API Gateway Authorization

Goal

This tutorial demonstrates how to enforce Keymate authorization decisions at the API gateway layer, using an API gateway or sidecar proxy to intercept requests and evaluate policies before they reach upstream services.

Prerequisites

A running Keymate environment with the Access Gateway configured
An API gateway or sidecar proxy deployed and routing traffic
Test API endpoints to protect

Steps

1. Register Protected Resources in Keymate

TBD

2. Configure the Gateway Authorization Plugin

TBD

3. Define Authorization Policies

TBD

4. Test Authorized and Denied Requests

TBD

Gateways & Mesh
Access Gateway
End-to-End Authorization Flow

Goal​

Prerequisites​

Steps​

1. Register Protected Resources in Keymate​

2. Configure the Gateway Authorization Plugin​

3. Define Authorization Policies​

4. Test Authorized and Denied Requests​

Related Docs​