Securing API Gateway Communication using TLS

Edit online

This section describes how to secure communication, by leveraging SSL/TLS, between API Gateway and the API Clients, Users, Backend services, and API Portal.

The following figure illustrates how API Gateway communicates securely using HTTPS in the basic API Management setup.

For ensuring the security of the data being transferred between two components, you can implement one-way or two-way SSL/TLS. In an API Management setup you can configure a secure communication between the following:

API Gateway and API clients. For details, see How Do I Secure API Gateway Server Communication with API Clients?
API Gateway UI and Users. For details, see How do I Secure API Gateway User Interface Communication?
API Gateway and API Portal. For details, see How do I Configure a Secure Communication Channel between API Gateway and API Portal?
API Gateway and API Data Store. For details, see How do I Secure API Data Store Communication using HTTPS?