GitHubContribute in GitHub: Open doc issue|Edit online

Getting Started

The IBM® Application Gateway (IAG) provides a containerized secure Web Reverse proxy that is designed to sit in front of your application, seamlessly adding authentication and authorization protection to your application.

Getting Started

Defining the Environment

At a high level, to start the IAG container define:

  1. The identity source for the environment. The container is able to protect applications by acting as an OIDC Relying Party, and protect API's using OAuth token introspection;
  2. The applications that are protected. For each application you might potentially need to define:
    1. The Web servers which host the application;
    2. The authorization policy for the application resources;
    3. Any rate-limiting rules to help manage access to the application;
    4. Any transformations that need to take place on either the HTTP request or response.


The following Hello World guides can be used to get IAG up and running quickly:

Learn more about IAG concepts with the following pages: