If JavaScript is disabled, please continue to the
sitemap
.
Infor API Gateway Administration Guide
Home
Back
Back
Forward
Forward
Search
Copy URL
PDF
Print this page
Topic URL copied to clipboard
Show the Table of Contents
Hide the Table of Contents
About this guide
Overview of API Gateway
Benefits of using API Gateway
Components
Client applications
API Gateway engine
Target API servers
API backend service
Authentication server
Backend security
Backend protocol HTTPS vs HTTP
Backend authentication
Backend authentication choices
Basic authentication
OAuth 1.0a Zero-Legged Authentication
MutualSSL Authentication
API client development
Application workflow
Preparing to call APIs
Registering the client application
Best practice for OAuth 2.0 client management
Developing the application
Infor API Gateway SDK
Choosing a grant type
Java web applications
Acquire the OAuth client for Java web applications
Obtain the OAuth token for Java web applications
Use the OAuth token to consume API Gateway for Java web applications
Refresh the access token for Java web applications
Revoke the token for Java web applications
Example implementation for Java web applications
Sample application for Java web applications
Java thick clients
Acquire the OAuth client for Java thick clients
Obtain the OAuth token for Java thick clients
Use the OAuth token to consume API Gateway for Java thick clients
Refresh the access token for Java thick client
Revoke the token for Java thick clients
Example implementation for Java thick clients
Sample application for Java-thick clients
.Net web applications
Acquire the OAuth client for .Net web applications
Obtain the OAuth token for .Net web applications
Use the OAuth token to consume API Gateway for .NET web applications
Refresh the access token for .Net web applications
Revoke the token for .Net web applications
Example implementation for .Net web applications
Sample application for .Net web applications
.Net based thick clients
Request the authorization code
Obtain the authorization code
Obtain the access_token and refresh_token
Calling the service
Revoke the access token
Refresh the token for .Net-based thick clients
Revoke the refresh token for .Net-based thick clients
Backend applications (Java or .Net)
Register your backend application to obtain an OAuth ClientID and secret
Example HTTP request for the OAuth2 resource owner grant
.Net applications
Sample application
Go applications
OAuth 2.0 Token Management
Application development - handling API errors
Common error statuses
Releasing the application
Time-outs
Infor API flow
Administration
Limitations
Available APIs
Adding a new API suite
Infor Non-Provisioned
Custom or Non-Infor
Editing the API suite name and description
Adding policies
Adding suite policies
Adding endpoint policies
Editing and deleting policies
Deleting an API suite
API endpoints
Adding an endpoint
Editing endpoint details
Deleting an endpoint
Viewing API endpoint resources
Viewing API endpoint documentation
Adding API endpoint documentation
API deployments
Adding a deployment
Editing a deployment
Deleting a deployment
Viewing deployed endpoints
Associating endpoints
Authorized applications
Adding a non-Infor authorized application
Editing an authorized application
Deleting an authorized application
Locking an authorized application
Downloading credentials for an authorized application
Resetting the secret of an authorized application
Using the Smooth Reset Secret feature for authorized applications
Issuing a refresh token for an authorized application
Emailing the QR code for an authorized application
Disabling an authorized application
Enabling an authorized application
Cloning an authorized application
API metadata
Configuration
TLS version
Changing the minimum TLS version
General Settings
Export
JWK management
OAuth 2.0
Custom OAuth 2.0 scopes
Monitoring
API Gateway Health
API Gateway Monitoring
API Gateway Monitoring settings
API Suite Tracing
API Gateway Info
Search
Most Recent
Search Results
Transaction Details
Request Response Logging
Turning on Detailed Request Response logging in API Gateway Monitoring
Limitations
Authorizations
Authorizing and revoking authorization
Hybrid Deployment
Enterprise Connector
Prerequisites for Enterprise Connector with API Gateway
Limitations
Configuring Enterprise Connector for API Gateway
Enterprise Connector performance metrics
Interpreting the Enterprise Connector status
API Gateway bridge solution
Common terms
Configuration
In your single-tenant or on-premises API Gateway (Initial steps)
In your multi-tenant API Gateway
In your single-tenant/on-premises API Gateway (Return steps)
Gateway support for WebSocket
Adding Infor non-provisioned WebSocket endpoints in API Gateway
Adding a WebSocket type non-Infor endpoint
Monitoring
Limitations and best practices
Backend as a Service
Services
Viewing deployed BaaS services
Viewing BaaS service details
Updating the runtime configuration for a deployed service
Updating the deployment configuration for a deployed service
Redeploying a BaaS service
Redeploying with the current framework and deployment configuration
Redeploying with the latest framework
Logs
Changing the log level setting for a deployed service
Display of service log events per handler
Exporting a BaaS service
Importing a BaaS service
Deleting a BaaS service
Documents
Viewing BaaS documentation
Downloads
Downloading the SDK
Downloading the SDK from Visual Studio Code Marketplace
Monitoring
Viewing requests per API in a deployed BaaS service
Configuration Management
Adding resources to tags
Available APIs
Accessing REST API documentation for BaaS services
Policies
FaultHandling
Header
Quota
CacheResponse
JsonThreatProtection
JsonTransform
QueryParam
RegExThreatProtection
XmlThreatProtection
XmlToJson
CookieRewrite
Throttling
Transformation
Setting query-string parameters for a target API call
Setting headers for a target API call
SetReqHeader
UserSecurityClaims
Target timeout
Target timeout policy scope
Target timeout policy example
Target timeout elements
Maintenance window
OAuth2 scopes
Oauth2 scopes adoption by API Gateway (Infor suites and Infor/non-Infor authorized apps)
Configuring OAuth2 settings in API Gateway
Adding scopes for authorized apps or service accounts
Using a backend service to opt into using scopes
Using a mobile, web, or native application to opt into using scopes
Additional scope-related items to consider while developing authorized apps
Best practices
Client credentials grant
Using API Gateway to obtain tokens with the client credentials grant
Creating a backend service authorized app
Downloading the backend service authorized app credentials
Using the .ionapi credential to generate a Gateway token
Best practices for applications using the client credentials grant type
Troubleshooting issues with the client credentials grant type
Auditing and monitoring support for API Gateway
Viewing audit events for API Gateway
Audited API Gateway events
Open link in new tab
Open link in new window
Copy link to clipboard
Do you find this site useful?
Do you find this site useful?
The information was easy to find.
This page was clear and organized.
This page was easy to understand.
This page provided valuable insight.
My question was answered.
This page loads quickly.
Submit
I cannot find the information I need.
I found some information, but I need more details.
This page is difficult to understand.
This page contains link errors.
This page is outdated.
This page is difficult to use on my mobile device.
This page is slow to load.
Submit