I try to setup the the security part as separate service for scaleability, the reason we will provide also direct (p2p) “internal” service communication without the gateway in the middle, but each service should be protected.
the gateway and developer portal we try to use for documentation and limit the outer world from our infrastructure.
does this work, how should the “registration, subscription” from developers from outside will work.
are there any hook points that can be used?
regards
Enrico