LTPA topologies and use cases

IBM MobileFirst™ Platform Foundation supports various infrastructure topologies for a set of requirements that can take advantage of LTPA or MobileFirst security.

Reverse proxy with LTPA

A reverse proxy can be used to authenticate, and then send the user's LTPA token after the user is authenticated. This configuration can be useful when you want to offload IBM MobileFirst Platform Foundation from handling vital user credentials or to use an existing authentication setup. The MobileFirst Server must be configured for LTPA authentication to get the user identity. Both supported LTPA configurations log the user in automatically if the LTPA token is valid and the user is authorized. For more information about integrating IBM MobileFirst Platform Foundation with a reverse proxy, see Integration and authentication with a reverse proxy.

The following image shows a reverse proxy flow:
Reverse proxy flow
Parent topic: MobileFirst Security and LTPA
Related information
Integration and authentication with a reverse proxy
Integrating with DataPower as a security gateway and reverse proxy