Trusted Subsystem Security Pattern in an API Gateway Architecture
Flowing claims to downstream resources
Published in
1 min readMar 17, 2018
One of the challenges in an API gateway architecture is flowing claims that establish the end user’s identity and the client’s identity at the API provider layer. This is also known as identity propagation. The trusted subsystem pattern is the most widely implemented security pattern for identity propagation in API gateway architectures in today’s organization.