Gateway REST Services are REST Services that run on a Gateway and can only be called by trusted Service Plans.
Any number of endpoints can be configured for a Gateway REST Service. These endpoints can call your internal services, allowing your Service Plans to access those services without making them publicly available.
Once a trusted connection between the Gateway and a Service Plan has been established, the Service Plan can make secure REST requests to the Gateway.
The Gateway will accept all requests from a trusted Service Plan. To restrict access to a service, you can use the Security Manager on the Service Plan to define which users can call into the Gateway REST Service.