| API CONNECT | |
 | Secure Your APIs: Seamless HashiCorp Vault Integration with IBM API Connect Custom Policy |
Stop hardcoding secrets in your APIs! Learn how to build a reusable custom policy that seamlessly integrates HashiCorp Vault with IBM API Connect, transforming complex authentication and secret retrieval into a single, elegant policy call. | |
|
|
|
📦 Get the Code: The complete policy code, deployment scripts, and examples are available on GitHub: apiconnect-vault-integration |
|
|
|
|
|
Personal | A Personal Update: Less Travel, More Content, and Life with Little Monsters |
I know some of you have noticed I’ve been publishing less on my blog lately. The reason? Less travel, thanks to these little monsters. 🦖👶 Image description for accessibility: Photo shows a bearded Chris Phillips wearing glasses and a black t-shirt with a iSOA skull design, sitting with his two young blonde daughters. One daughter wears a light blue dress with colorful dinosaur prints, the other wears a light pink dress with unicorn prints. Both children have pacifiers. The setting appears to be a casual restaurant or café with other people visible in the background. Thanks to my darling brother Prof Iain Phillips for the great photo of my little girls.
|
|
|
|
|
| JEKYLL | |
 | Upgrading a Jekyll Blog: Managing Ruby Versions and Dependencies |
| Guest Post by Chris Phillips | |
I’ll be the first to admit it: I wasn’t practicing what I preach. For someone who regularly writes about best practices, and keeping systems up to date, I had let my own Jekyll blog fall embarrassingly behind. My Jekyll version was ancient, my Ruby dependencies were outdated, and I had been ignoring the problem for far too long. | |
|
|
|
This is terrible. Not just because outdated software can have security vulnerabilities, but because it goes against everything I advocate for in my professional work. If I’m going to write about proper software maintenance and infrastructure management, I need to walk the walk. So today, I decided enough was enough and (with a daughter asleep on top of me) it was time to update my blog’s Jekyll installation and get everything current. What followed was a journey through Ruby version management, dependency resolution, and the occasional head-scratching moment that reminded me why keeping things updated regularly is so much easier than letting them fall behind. Here’s what I learned (well, re-learned) during the process. |
|
|
|
|
| DEVOPS | |
|
DevOps | Terraform: An Excellent Infrastructure Tool, But Not for API Deployments |
| Guest Post by Chris Phillips James Hewitt | |
Terraform is an excellent tool for managing infrastructure. I use it, I recommend it, and I’ve seen it work brilliantly in production environments. However, I’ve also seen teams try to force it into application deployment scenarios where it simply doesn’t belong. This article explains why Terraform should stay in its lane - infrastructure - and why your APIs deserve better. | |
|
|
|
|
|
| MISC | |
|
Misc | Supporting Local Artists: A Custom Family Portrait by Carlos Valarezo |
| Guest Post by | |
It’s that time of year again when we all search for the perfect gifts for our loved ones. I’ve always believed in giving something creative and personal—whether it’s handmade by my kids or commissioned from talented friends and artists. | |
|
|
|
This year, I decided to commission a custom family portrait from Carlos Valarezo, a talented illustrator based in Ecuador. I provided him with a detailed brief and a collection of family photos, and he transformed them into the stunning artwork you see above. |
|
|
|
|
| APPCONNECT | |
 | User Registry Request Nodes, Supported Actions |
| Guest Post by Alamelu Nagarajan Chris Phillips | |
Recently I have been working with IBM AppConnect Designer in Software and the connectors for LDAP and Active Directory. There are three connectors that need to be considered here
|
|
|
|
|
| API CONNECT | |
|
| Client Credentials Rotation in IBM APIC |
| Guest Post by Amit Kumar Singh | |
Client credentials in IBM API Connect (APIC) are used for authentication and authorization for applications which need to access protected APIs. There are two main types of client credentials: Client ID: A unique identifier for the client application or service. Client Secret: A secret key known only to the client and the API Connect gateway. It is used to ensure that only authorized clients can access protected APIs and resources. The client credentials created within IBM APIC does not have any expiry time but recently we are seeing many customers looking for these client credentials to get expired in certain number of days specified with a new one in place from security perspective. There is no out of box feature as of now in IBM APIC for this but it can be achieved using platform Rest APIs provided by APIC. You can automate the client credentials rotation using the Rest APIs available. Note: When you have rotated client id and secrets you must ensure your application calling the apis also has the credentials updated |
|
|
|
|
|
MQ | MQ Get the last GET and PUT Datetime |
| Guest Post by Alamelu Nagarajan Chris Phillips | |
One of my customers was writing a script to detect when the last message was got from an MQ QUEUE. |
|
|
|
|
|
| ABOUT | APICONNECT | API | DATAPOWER | OPENSHIFT | EVENTSTREAMS | INTEGRATION | DAY2-OPS | ACE |
