Configure API gateway for API key-based access control


  • Configuration takes place in Airlock Gateway.
  • An Airlock Gateway license must be available.
  • You must be logged in as an admin in the Airlock Gateway Configuration Center.
  • A virtual host has been set up.
  • A back-end group has been set up.
  • A mapping between the virtual host and back-end group has been established.


  1. Go to:
  2. System Setup >> Network Service

  3. Add the required Airlock IAM API Policy Service endpoint(s).
  4. Go to:
  5. Application Firewall >> Reverse Proxy

  6. Choose the corresponding Mapping and open it.
  7. In the Access tab, edit the column Restricted to Plans (add more rows if required).
  8. Switch to the API Security tab.
  9. Enable the API Security policy service.
  10. Choose the correct API policy service.
  11. Select and configure the API Key Extraction types.
  12. Activate the configuration.
  13. API key-based access control is now enabled