The goal of this IAM stack was not to create a gateway component, but for protecting the internal resources, the need appeared for this component.

The gateway runs in front of the user interface, back-ends and modules and performs coarse grained authorization checks to allow or deny the request.

Basic request handlers are present for resource expiration and header injection.