I am new to SAG API management platform. We have a requirement where a back-end acts as identity provider and does the credential verification. Hence, in the API hosted on APIGW, is it possible to have flow as:
Client → APIGW → Backend
Client sends access token request to APIGW along with its credentials. APIGW sends user credentials to backend and backend verifies credentials. If successful verification, APIGW generates access token.
In the subsequent requests, client sends only access token to access other API resources.
Could you please let me know whether this flow is possible with SAG API management platform.