What are the possibilities for customizations with MailGate API and what can't be done. The article provides summary of what can and cannot be done with customization in MailGate 5.1.

Types of customization and integration

First, it is important to understand that when we talk about the APIs and customization, we are nearly always referring to the Secure Mailbox (formerly Secure Messenger) features that were first added to MailGate 5.0. Generally, the customizations that can be undertaken are:

1. Simple end user interface customization – for secure messaging and end-user spam reports
2. Complex end-user interface customization/rewrite
3. Single sign-on
4. Using RESTful APIs to interact with MailGate.

DETAILS:

I. Simple end user interface customization

MailGate 5.1 introduces the ability to perform simple branding changes through the administrative GUI.  This allows Axway or MailGate customers to download templates for the look and feel of the end-user interface, make changes and then re-upload them to MailGate.  These templates allow changes to colors, fonts, images and other graphical features of the end-user interface by modifying the style sheets and images associated with the interface.  In addition, all email notifications relating to the Secure Mailbox can be modified/customized.  Since this is functionality available through the standard admin GUI, this customization capability is available to all MailGate 5.x customers who license the appropriate features.  Customers can also create multiple brands, with different brands being associated with different users.

II. Complex end-user interface customization/rewrite

The architecture of MailGate 5.1 allows for complete rewrite/replacement of the end-user UI (for secure messaging and end-user spam reports), for example to embed the UI within a broader customer portal, or to make complex changes to the flow of the user interface. PSO/CDG should be engaged should a customer wish to investigate this option.  

III. Single sign-on

By default, the secure messaging functionality of MailGate uses a combination of the in-built user database and LDAP configuration to manage the enrollment and authentication of users.  If a customer has an existing single sign-on system, or wishes to use some custom method to enroll and authenticate users, this can be done using the single sign-on customization APIs.  Again, PSO/CDG should be consulted should any customer want to do this.

IV. Using the RESTful APIs to interact with MailGate

What is a RESTful API?  It is a way of interacting with a web-based system using simple requests over the http/https protocol.  It basically means that without requiring any access to the backend of MailGate, it is possible to interact with the end-user capabilities from another program.  

So, using the restful APIs a system can easily:

• Authenticate as a user
• Send secure messages
• Query secure messages and folders
• Perform any other action available through the regular end-user web UI

It is independent of platform and programming language, and most web-based system (e.g. Facebook, Twitter etc.) provide RESTful APIs to make it easy for other developers to interact with them. Below are few examples of RESTful APIs use:

• Provider services to another application to allow it to generate secure messages and query the results
• Implement a client on a different platform (e.g. mobile)
• Provide integration with another desktop system (e.g. Outlook)

The key thing to understand about the RESTful APIs is that they give you access to all of the end-user capabilities of MailGate Secure Mailbox and quarantine management in  a platform independent way that does not require any backend access to use.  You just need the documentation that Sandeep included and away you go.

V. Things you can’t (currently) do using MailGate APIs

• You cannot interact with the administrative interface or configuration in any supported way
• You cannot change the way in which MailGate handles a particular message (e.g. by changing policies, or integrating other processing steps)
• You cannot modify the administration interface
• You cannot trigger other things to happen based on a message being received or processed through MailGate