With the introduction of the Microgateway 4.0 the communication between IAM and Microgateway 4.X is migrated from a proprietary protocol based on Env Cookies and CAPI (Control API) to HTTP Headers.
The following table gives an overview of the features that are currently supported by different versions of Gateway and Microgateway:
Feature | Gateway | Microgateway 3.X | Microgateway 4.0 |
---|---|---|---|
Client IP | |||
URL (as seen by the client) | |||
TLS Client Cert information | |||
Request ID | |||
Session ID | |||
Cookie handling
| |||
Session management
| |||
Roles and roles expiration
| |||
Identity propagation | |||
Mapping templates with IAM specific security settings | |||
Helm chart with IAM specific security settings | |||
CSRF protection | |||
OpenAPI specification enforcement | |||
API Policy and rate limiting |