We regularly write about our technical experiences (good and bad) and what we're learning from the market.
As part of consulting engagements, it is common that customers ask for guidance on the different authentication and authorisation approaches available on API Management and how these approaches meet their security needs while offering support to existing legacy API clients. While many people now know...
APIs, security, APIdays, versioning, REST, governance, GraphQL
APIdays Australia LIVE is happening next week onSeptember 15th and 16th. Registration to this online event is free and open now at: https://apidays.co/australia.
Previously we talked about the overall event structure which - in addition to our invited keynotes - is split into three streams:
Azure, Azure API Management, security, OAuth 2.0, api policy, RSA, RS256, JWT
In this post, I highlight recently enhanced capabilities of the Validate JWT policy in Azure API Management and the specific gap that addresses for customers. I also provide related recommendations, tips and policy samples, which are not as yet available in Microsoft documentation.
The ...
App Services, CICD, Microsoft Azure, security, Azure Key Vault, Azure Pipelines, Azure DevOps, Azure Web Apps
As an Azure developer that specialises in building integration solutions using the Azure Cloud Platform, I typically work to provide integrated connectivity and functionality between enterprise systems. This can include existing on-premises systems (including legacy) as well as more contemporary workloads that run in...
On a recent client engagement we adopted SOAP over HTTP as our preferred communication channel for Web Service consumers. Since the transport protocol was HTTP, our next requirement was to setup HTTP Basic Authentication and role-based authorization. We tend to prefer simpler transport-level authentication over...
Copyright © 2022
