Which came first, APIs or DevOps? Though the two are complementary, the answer here is clear. There are major benefits of DevOps in your API lifecycle, but APIs are likely responsible for the growth in DevOps methodologies. The Cloud, modern code reviews, and continuous integration all depend on APIs. APIs Cause Cloud Formations Plenty has […]
App Development
Istio and Mesh are a Microservices Deployment Framework
And Together, They Need to have Business Context The industry and our customers have expressed a great interest in Istio and service mesh over the past couple of months. I find this interesting because the tool represents the next evolutionary step, but is not without a few downsides. My focus in API management has sharpened […]
Advice to Developers: Double-check Configurations to Avoid Cybersecurity Pain
Last month in my API Academy blog I provided my observations and recommendations about the importance of logging and monitoring from a cybersecurity perspective. This month, I’ll focus on the importance of avoiding security misconfigurations when building and updating applications. As I noted last month, I’m a bit of an old salt in security, having […]
Reactive Logic Overview
Reactive logic is your requirements entered as rules for your schema tables and views in Layer7 Live API Creator. These rules can include event rules, validation rules, and derivation rules. Live API Creator shares these rules across all resources that you explicitly define for your API and associates it with the row objects. This automatic […]
Plan for a Better UX Under Load by Planning for Errors
Plan to scaleWhen planning for scale, every tool out there has individual capacity limits. Many can scale horizontally, and many scale vertically, but ALL of them cost time, money, or both to scale. Unbounded scaling is just not available for free. Even if the products in use attract no licenses fees, there are always costs: […]
How-to: OpenID Connect Authentication for OAuth
As we know by now, the OAuth 2.0 protocol was built for authorization, not authentication. It excels at delegated authorization. Log in with Google? Sure. The OAuth protected API endpoint never sees your Google username and password. It doesn’t need to know who you are. In fact, like a discreet bouncer at an exclusive club, […]
How To: Validate Your OAuth Implementation
Is my Layer7 OAuth Toolkit (OTK) installation working? Valid question. Now that you’ve installed OTK on your API Gateway, and have access to OTK-specific policies and assertions in Policy Manager, it’s time to see OAuth in action. The quickest way to do this is through the pre-configured OAuth test clients and OAuth Manager.You can access […]
5 Ways to Get Top Mobile App Developer Talent for Your Open APIs
API Academy Grow an ecosystem of visionary developers creating cutting-edge apps Opening APIs to developers outside your organization can enable the creation of mobile apps that add value to your products and information assets in innovative and often unexpected ways – without you having to invest directly in app development. However, this will only happen […]
Microservice Architecture: Aligning Principles, Practices & Culture
Irakli Nadareishvili, Ronnie Mitra, Matt McLarty & Mike Amundsen Design and apply microservices to embrace continual change in the digital economy Microservice architecture is helping organizations embrace continual change. But how do you design and apply microservices effectively? This book from O’Reilly, written by API Academy experts, provides comprehensive guidance through eight chapters that take a deep dive into: […]
How Can You Prove Your Digital You is You?
George Bernard Shaw was witty and fun. He was famous for being quotable – very much like Oscar Wilde. One of the quotes I love, and I thought was perfect for this blog: “The single biggest problem in communication is the illusion that it has taken place.” In the real world, communication is an illusion. People talk but they don’t listen. […]