At high-level, this API gateway it's an HTTP reverse proxy exposing a , where the response for invocation of a public API is the result of a configurable process which involves the invocation of one or more .
- configurable mapping between public and internal APIs
- authentication / authorization enforcement
- monitor / statistics
- lifecycle management: draft / staging / published / deprecated / ...
For reference / inspiration:
Good candidate for building upon appears to be Spring Cloud Gateway
|Protected SRA Routes: OAuth 2.0 / OpenID Connect 1.0||Resolved|
|Protected SRA Routes: SAML 2.0||Resolved|
|Protected SRA Routes: CAS||Resolved|