AuthZEN: Standards-based API authorisation for API gateways
Discover the challenges of deep API authorization and the risks of coupling access control tightly within the API gateway.
API gateway architectures for Kubernetes
Gateways can be available as hardware appliances, deployed to virtual machines and even as a pure SaaS – here’s some deployment options.
Integration testing for API management
We explain how integration testing works and how to implement it using recommendations to enhance API management solutions’ efficiency.
6 open source projects to boost your cloud-native API management game
We’re sharing the knowledge we gained at KubeCon so you can optimise your API management practices for the cloud-native landscape.
What is API-first?
Product-centric api-first approach to developing APIs, viewing them as discrete products. Learn more about the API first approach.
OWASP API security – 9: Improper assets management
Improper asset management leads to technical debt and reduce agility, making applications vulnerable to attacks. Read our guide!
OWASP API security – 8: Injection
Injection vulnerability is caused by not validating user input, where that input is later used verbatim without any protection mechanisms.
APIM architectural and deployment patterns 101
Looking at different architectural deployment patterns for API Management and assess the merits of each, along with any potential drawbacks.
The Strangler Fig Pattern
The Strangler Fig pattern is a long-established approach for incrementally replacing legacy systems. How can it be applied to API Management?
OAuth2 Token Exchange RFC8693
Oauth token exchange – OAuth2 Token Exchange RFC8693 is a delegation protocol which allows an API Gateway to authenticate with an upstream.