FAQs for gateways
This FAQ guide offers clear, concise answers to common questions about configuring, securing, and managing gateways in IBM® API Connect. Learn how to choose gateway types, apply runtime policies, enforce security schemes, and monitor performance all within IBM’s robust API management framework.
- What is the role of an API Gateway in API Connect?
- It enforces runtime policies, secures and controls API traffic, provides endpoints for API exposure, enables assembly functions for integration, and logs/report interactions to analytics.
- Which gateway types are supported in API Connect?
-
- DataPower API Gateway (modern, supports OpenAPI 3.0, advanced security)
- DataPower Gateway (v5 compatible) (legacy, supports OpenAPI 2.0)
- Can multiple gateway types be used in one environment?
- Yes, but each API or product must specify one gateway type for deployment.
- What protocols do gateways support?
- REST, SOAP, GraphQL, and WebSocket (with limitations)
- How do gateways integrate with analytics?
- They log API interactions and forward them to the analytics engine for real-time and historical reporting.
- What happens if policies are unsupported by the selected gateway?
- Validation will fail. You must remove or replace incompatible policies before publishing.
- Are global policies supported across gateways?
- Yes, but they must be uploaded to each gateway service within the catalog.
- Can I apply rate limits at the gateway level?
- Yes, rate limits can be applied per API, plan, or operation with intervals like second, minute, hour, day, or week.
- Does the gateway support GraphQL-specific policies?
- Yes, including cost analysis and type-based rate limits.
- Do policy versions matter?
- Yes, policies must be compatible with the gateway type and version to ensure proper functionality.
- What security schemes are supported?
- API Key, OAuth2, OIDC, JWT, Basic Auth, LDAP, TLS profiles, and mTLS.
- Can I define multiple API key schemes?
- Yes, but a maximum of two API key schemes can be defined per API.
- Are JWT validation and generation supported?
- Yes, using validate-jwt and generate-jwt policies.
- Can gateways integrate with enterprise user registries?
- Yes, including LDAP, OIDC, and custom registries.
- How do I monitor gateway logs?
- Use the API Manager UI or CLI to download logs and check processing status.
- How do I validate gateway-specific configurations?
- Use apic validate CLI or governance service for YAML/JSON definitions.