API Gateway Settings


You can configure the underlying settings for the API Gateway using the Tasks -> Manage Settings menu option in the Policy Studio main menu, or the Settings node in the Policy Studio tree. This topic describes the tabs available at the bottom of the Settings screen. You can save the settings on each tab by clicking the Save Settings icon at the top right of the tab.

Default Settings

The Default Settings entered in this screen are applied to all instances of the API Gateway that use this particular configuration. For example, you can change the trace level, timeouts, cache sizes, and other such global information. For more details, see Default Settings.

Transaction Log

The Transaction Log settings enable you to configure the default logging behavior of the API Gateway. For example, you can configure the API Gateway to log to a database, text or XML file, local or remote UNIX syslog, or the system console. For more details, see the topic on Transaction Log Settings.


The Namespace settings are used to determine the versions of SOAP, Web Services Security (WSSE) and Web Services Utility (WSU) that the API Gateway supports. For more details, see Namespace Settings.


The API Gateway can filter MIME messages based on the content types (or MIME types) of the individual parts of the message. The MIME/DIME settings list the default MIME types that the API Gateway can filter on. These types are then used by the Content Types filter to determine which MIME types to block or allow through to the back end Web Service. For more details, see MIME/DIME Settings.

Traffic Monitor

The Traffic Monitor settings enable you to configure the web-based Traffic Monitor tool and its message traffic log. For example, you can configure where the data is stored and what message transaction details are recorded in the log. For more details, see Configuring Traffic Monitoring.


The Metrics settings enable you to configure statistics about the messages that the API Gateway instances in a database. The API Gateway Analytics monitoring tool can then poll this database, and produce charts and graphs showing how the API Gateway is performing. For more details, see Real-Time Monitoring Metrics.

Session Settings

The Session Settings enable you to configure session management settings for the selected cache. For example, you can configure the period of time before expired sessions are cleared from the default HTTP Sessions cache. For more details, see the Session Settings topic.


If you have deployed several API Gateways throughout your network, you should configure a distributed cache. In a distributed cache, each cache is a peer in a group and needs to know where all the other peers in the group are located. The Cache Settings enable you to configure settings for peer listeners and peer discovery. For more details, see the Global Caches.

Access Log

The Access Log records a summary of all request and response messages that pass through the API Gateway. For example, this includes details such as the remote hostname, username, date and time, first line of the request message, HTTP status code, and number of bytes. For details on configuring these settings per API Gateway, see the Access Log Settings topic. For details on configuring the the Access Log at the service level, see the topic on Configuring HTTP Services.

Security Service Module

You can configure the API Gateway to act as an Oracle Security Service Module (SSM) to enable integration with Oracle Entitlements Server 10g. The API Gateway acts as a Java SSM, which delegates to Oracle Entitlements Server 10g. For example, you can authenticate and authorize a user for a particular resource against an Oracle Entitlements Server 10g repository. For more details, see the Oracle Security Service Module Settings (10g) topic.

[Important] Important

Oracle SSM is required for integration with Oracle OES 10g only. Oracle SSM is not required for integration with Oracle OES 11g.


You can configure Kerberos settings such as the Kerberos configuration file to the API Gateway, which contains information about the location of the Kerberos Key Distribution Center (KDC), encryption algorithms and keys, and domain realms. You can also configure options for APIs used by the Kerberos system, such as the Generic Security Services (GSS) and Simple and Protected GSSAPI Negotiation (SPNEGO) APIs. For more details, see the Kerberos Configuration topic.


You can configure how the API Gateway instance connects to an instance of an IBM Tivoli Access Manager server. Each API Gateway instance can connect to a single Tivoli server. For more details, see the Global Configuration section in the Tivoli Integration topic.