The API Manager allows having a production endpoint and a sandbox endpoint for a given API. The production endpoint is the actual location of the API, whereas the sandbox endpoint is considered as its testing/pre-production environment. When you publish an API using the API Publisher, it gets deployed on the API Gateway. By default, this is a single Gateway instance (either external of embedded within the publisher) that will support both Production and Sandbox token types. When an API request is made to the API Gateway, it checks whether the requesting token is of type 'PRODUCTION' or 'SANDBOX' and forwards the request to the appropriate endpoint.
The above API Gateway is known as a Hybrid API Gateway since it passes through both production and sandbox traffic. Instead of having the above approach, it is also possible to publish an API to two different API Gateways. One which will only pass through production traffic and the other which will only pass through sandbox traffic.
Using this approach, the Production API Gateway will only pass through requests which are made using 'PRODUCTION' type tokens and the Sandbox API Gateway will only pass through requests which are made using 'SANDBOX' type tokens. If an invalid token the is received on any of the two Gateways, it will return an error response to the requesting client saying invalid token type.
The <APIGateway> section of the api-manager.xml file contains details of how to configure the API Publisher to publish APIs to different Gateways. Visit this section of the API Manager documentation to see details of the <APIGateway> configuration and a sample configuration of an API Publisher which has 3 Gateways configured.