption & decryption, digital signing, and validation and message transformation. For more information, see IBM DataPower documentation.

Important: Gateway server extensions must not be used to modify objects that cause the apic-gw-service object to restart, such as TLS Profiles, and Gateway Peering. Extensions that cause the apic-gw-service object to restart, lead to unpredictable behavior in the Gateway service.


To extend the default enforcement capabilities that are provided in API Connect for the Gateway server, complete the following steps.

  1. In your IBM DataPower environment, develop the configuration that you want to add to your Gateway server.
  2. Test your enforcement configuration before you add the configuration to the Gateway server.
  3. When you complete the IBM DataPower configuration, save the enforcement objects and files as a DataPower exported .zip file.
    The package file is ready to be uploaded to the Gateway server.
  4. Copy your exported configuration .zip file to a centralized file system ready for upload to the Gateway server.

What to do next

Upload your extension to the Gateway server; see Configuring your Gateway server extensions.