Abstract: A method, apparatus and computer program product provide an application server implementing configurable security models. An example of the method includes receiving a first access request from a first client application, determining a first client identifier for the first client application based at least in part on the first access request, using the first client identifier to identify one or more first security models associated with the first client application from a database, the database comprising a plurality of client identifiers and a plurality of indications of security models associated with each of the plurality of client identifiers, executing an application instance providing functionality in accordance with the one or more first security models, and processing the first access request using the application instance.

Abstract: Embodiments are disclosed for managing interactions between a server application and an external environment while limiting an attack surface of the server application. An example method includes receiving, by communications circuitry of a gateway integration server (GIS) and from a source device in the external environment, a message including an application programming interface (API) call. The example method further includes evaluating, by authentication circuitry of the GIS, whether the API call is authorized. If so, the example method further includes generating, by response circuitry of the GIS, a response to the API call, and transmitting, by the communications circuitry of the GIS and to the source device, the response to the API call. However, if not, the example method includes transmitting, by the communications circuitry of the GIS, an error message to the source device. Corresponding apparatuses and computer program products are also provided.

Abstract: Embodiments are disclosed for managing interactions between a server application and an external environment while limiting an attack surface of the server application. An example method includes receiving, by communications circuitry of a gateway integration server (GIS) and from a source device in the external environment, a message including an application programming interface (API) call. The example method further includes evaluating, by authentication circuitry of the GIS, whether the API call is authorized. If so, the example method further includes generating, by response circuitry of the GIS, a response to the API call, and transmitting, by the communications circuitry of the GIS and to the source device, the response to the API call. However, if not, the example method includes transmitting, by the communications circuitry of the GIS, an error message to the source device. Corresponding apparatuses and computer program products are also provided.

Abstract: A method, apparatus and computer program product provide an application server implementing configurable security models. An example of the method includes receiving a first access request from a first client application, determining a first client identifier for the first client application based at least in part on the first access request, using the first client identifier to identify one or more first security models associated with the first client application from a database, the database comprising a plurality of client identifiers and a plurality of indications of security models associated with each of the plurality of client identifiers, executing an application instance providing functionality in accordance with the one or more first security models, and processing the first access request using the application instance.