Configure Kerberos principal

This section describes how to add Kerberos principal for API Gateway acting as a Kerberos service using Policy Studio. For more information on working in Policy Studio, see the API Gateway Policy Developer Guide.

The client application can provide Kerberos token to API Gateway using Kerberos, and the back-end service supports some other authentication mechanism, so you do not need to configure Kerberos principals for them.

  1. In the node tree, click Environment Configuration > External Connections > Kerberos Principals.
  2. Click Add a Kerberos principal.
  3. Enter a name, such as ServiceGateway.
  4. In Principal Name, enter the SPN you mapped to the user account on Active Directory (HTTP/
  5. Ensure Principal Type is set to NT_USER_NAME, and click OK.

For more details on the fields and options in this configuration window, see Configure Kerberos principals in the API Gateway Policy Developer Guide.

For next steps, see Configure API Gateway policy.

Related Links