Provisioning partners to have access in MWS to track their own transactions

We’re relatively new to WM so forgive me if this doesn’t make sense or I’m missing something. We have quite a few EDI partners that we’d like to empower to track their own EDI transactional information (control numbers, delivery times, etc.). Am I right in understanding we could add them as MWS users and then restrict them to only have access to their company information?

Assuming that’s the case, do we need to create a separate vip on our load balancer to allow them in (since it’s behind the DMZ) or is that something we would add in to the API Gateway somehow to allow them access back to the MWS?

Again, sorry if I’m off here or mixing up terms but any guidance or help (especially if you’re doing this today) would be greatly appreciated.

Thanks in advance,

You can give requirement to your network team and they can take care of exposing the url via LB as this is more of a network activity.

From webMethods perspective, users for respective partners can be created on MWS and each user can be given restricted access to check transactions.
As a layer of security you can create a separate instance of MWS just for your partners.