Sending client authentication information to backend services



We are currently using Access manager in front of our REST services. We use it mainly to provide OAuth atuhentication, but one of Access manager functionality is also to provide authenticated user information to backend REST services (they are hidden behind Access Gateway).

This is done by injecting user's LDAP attributes (stored in oauth claim) into HTTP request header using Access manager identity injection policy. Those headers are then parsed by backend REST services to provide proper response.


Now back to Secure API Manager.

I have not installed product and only read documentation. I really like possibilities that API Gateway could give us, but I haven't noticed that API gateway would have a possibility to pass information from OAuth token to backend REST services.

Is there a way to do that?


Thanks for your answers and kind regards,