Nicolas Massé

Nicolas is Technical Marketing Manager at Red Hat. He is involved since 5 years in the API Management industry where he has defined and deployed Agile API processes with customers. Nicolas is involved into 3scale community where he’s contributing code and ideas.

Recent Posts

Manage your APIs deployed with Istio service mesh

Manage your APIs deployed with Istio service mesh

With the rise of microservices architectures, companies are looking for a way to connect, secure, control, and observe their microservices. Currently, a service mesh such as Istio is the best option to reach this goal.

  • Connect: Istio can intelligently control the flow of traffic between services, conduct a range of tests and upgrade gradually with blue/green deployments.
  • Secure: Automatically secure your services through managed authentication, authorization, and encryption of communication between services.
  • Control: Apply policies and ensure that they are enforced and that resources are fairly distributed among consumers.
  • Observe: See what’s happening with rich automatic tracing, monitoring, logging of all your services.

And, as explained in “Distributed microservices architecture: Istio, managed API gateways and, enterprise integration”, a service mesh does not relieve the need for an API management solution. A service mesh manages services and the connections between them, whereas an API management solution manages APIs and their consumers. In this article, I’ll describe how to manage APIs using the Red Hat Integration adapter for Istio.

Continue reading “Manage your APIs deployed with Istio service mesh”

Share
Full API lifecycle management: A primer

Full API lifecycle management: A primer

APIs are the cornerstone of so many recent breakthroughs: from mobile applications, to the Internet of Things, to cloud computing. All those technologies expose, consume, and are built on APIs. And those APIs are a key driver for generating new revenue. Salesforce generates 50% of its revenue through APIs, Expedia generates 90% of its, and eBay generates 60% of its. With APIs becoming so central, it becomes essential to deal with full API lifecycle management. The success of your digital transformation project depends on it!

This article describes a set of full API lifecycle management activities that can guide you from an idea to the realization, from the inception of an API program up to management at scale throughout your whole company.

Continue reading “Full API lifecycle management: A primer”

Share
Red Hat Single Sign-On: Give it a try for no cost!

Red Hat Single Sign-On: Give it a try for no cost!

In a software world where each day is more hostile than the previous one, security matters and developers are coping with more and more non-functional requirements about security. The most common ones are the “OWASP Top 10”: the ten security risks that every developer should know. There are many more security risks you should care about, but those ten risks are the ones having the most impact on the security of your software. Among them are authentication and access control.

The good news is that authentication and access control are now commodities in the open source world, thanks to Red Hat Single Sign-On Red Hat Single Sign-On is an access management tool that takes care of the details of most authentication protocols such as SAML, OAuth, and OpenID Connect; user consent with UMA; and even access control. It is easy to use, is very well-documented, and has a very active community: Keycloak.

This article describes how to download and install Red Hat Single Sign-On for no cost.

Continue reading “Red Hat Single Sign-On: Give it a try for no cost!”

Share
Using a public certificate with Red Hat Single Sign-On/Keycloak

Using a public certificate with Red Hat Single Sign-On/Keycloak

When deploying Red Hat Single Sign-On/Keycloak for a test or a proof of concept, most users will choose to use a self-signed certificate as explained in the official documentation.

The setup instructions are straightforward, but this self-signed certificate will trigger certificate error messages in your web browser and can also prevent some clients such as Postman from working properly.

This article explains how to use a public certificate from Let’s Encrypt with Red Hat Single Sign-On.

Continue reading “Using a public certificate with Red Hat Single Sign-On/Keycloak”

Share