Abstract: A method, apparatus, and computer-readable recording medium for authenticating a client application using two-factor authentication. The method includes receiving, from the client application, a request to access an application programming interface (API), validating, using a first authentication method, the client application for accessing the API, and based on a result of the validating using the first authentication method, validating the client application for accessing the API using a second authentication method, and providing a response to the client application based on the validating using the first authentication method and the second authentication method.

Abstract: Common file attribute processing is used for providing enhanced loading time of Application Programming Interface (API) files. An Extensible Markup Language (XML) file of an API is parsed. XML element objects in XML file are parsed. Whether there is at least one common attribute for the XML element objects is determined. In response to determining there is at least one common attribute for the XML element objects, attribute data for the at least one common attribute is retrieved from storage and the attribute data is added in an API resource object.

Abstract: A method for authorizing a client application to access resources using a distributed cache is provided. The method includes: receiving, from the client application, a login request at an identity management (IDM) tool; providing, by the IDM tool to the distributed cache, a token session state of a first access token and permission information of the first access token; masking the permission information from the first access token and providing an updated access token to the client application with the permission information masked; receiving, at an application programming interface (API) gateway from the client application, a service request comprising the updated access token; validating the updated access token using the distributed cache; and providing a response to the client application based on the validation.

Abstract: Synchronization of a session state of an access token is provided between elements in a system, such as between an Identity Manager (IDM) and an Application Programming Interface (API) Gateway. The IDM generates an access token that is provided to a client device and stores session state information of the access token at a distributed cache. When the client device logs out from the IDM, the IDM removes the session state information from the distributed storage device. The API Gateway is able to request the session state information from distributed storage device. Based on receiving the session state information, the API Gateway authenticates the access token and grants the client device access to an end service. Before requesting the session state information from the distributed storage device, the API Gateway is able to verify the access token is valid and that the access token has not expired.