The Industry Authority for APIs and Microservices

The API Academy provides expertise and best practices for the strategy, architecture, design and security of enterprise-grade APIs and microservices.

APIs & Microservices from the API Academy

APIs & Microservices

For over a decade, we’ve provided thought leadership to global organizations on designing APIs, implementing API security, and modernizing mission-critical systems with continuous API management and microservices.

Cloud Architectures from the API Academy

Cloud Architectures

We offer practical, field-tested guidance on how to use microservices and APIs to create service mesh patterns that optimize the security and scalability of multi-cloud, hybrid cloud, and on-premise IT infrastructures.

5G and IoT Applications from the API Academy

Digital Experiences

New 5G and IoT applications will demand unprecedented levels of API performance, security, and governance. Ask us how your peers are integrating APIs and Digital BizOps to get ready for the coming revolution.

New from the API Academy

OAuth and SAML: A Love Story for Valentine’s Day

Naturally, OAuth 2.0 is the shining star of the OAuth Toolkit (OTK), the prima donna that performs center stage in Layer7’s API security implementation. But waiting in the wings with a bouquet of slightly wilted flowers is an older standard who once shone just as brightly before all those mobile apps came along. His name is SAML. SAML

Read More »

How To: Validate Your OAuth Implementation

Is my Layer7 OAuth Toolkit (OTK) installation working? Valid question. Now that you’ve installed OTK on your API Gateway, and have access to OTK-specific policies and assertions in Policy Manager, it’s time to see OAuth in action. The quickest way to do this is through the pre-configured OAuth test clients and OAuth Manager.You can access the OAuth test

Read More »

How To: OTK Solution Kit Installation

This is the second post in the blog series focusing on the OAuth Toolkit (OTK) kit. The first video was a more academic overview of the OAuth protocol and workflow.  This time we take a look at how to install the OTK solution kit, and how the OTK integrates with the API Gateway to provide easy implementation of OAuth security for API endpoints.  The

Read More »

Using Consul as a Source of Truth in Microservices

App Economy and Microservices In today’s app economy, APIs are playing an essential role in helping customers to achieve their digital transformation goals. In this process, enterprises are trying to convert their monolithic applications into more granular and autonomous microservices to support their business objective and also speed to market. Consul as Source of Truth In a microservices

Read More »

How-To: OAuth Overview

Today we’re going to take a look at the Layer 7 API Management OAuth toolkit or OTK. For most customers, the OTK is not an optional Gateway add-on. It is an essential product used in the API management lifecycle for securing client authorization and authentication. The OTK implements security using a combination of the OAuth 2.0 (authorization) and

Read More »

TechTalk: Building API-Aware Service Meshes

In our first TechTalk of 2020, hosts Bill and Aran introduce Jay Thorne, Head of Product Strategy at Broadcom’s Layer7 API Management. He talks about Building API-aware Service Meshes with Layer7 and Istio, and includes a demo plus a comprehensive Q&A session.

Read More »

API Academy Essentials

Microsurfaces: The Role of APIs in a Microservice Architecture
API-based communication is vital to delivering value in all aspects of a microservice architecture. Explore their relationship in this short introductory ebook.
Download Now
Microservice Architecture: Aligning Principles, Practices, and Culture
An award-winning, full-length ebook from O'Reilly and the API Academy that explains how microservices work, and what it means to build an application the microservices way.
Download Now
Securing Microservice APIs: Sustainable and Scalable Access Control
This essential ebook for technical practitioners proposes an API access control model that can be implemented to provide cohesive security over a network of microservices.
Download Now
Scroll to top