BlueCat Gateway can authenticate users using BlueCat Address Manager (BAM), Micetro, or Gateway itself (when using Standalone authentication). Gateway cannot authenticate with multiple authentication platforms at the same time.
BlueCat Address Manager Authentication
BlueCat Gateway uses the the BlueCat Address Manager REST API to perform authentication. Authentication is behavior is slightly different between logging in from the Gateway UI and programmatically logging in using the Gateway REST API:
Gateway UI: Authentication is enforced with browser cookies and a login screen.
REST API: Basic authentication is based on a token that the user must pass with each call. If supported, the token is also stored in a cookie.
For more details about BAM Authentication, see Basic authentication and Bearer authentication in the Address Manager RESTful v2 API Guide.
Micetro Authentication
Gateway uses the Micetro REST API to perform authentication. Micetro authentication uses Basic Authentication. Credentials are base64-encoded and stored in the request header. That means the session will not time out in Gateway unless the user logs out. Authentication is behavior is slightly different between logging in from the Gateway UI and programmatically logging in using the Gateway REST API:
Gateway UI: Authentication is enforced with browser cookies and a login screen.
REST API: Basic authentication is based on a token that the user must pass with each call. If supported, the token is also stored in a cookie.
For more details on Micetro authentication, see API Authentication Methods in the Micetro User Guide.
Standalone Authentication
Gateway handles both session cookies and header authentication.
Gateway UI: Authentication is based on session data in browser cookies and the login screen.
Header authentication: Authentication for API access (including tools like Postman) is based on a token that the user must pass in the request header with each call.
By default, when using Standalone authentication, Gateway supports only a single default user. You can override Gateway's default authentication by providing your own authentication code. For more details, see Custom authentication functions for Gateway Standalone authentication.