As enterprises extend their reach to customers, partners and employees through apps they are often faced with the problem of bridging to existing systems designed with disparate token authentication technologies. This identity fragmentation problem results in slower time to market for new apps that must offer "app ready" token authentication support such as API keys and OAuth.
Rather than build an architecture that utilizes existing identity management investments, software developers often meet the challenge by designing addition token authentication services specifically for "apps" which can worsen the identity fragmentation problem. The new services enables a new set of applications, but at the cost of adding another disparate authentication service.
Organizations can reduce the costs of deploying apps and new token authentication services by deploying the Intel® Expressway API Manager as an authentication gateway that bridges between API Key and OAuth authentication and authorization protocols to legacy back-end systems such as LDAP/Active Directory, Kerberos, Siteminder, Oracle, IBM, SAML/WS-*, and custom authentication services.
For example, the Intel® Expressway API Manager can provide token authentication for API Keys and OAuth credentials expressed in API call headers and map these to Kerberos, SAML, Siteminder, Oracle and other systems in place that work with traditional Microsoft or web access management systems. This architecture reduces the need for new software development to handle new app-centric authentication schemes.
Moreover, Intel® Expressway API Manager can be deployed on-premise or in the cloud under the full control of the Enterprise, reducing the risks of a cloud-outsourced model.