Skip to content

EXPLORE

Explore our extensive library of articles, lessons, books, whitepapers, and videos.

Explore Featured Posts About APIs and Microservices

Explore by Topic

API Design 101: API Design Basics

By Ronnie Mitra | April 23, 2015 |

The term “API design” or “API architecture” refers to the process of developing a software interface that exposes backend data and application functionality for use in new applications. In this lesson, we provide an overview of the API architecture process, as a starting point for a deeper exploration of design and implementation best practices in…

Latest Articles

How to Use Policy to Retrieve a Portal API OAuth Token

By Geoff Duck | December 4, 2019 |

An API Gateway can be a fast, easy way to manage entities in an API Portal.  The Portal API (PAPI) provides entry-points to perform tasks such as onboard users, manage APIs that are protected by the gateway runtime, manage and update API versions and documentation, and administer API Management items such as application definitions, organizations,…

Layer7 API Gateway – Did You Know? Microsoft Forefront TMG Replacement

By Greg Thompson | November 20, 2019 |

Most people familiar with APIs know the role of an API Gateway, which is typically used to secure access to APIs and provide capabilities such as threat protection, rate limiting, authentication, and authorization. The Layer7 API Gateway does all of this and much, much more. This series of posts will highlight scenarios where the Layer7…

Denial of Service Attacks on The Rise!

By Alex Forsyth | November 13, 2019 |

Current industry reports for 2019 regarding Distributed Denial of Service (DDoS) attacks indicate a 776% increase for loads between 100 Gbps and 400 Gbps*.  As the demand rises for companies to expose more API’s to the public, it becomes much more important to be able to quickly respond to cybercrime threats and changing tactics.   We…

Enriching and Externalizing Gateway Metrics to Splunk

By Ping Tan | November 11, 2019 |

Overview Gateway metrics are a critical piece of intel to determine the health of Services and traffic throughput on an API Gateway. Using Layer7 API Management as an example, there are a few ways we can obtain this information: Policy Manager: Dashboard, PAPIM (Precision API Monitoring), sending this information to a monitoring solution via Gateway…

DevOps: REST API Execution Through Bash Shell Scripting III

By Thomas Cheng | October 28, 2019 |

A Simple Framework (Experiences) This is the third and last part of the paper proposing a framework that enables DevOps teams to issue REST API calls via bash shell scripts. This part shares some experiences/lessons learned from real world applications. Experiences It would be nice if API publishers simply provided an API client SDK in…

DevOps: REST API Execution Through Bash Shell Scripting II

By Thomas Cheng | October 24, 2019 |

A Simple Framework (Extension) This is the second part of the paper proposing a framework that enables DevOps teams to issue REST API calls via bash shell scripts. This part discusses the extension beyond the core of the proposed framework. The third part shares some lessons learned from real world applications. The Basics The basic…

API World 2019

API World 2019: Event Recap

By Jaime Ryan | October 21, 2019 |

For the last eight years, API practitioners and vendors have descended on San Jose, right down the road from the Broadcom headquarters, for the annual API World conference. This year, the Layer7 API Management team was joined at the show by our colleagues from Continuous Testing and AIOps to talk about full lifecycle API Management.…

Should Your API Gateway be Considered Part of Your API Management Platform?

By Geoff Duck | October 17, 2019 |

Recently at API world I was able to see many new Enterprise API architectures (“marketechtures,” as one engineering director called it, got few laughs but I chuckled quietly to myself) including some high-level diagrams from large well-known providers of services leveraged by enterprises and common end-users alike. Several companies separate the concept of API Gateways…

DevOps: REST API Execution Through Bash Shell Scripting

By Thomas Cheng | October 2, 2019 |

A Simple Framework: Core This is the first part of a paper proposing a framework that enables DevOps teams to issue REST API calls via bash shell scripts. The second part of the paper discusses the extension beyond the core of the proposed framework. The third part shares some experiences learned from real world applications.…

Alexa, start the car: IoT in the automotive industry

By Charlotte | July 16, 2019 |

How APIs fuel the connected car and why security is essential to IoT development From the outside, today’s cars look similar to their counterparts from 10 or even 20 years ago. But on the inside, they have been transformed by technology. Cars have retained their core functionality, but integrated connectivity, sensors, and systems have led…

Lessons

How to Use Policy to Retrieve a Portal API OAuth Token

By Geoff Duck | December 4, 2019

An API Gateway can be a fast, easy way to manage entities in an API Portal.  The Portal API (PAPI) provides entry-points to perform tasks such as onboard users, manage APIs that are protected by the gateway runtime, manage and update API versions and documentation, and administer API Management items such as application definitions, organizations,…

Enriching and Externalizing Gateway Metrics to Splunk

By Ping Tan | November 11, 2019

Overview Gateway metrics are a critical piece of intel to determine the health of Services and traffic throughput on an API Gateway. Using Layer7 API Management as an example, there are a few ways we can obtain this information: Policy Manager: Dashboard, PAPIM (Precision API Monitoring), sending this information to a monitoring solution via Gateway…

DevOps: REST API Execution Through Bash Shell Scripting III

By Thomas Cheng | October 28, 2019

A Simple Framework (Experiences) This is the third and last part of the paper proposing a framework that enables DevOps teams to issue REST API calls via bash shell scripts. This part shares some experiences/lessons learned from real world applications. Experiences It would be nice if API publishers simply provided an API client SDK in…

DevOps: REST API Execution Through Bash Shell Scripting II

By Thomas Cheng | October 24, 2019

A Simple Framework (Extension) This is the second part of the paper proposing a framework that enables DevOps teams to issue REST API calls via bash shell scripts. This part discusses the extension beyond the core of the proposed framework. The third part shares some lessons learned from real world applications. The Basics The basic…

How API Languages Evolve

By Ronnie Mitra | July 16, 2018

As API systems mature, knowing the history and evolution of various API languages will help organizations create robust and successful landscapes. How (API) Languages Evolve APIs are languages: they specify how providers and consumers of capabilities communicate. The things that can be “said” in an API conversation are determined by the expressivity of the involved…

Applying and Extending DHARMA

By Amy Vujanich | July 11, 2018

This post gives some practical examples of the DHARMA method for API Security in a Microservice Architecture, and also shares some opportunities for extending the model. This article shares concepts from the O’Reilly book Securing Microservice APIs. If you’re attending OSCON next week, Rob Wilson and Matt McLarty will be signing and giving away print copies during lunch…

Books and Guides

A Guide to REST and API Design

By Mike Amundsen | August 7, 2019

API Academy Learn how to use REST to build developer-friendly, sustainable APIs The Representational State Transfer (REST) architectural style is extremely valuable to organizations that want to create APIs as a way to leverage their existing IT resources in new Web and mobile apps. By applying REST design principles to a protocol, such as HTTP,…

5 Pillars of API Management

By Jaime Ryan | August 7, 2019

API Academy Manage security and performance risks created by opening enterprise systems via APIs Traditional enterprise are blurring, as organizations open their on-premise data and application functionality for use in new internal and external applications. APIs form the foundation of this open enterprise, allowing enterprises to reuse their existing information assets across organizational boundaries. To…

Choosing the Right API Management Solution for the Enterprise User

By Mike Amundsen | August 7, 2019

API Academy Address key functional and operational characteristics of an effective API Management solution This white paper examines the different functional and operational requirements for an enterprise-level API Management solution. In doing so, it gives IT managers, Web managers and enterprise architects key information for selecting an API Management solution. The API is undergoing a…

A How-to Guide to OAuth & API Security

By Mike Amundsen | August 7, 2019

API Academy Make OAuth implementation simple for your organization OAuth is an emerging Web standard that lets users grant third-party clients restricted access to resources they own. In the past, it was common to ask a user to share username and password information with the client. OAuth authentication is more secure as it allows the…

5 OAuth Essentials for API Access Control

By Mike Amundsen | August 7, 2019

API Academy Create a framework to address the complex challenges associated with implementing OAuth There are a number of important access-related challenges for API publishers. However, deploying OAuth as an authorization mechanism for enterprise APIs raises challenges around scalability, correct usage and integration. To make matters worse, OAuth is not supported by existing infrastructure and…

Protecting Your APIs Against Attack & Hijack

By Ronnie Mitra | August 7, 2019

API Academy Secure enterprise APIs for mobile, cloud and open Web It is a mistake to think we can secure APIs using the same methods and technologies with which we secured the conventional, browser-centric Web. While it is true that APIs share many of the same threats that plague the Web, APIs are fundamentally different…

Videos

Tutorial: The New Enterprise Topology

By Amy Vujanich | August 6, 2019

Learn how big data and mobile devices are redefining the topology of enterprise IT The three-tier topology popularized by Web applications is changing. Big Data and mobile devices are shifting the borders of enterprise IT and the API has become the new perimeter for organizations, exposing their business and data services for external consumption. This…

Tutorial: Creating a Solid Foundation for Your Web APIs

By Amy Vujanich | August 6, 2019

Learn how to create a flexible, agile, reliable and secure foundation for HTTP-based APIs This tutorial video from the API Academy identifies four implementation details (component versus connector; representation service; caching layer; security layer) that are highly useful for creating a flexible, agile, reliable and secure foundation for HTTP-based APIs.

Tutorial: The API Interaction Model – An Introduction

By Amy Vujanich | August 6, 2019

Learn about interaction-based API design The interaction model is a foundational design element for API architects. This tutorial video from the API Academy introduces the concept of interaction-based design and provides guidance on how to design an interaction model for an API.

Tutorial: Use Pagination in Web API Design

By Amy Vujanich | August 6, 2019

Learn how to use pagination effectively in your Web APIs Pagination, which is very common on the Web, allows API architects to conserve resources, improve response times and optimize the user experience. This tutorial video from the API Academy provides a crash course explaining pagination and outlining how to use it effectively in the design…

Tutorial: API Documentation Overview

By Amy Vujanich | August 6, 2019

Learn how to document your API to ensure the best possible results To make sure developers use your API to create apps that add true value to your business, you must provide proper documentation. But where do you start when it comes to creating documentation for an API? This video will give you deeper insight…

Tutorial: 3 Common Web Architecture Styles

By Amy Vujanich | August 6, 2019

Learn about different styles for implementing Web solutions There is more than one way to implement a Web solution. This video: Identifies three common styles for the implementation of Web applications Describes the key features of these styles Asks the question “Which style best fits your needs?”

Scroll To Top