Configuring multiple Authorize gateway instances
For high-availability applications or scalability, you can configure multiple gateway instances. You can then run the Docker container on multiple servers.
When multiple gateway instances are connected to PingOne, PingOne maintains a list of the active connections for each gateway. If a gateway instance isn’t available, it’s excluded from the list of active gateway instances.
You can set up an Authorize gateway with one gateway credential and have multiple gateway instances share the same credential. If necessary, you can remove the credential from the Authorize gateway to stop all gateway traffic. Removing the credential breaks the connection to PingOne, but it doesn’t stop gateway instances or stop authorization requests from being served.
When there’s no connection to PingOne, gateway instances continue to run with the last successful gateway configuration. Any new authorization versions won’t be deployed to gateway instances that used the deleted credential.
|
Best practice is to use a different credential for each gateway instance. Using different credentials allows you to easily revoke access to individual gateway instances. |