| DATAPOWER | |||
 | Accessing the IBM DataPower Command Line Interface (CLI) in a container | ||
| Guest Post by Chris Phillips Ivan Heninger | |||
|
When accessing IBM DataPower in a container we recommend it is accessed via the CLI. However, if there is a lot of traffic in the IBM DataPower this can make it difficult to follow as the log messages are sent to the screen. |
|||
|
|
|||
| API CONNECT | |||
|
| Upcoming Events | ||
|
Over the next two weeks I will take to the stage four times, three in person, only one virtually. Tonight (15th) and Tomorrow (16th), I will be joining my daughter’s dance show as part of the BB Dads with Blue Butterfly Studios delivering Top Dads. This is the first time I have appeared on stage to dance…. I will be delivering my - Why you should own an internal platform for your External AI and SaaS Providers at
|
|||
|
|
|||
| API CONNECT | |||
|
| Circuit Breaker in API Connect | ||
|
This is an update to a previous article. The changes are the samples and examples. A Circuit breaker pattern is becoming a common pattern for remote calls today. The purpose of the circuit breaker is to detect when a series of errors are returned and block traffic for a time period, thus giving the backend system time to recover. |
|||
|
|
|||
| API CONNECT | |||
|
| SRE Days London 2025 | ||
| Guest Post by Chris Phillips Simon Kapadia | |||
|
I’m excited to be speaking at SREday London 2025 Q1! Join us on March 27-28 for two days of amazing talks and networking!
Register here: https://sreday.com/2025-london-q1/ Don’t forget to use the code LDN10 for 10% off! This session will explore how platform teams can productize external AI and SaaS providers, giving businesses greater flexibility, control, and security over their external services. We’ll cover best practices for managing APIs and improving resilience. See you there! |
|||
|
|
|||
| API CONNECT | |||
|
| API Authorization when using Third Party oAuth Providers in APIC | ||
| Guest Post by Chris Phillips Simon Kapadia | |||
|
API Connect has the facility to use third party oAuth providers. This means that you can use nearly any oAuth security provider to secure APIs providing it can be reached by the API Gateway. This is great for Authentication however for Authorization this leads to a number of options that need to be considered. Definitions • Authentication - is validating the user is who they say they are • Authorization – is validating they have permissions to do what they are requesting |
|||
|
|
|||
| API CONNECT | |||
|
| Building a Reverse Proxy for the IBM Developer Portal with IBM DataPower | ||
| Guest Post by Chris Phillips Simon Kapadia | |||
|
The IBM Developer Portal is essential for socialising your APIs to external consumers. In order to do this it must be accessible outside of your Internal Network. It is not good practice to deploy the Developer Portal directly in your DMZ and grant users direct access. The De-Militarised Zone (DMZ) is designed to be a hostile, barren place for attackers; software deployed there should have minimal function, deployed on a hardened platform, and be designed for DMZ deployment. With this in mind, we suggest that that a reverse proxy should be deployed in your DMZ, which forwards requests to the Developer Portal, and the Developer Portal should in turn be deployed in a separate secure zone designed for servers (not directly on your internal lan!). One option for a reverse proxy implementation would be to use IBM DataPower, which has facilities to provide a reverse proxy within its WAF capabilities. This article will explain how to configure a WAF as a Reverse Proxy for the Developer Portal on a Physical, Linux-based or Virtual DataPower. This can also be done with DataPower in Kubernetes but the configuration needs to be placed in a ConfigMap and that will be not be covered by these instructions.
A request will come from the Web Browser into IBM DataPower, and this will then be forwarded to the Developer Portal pods, using the same URL all the way through. |
|||
|
|
|||
| API CONNECT | |||
|
| Dates for your Diary | ||
| Guest Post by Chris Phillips | |||
|
This is not announcement, all these dates have been already announced by IBM but I am posting this to highlight. I have shared links to where the information is available. Please confirm all information with your IBM rep if you have any concerns. Please note any changes to the information may not be updated on this blog so look at the provided links for the up to date information.
|
|||
|
|
|||
| API CONNECT | |||
|
| API Connect - Filtering requests by source IP with the API Gateway. | ||
| Guest Post by Chris Phillips Amit Kumar Singh | |||
|
I am often asked if there is a way we can limit the range of IPs that we accept calling an API Gateway. This can be done with a GlobalPolicy and a little GatewayScript. Amit Kumar Singh from my team built some GatewayScript that will do this check. |
|||
|
|
|||
| API CONNECT | |||
|
| API Connect and OpenTelemetry | ||
| Guest Post by Amit Kumar Singh Chris Phillips | |||
|
This article will explain how to enable Open Telemetry on API Connect 10.0.8.0 with DataPower 10.6.0.1. In order to apply these settings today, a GW extension must be used. This article will explain the steps to build the gateway extension. Thanks to Zach Groseclose and Ben Stern for assisting with this. For an introduction to OpenTelemetry please refer to our previous article on OpenTelemetry for AppConnect https://chrisphillips-cminion.github.io/ace/2024/04/22/ACE-Otel.html |
|||
|
|
|||
|
| ABOUT | APICONNECT | API | DATAPOWER | OPENSHIFT | EVENTSTREAMS | INTEGRATION | DAY2-OPS | ACE |
