Trusted Subsystem Security Pattern in an API Gateway Architecture

Flowing claims to downstream resources

One of the challenges in an API gateway architecture is flowing claims that establish the end user’s identity and the client’s identity at the API provider layer. This is also known as identity propagation. The trusted subsystem pattern is the most widely implemented security pattern for identity propagation in API gateway architectures in today’s organization.

Trusted Subsystem Security Pattern in an API Gateway Architecture