Sentinet Features

API Security

Sentinet secures communications between applications and APIs regardless of the integration environments such as ESB, Enterprise Applications Integration or public exposure of APIs to business partners.

Sentinet provides managed authentication and authorization for API calls by supporting all standard and custom security models.

Sentinet supports simple security pass-through and advanced security mediation scenarios.

Protocols and Message Formats


REST

SOAP

SOAP to REST transformations

XML, JSON, Text, binary, custom formats

HTTP, HTTPS

NET.TCP, MSMQ, NET.PIPE, Microsoft Azure Service Bus

Authentication Schemes


Username/Password

X.509 Certificates including mutual SSL

Windows Kerberos and NTLM

Windows Active Directory Group membership

Microsoft Azure Active Directory

API Security Keys for REST

OAuth and OpenID Connect for REST

WS-* for SOAP including advanced WS-Federation

SAML 1.1, 2.0

Extensibility for custom authentication

Authorization and Access Control



Sentinet provides graphical Access Rules Designer to secure REST APIs and SOAP services with either simple or complex Access Rules.

Access Rules implement authorization logic that may include specific API caller identities, request formats, message content, date/time schedules, access patterns or any other custom logic added by an API provider.



Access Rules are reusable components stored in the API Repository. They can be assigned to more than one REST API or SOAP service. More than one Access Rule can be assigned to an API or a service.