Articles

Delivering a Successful API: Know What it Takes

,

Modern businesses are highly consumer-driven. Delivering value to our customers should, therefore, be our first priority. Making the tasks of our customers more convenient and efficient should be our primary goal. To do that, we need ways to figure out “what” exactly makes our customers more efficient and brings them convenience in their tasks. 

This requires a lot of trial and error. This requires us to build and experiment with systems and features to see if these capabilities actually bring significant value to our customers. This is the primary motivation that drives enterprise architecture to be much more disaggregated and composeable. Heard about “Microservices” anyone? 

Source de l’article sur DZONE

/par

Iterate/Aggregate Fault Handling in WSO2 EI

,

In WSO2, we can implement the Splitter and Aggregator EIP using the Iterate and Aggregate mediators. With the Splitter pattern, we can split a message composed by different elements that need to be processed individually, and then we use the Aggregator pattern to aggregate the results of each individual call and then perform some processing over the aggregated results.

Happy Path Example

In a happy path example, all the requests and processing done inside the iterate mediator will occur with no failures, and the aggregate mediator will handle the results of all the requests made. We can see that in the proxy below:

Source de l’article sur DZONE

/par

API Security Weekly: Issue #70

,

This week, we check out a recent API vulnerability in Twitter. In addition, it looks like API vulnerabilities are a bit of a theme in apps by political parties: vulnerabilities were discovered in apps by Israel’s Likud and the Democratic Party in the USA. We also have two API security talks: one recorded and one upcoming webinar.

Vulnerability: Twitter

Twitter has disclosed a recent API exploit. The API endpoints to make finding friends in Twitter by their phone numbers easier were abused, possibly by state-sponsored actors, to mine accounts by mapping them to phone numbers. Detecting and throttling the exploit was hard because the phone numbers were not sequential and attackers used multiple accounts and IP addresses in their attacks.

Source de l’article sur DZONE

/par

How to Implement Splunk Enterprise On-Premise for a MuleSoft App

,

What Is Splunk?

Splunk is a tool used for logging, analyzing, reporting, visualizing, monitoring, or searching the machine data in real time.

Machine data is information that is generated by a computer process, application, device, or any other mechanism without any active intervention from humans. Machine data is everywhere, and it can be generated automatically from various sources like computer processes, elevators, cars, smartphones, etc., and generally, such data is generated in forms of events in an unstructured form.

Source de l’article sur DZONE

/par

API Security Weekly: Issue #68

,

This week, we take a look at where API security is at on Gartner Hype Cycle, what the threatscape for 2020 looks like according to McAfee, and a SANS Institute whitepaper on DevSecOps.

Analysts: API Security in Gartner Hype Cycle

Gartner published their Hype Cycle for Application Security, 2019 a few months ago. The Hype Cycle provides a graph on where we are in application security in terms of the maturity of technologies and their adoption; what is up and coming and what is already established.

Source de l’article sur DZONE

/par

How Real-Time APIs Power Our Lives

,
How Real-Time APIs Power Our Lives

The other day I went to dinner, and it made me appreciate the need for fast application programming interfaces (APIs). Confused? Let me explain.

To get to dinner, I used an app to hail a car from my smartphone. Most of us are familiar with this routine — you open the app, enter your destination, get a ride, step out of the car when you arrive, and pay for your trip automatically using the credit card on file. While you’re waiting for the driver to pick you up, the map updates in real time to indicate the location of the car on approach. But on that day, the app did not update the map. I waited five increasingly uncomfortable minutes, not knowing if a driver was on the way or had even accepted my request. After 10 minutes, I got frustrated and switched to an alternative ride-hailing app! This time I was successful and watched in real time as my driver approached and picked me up. I made it to dinner with a few minutes to spare.

Source de l’article sur DZONE

/par

Create an Integration Builder Connector to an API Builder Microservices

,
Create an Integration Builder Connector to an API Builder Microservices

In this post, we’ll describe how to create an Integration Builder connector to an API Builder Microservice. We’ll create an API Builder project, run it, and export its swagger definition. Then, we’ll import the swagger into Integration Builder and create a connector that can be used in Integration Builder flows.

Create Your API Builder Project

In this section, we’ll create an API Builder project and get the swagger for it.

Source de l’article sur DZONE

/par

GraphQL: Thinking Beyond the Technology

,
GraphQL: Thinking Beyond the Technology

I’m going to share a deep, dark secret from my past: before I shifted to JavaScript, I was actually a Java developer. This means I have worked as both a backend and frontend developer. It also means I am uniquely qualified to share with you another dark industry secret: the things that backend developers say about frontend developers when they’re not around. Are you ready? Here we go:

  • Can’t those frontend developers just use what we’ve given them?

  • Can’t those frontend developers decide what they want, once and for all?

  • Really, how hard can it be to build a frontend? Don’t those frontend devs just fiddle with CSS and bump pixels around the screen?

  • What do those frontend developers actually do with all of their time?

But of course, let’s be honest: frontend developers also say things about backend developers when they’re not around. For example:

Source de l’article sur DZONE

/par

File-Based Integration: Spring Integration vs Ballerina

,

Introduction

File-based integration is one of the most popular and widely used approaches in data integration. Many software systems work with files — i.e., they either take in files as input, give their results as files, or do both — and working with multiple disparate systems requires connecting those systems together. Newer software systems also provide API-based access to information, and API-based integration is one of the approaches in connecting such systems. Although APIs provide advantages over traditional file-based systems, such as complex data structures and fine-grained security, many legacy software systems, and even modern ones, often use file-based approaches to export and import data. 

Integration requires ensuring that two separate systems understand each other. And, although file structures and data types will likely be different in different software systems, we need an integration mechanism to map, transform, filter, and cleanse data in order for software systems to understand each other. Some of the most popular file formats used in general scenarios are CSV, EDI, JSON, and XML.

Source de l’article sur DZONE

/par

Easy REST APIs With AutoRest

,
It’s easy to REST with AutoRest.
“We live in an API-driven world,” said Julia Kreger, OpenStack Ironic project team lead and principal software engineer at Red Hat.

API is an acronym for “Application Programming Interface.” It has a long history since the first computer programs were written. At first, APIs form “contracts” for accessing resources from the operating system, software libraries, or other systems.

Source de l’article sur DZONE

/par