API-Management

Building a Node.js service using the API-first approach

Building a Node.js service using the API-first approach

Nowadays technology companies are adopting the API as one of the most valuable pieces of their business.

What does it mean when we talk about API-first development? We already know the benefits of using an API-first approach:

  • Reduced interdependencies
  • Earlier validation
  • Early feedback with the freedom to change
  • Improved efficiency

This article describes what it means to use the API-first design approach. It also walks through an example of using this approach with the OpenAPI Specification and with oas-tools as the Node.js back-end application, which enables you to care only about the business logic. All the validation of incoming requests are done by the oas-tools library (based on the OpenAPI Specification file provided).

Continue reading “Building a Node.js service using the API-first approach”

Share
Integration of API management details (Part 4)

Integration of API management details (Part 4)

In Part 3 of this series, we started diving into the details that determine how your integration becomes the key to transforming your customer experience.

It started with laying out the process of how I’ve approached the use case by researching successful customer portfolio solutions as the basis for a generic architectural blueprint. Now it’s time to cover various blueprint details.

This article takes you deeper into specific elements (API management and reverse proxy) of the generic architectural overview.

Continue reading “Integration of API management details (Part 4)”

Share
Adding API Gateway Policies Now Easier With Red Hat 3scale API Management

Adding API Gateway Policies Now Easier With Red Hat 3scale API Management

With the June 2018 release of Red Hat 3scale API Management 2.2, adding API Gateway policies to your API management layer is easier than ever.

What is a Policy?

Red Hat 3scale API Management provides units of functionality that modify the behavior of the API Gateway without the need to implement code. These management components are know in 3scale as policies. The configuration for the bundled policies is available from the API Manager Portal, where you can define the behavior of your API integration.

The order in which the policies are executed, known as the “policy chain”, can be configured to introduce differing behavior based on the position of the policy in the chain. Adding custom headers, perform URL rewriting, enable CORS, and configurable caching are some of the most common API gateway capabilities implemented as policies.

Continue reading “Adding API Gateway Policies Now Easier With Red Hat 3scale API Management”

Share
Red Hat Summit 2018: Develop Secure Apps and Services

Red Hat Summit 2018: Develop Secure Apps and Services

Red Hat Summit 2018 will focus on modern application development. A critical part of modern application development is of course securing your applications and services. Things were challenging when you only needed to secure a single monolithic application. In a modern application landscape, you’re probably looking at building microservices and possibly exposing application services and APIs outside the boundaries of your enterprise. In order to deploy cloud-native applications and microservices you must be able to secure them. You might be faced with the challenge of securing both applications and back-end services accessed by mobile devices while using third party identity providers like social networks. Fortunately, Red Hat Summit 2018 has a number of developer-oriented sessions where you can learn how to secure your applications and services, integrate single-sign on, and manage your APIs. Session highlights include:

Continue reading “Red Hat Summit 2018: Develop Secure Apps and Services”

Share
3Scale by Red Hat Integration with ForgeRock using OpenID Connect

3Scale by Red Hat Integration with ForgeRock using OpenID Connect

In my last article, I wrote about how API Management and Identity Management can work together in a complementary fashion to secure and manage the services/endpoints which applications expose as APIs. In that article I covered how Red Hat 3scale API Management can be used to integrate an identity manager, in addition to providing API management functions such as rate limiting and throttling.

Continue reading 3Scale by Red Hat Integration with ForgeRock using OpenID Connect

Share
3scale by Red Hat API and Identity Management Series

3scale by Red Hat API and Identity Management Series

Today’s modern infrastructure faces the complex challenge of managing user’s access to the resources. To protect system and data integrity, companies have implemented identity and access management (IAM) solutions for their in-house systems. IAM solutions address three major concepts: identity, authentication, and authorization.  Their job is to ensure that only authenticated and authorized users have access to resources or information. Every IAM solution on the market provides a great set of features such as:

  • Single Sign-On (SSO)
  • Centralized policy-based authentication and authorization
  • Identity federation

Continue reading “3scale by Red Hat API and Identity Management Series”

Share
HOW-TO setup 3scale OpenID Connect (OIDC) Integration with RH SSO

HOW-TO setup 3scale OpenID Connect (OIDC) Integration with RH SSO

This step-by-step guide is a follow-up to the Red Hat 3scale API Management new 2.1 version announcement. As many of you will know, this new version simplifies the integration between APIcast gateway and Red Hat Single Sign-On through OpenID Connect (OIDC) for API authentication. As a result, now you can select OpenID Connect as your authentication mechanism besides API Key, App Key pair, and OAuth. Also, the on-premise version adds a new component that synchronizes the client creation on the Red Hat Single Sign-On domain.

Continue reading “HOW-TO setup 3scale OpenID Connect (OIDC) Integration with RH SSO”

Share
Organizing Microservices – Modern Integration

Organizing Microservices – Modern Integration

Microservices is probably one of the most popular buzz words among my fellow developer friends, and I do like the concept of being flexible, agile and having simply having more choices. But as a person that worked in the software integration space for years, I started to see some resemblance of the old ESB days.

Looking at the problem from ten thousand feet up. A decade ago, we had to come up with a better way of organizing the spaghetti connection in between systems, stop duplicating effort on the same piece of business logic. That is when service-oriented architecture (SOA) became popular. By modularizing services, sharing them among others systems, and organize ways of communication, routing of data. And ESB is one implementation of that, maybe not necessarily how it should be done.

Continue reading “Organizing Microservices – Modern Integration”

Share
Reference Architecture for Agile Integration

Reference Architecture for Agile Integration

Integration is still around but in a different form. So, what does modern integration look like? Looking at how agile scrum has taken over traditional waterfall development framework, by enabling shorter delivery cycles, faster feedback, and having the flexibility to rapidly adapt to changes. I believe it’s time for traditional integration to be agile again. By breaking up traditional ESB into distributed microservices.

Continue reading “Reference Architecture for Agile Integration”

Share