This session is all about Gravitee.io that consists of two modules: Gravitee.io Access Management, which is responsible for providing Authentication and Authorization with help of OAuth2.0 and OpenID Connect, and Gravitee.io API Management, which is responsible for the management of APIs, by simply publishing and consuming the APIs.
2. Introduction
Gravitee.io Access Management:
Gravitee.io Access Management (AM) is a flexible, lightweight and easy to use open source
Identity and Access Management solution
Basic Terminology:
Authentication: It is an act of validating that users are whom they claim to be
Authorization: It is a processing in system security to give the user permission to access the
resource or function
3. Authorization in AM:
AM is based on OAuth2/OpenID Connect protocols and acts as an identity provider broker
OAuth2.0:
OAuth2 is an authorization framework that allows applications acting on behalf of the end user
to obtain limited access to HTTP services. It defines two endpoints:
authorization endpoint and token endpoint
OpenID Connect:
OpenID Connect is an identity layer on top of the OAuth 2.0 protocol. It enables clients to verify
the identity of the end user by using an Authorization Server to authenticate and obtain basic
profile information about the end user
5. Why Gravitee.io Access Management:
With its intuitive, centralized design and easy integration with our API Management product,
Access Management is the natural Identity and Access Management platform choice for our
customers
Use Cases:
● User authentication and authorization
● New frontend, mobile or web application to securely access your APIs
● Using Gravitee.io API Management to manage your APIs
● Flexibility of logging in users either with a username and password
● Implement single sign-on to a group of applications
● Focus on developing apps
7. Components:
AM Gateway:
AM Gateway is the core component of the AM platform
AM APIs:
The RESTful APIs expose services to manage and configure the AM platform
AM Console:
This web UI acts as a graphical interface to the AM API functionality
8. Concepts:
Organization:
An organization is internal data space AM provisions for us
Environment:
An environment is a logical workspace in which administrative users can manage security
domains
Security Domain:
It is a series of security policies that apply to a set of applications
Application:
It provides the necessary information for authentication and authorization
Identity Provider:
It is a service to authenticate and communicate authorization and user information
9. Extension Endpoint:
It extends the behavior of the AM server by executing policies
Flow:
It allows us to build your own custom authentication and authorization
10. Plugins:
Plugins are additional components that can be plugged into AM Gateway or AM API. Below lists
the different types of plugins:
● Identity Providers
● Policies
● Reporters
● Repositories
● Alerts
11. Introduction:
Organizations are increasingly using API management solutions to publish their APIs to external
developers, internal developers and other partners
Additionally, growing customer base brings new challenges, such as:
● Reduce the time
● Identify partners
● Measure consumption
● Manages the API lifecycle
Gravitee.io API Management:
Gravitee.io API Management (APIM) is a flexible, lightweight, blazing-fast open source API
management solution
12. Why Gravitee.io API Management:
Gravitee.io API Management (APIM) began with our search for an open source API management
solution
Goal to achieve:
The goal is to provide users with a highly flexible and scalable solution which would integrate
seamlessly with their infrastructure and perfectly fit their business needs
14. Concepts:
The concepts you need to understand when using APIM:
● API
● Publisher
● Consumer
● Application
15. Components:
The main components included in APIM are:
APIM Gateway:
APIM Gateway is the core component of the APIM platform
APIM API:
This RESTful API exposes services to manage and configure the APIM Console and APIM Portal
web UIs
APIM Console:
This web UI gives easy access to some key APIM API services
APIM Portal:
This web UI portal gives easy access to some key APIM API services