API Gateway and Axway PassPort

This guide describes the interoperability between API Gateway and Axway PassPort. For specific information about the installation and general use of either API Gateway or Axway PassPort, refer to their respective documentation.

Why use the products together

You can use API Gateway to authenticate and authorize users against Axway PassPort.

The following diagram shows the sequence of events that occurs when a client sends a message to API Gateway. API Gateway authenticates the request sender against the authentication repository and then they are authorized against Axway PassPort. If the user is permitted access to the requested resource the request is routed to the Enterprise Application. Otherwise an appropriate fault message is returned to the client.

Deployment of API Gateway with Axway PassPort

This guide describes a simple scenario that demonstrates how to configure API Gateway to authenticate a user and authorize their requests for a particular resource against an Axway PassPort server.


The prerequisites for API Gateway and Axway PassPort interoperability are as follows.

API Gateway

You must install Axway API Gateway version 7.6.2 or higher, and have a valid API Gateway license file from Axway.

Axway PassPort

You must install Axway PassPort version 4.6 Service Pack 1 or higher and have a valid PassPort license file from Axway.

Note   Axway PassPort 4.4 Service Pack 9 or higher is also supported.

Curl testing utility

The steps outlined in this guide are tested using the Curl testing utility to send HTTP POST requests to API Gateway. It is available from the following URL:


Alternatively, you can use any client capable of sending HTTP POST requests with HTTP basic authentication.

Example LDAP structure

This guide uses the following LDAP structure as an example in the configuration of API Gateway and Axway PassPort.

Example LDAP structure

Further information

The configuration example described in this guide can be part of a larger policy, including features such as XML threat detection and conditional routing. For more information on these features see the API Gateway Policy Developer Guide and the API Gateway Policy Developer Filter Reference.

Related Links