Access Manager deployments typically use Identity Servers and Access Gateways to provide policy-driven access control for HTTP services.
Figure 1-1 illustrates the primary purposes of Access Manager: authentication, identity federation, authorization, and identity injection.
Figure 1-1 Access Manager