Getting Started

📘

IBM will no longer host IBM Security Verify containers on Docker Hub after December 31st, 2022

All containers should be sourced from the IBM Cloud Container Registry, see Software Downloads > Containers for more information.
This may be a breaking change to any automated deployment processes.

The IBM Application Gateway (IAG) provides a containerized secure Web Reverse proxy which is designed to sit in front of your application, seamlessly adding authentication and authorization protection to your application.

698

Defining the Environment

At a high level, when starting the IAG container you need to define:

  1. The identity source for the environment. The container is able to protect applications by acting as an OIDC Relying Party, and protect API's using OAuth token introspection;
  2. The applications which are to be protected. For each application you might potentially need to define:
    1. The Web servers which host the application;
    2. The authorization policy for the application resources;
    3. Any rate limiting rules to help manage access to the application;
    4. Any transformations which should take place on either the HTTP request or response.

Documentation

The specific documentation which will assist in getting you started includes: