Chris Phillips’ Blog - API, Integration and Governance

If header logging is enabled all headers are logged into Analytics. However clients usualy do not want to have the client secret stored.

Recently I have had a lot of people asking me about why they are getting an error complaining of a unable to connect or a -1 connection error.

This is often a Cross-Origin Resource Sharing (CORS) error. The role of CORS is to tell the client/browser what is allowed or not allowed on the HTTPs endpoint, it does not do enforcement itself. A client/browser makes an HTTP Options request to the endpoint to find out what it is allowed to do. Providing those headers (below) have been injected into the response this tells the client/browser what it is entitled to do. CORS is not there to add extra protection, it is there rather to provide extra information to the client/browser. Some http libraries such as NodeJS’s request do include an option call prior to the requested call to help enforce this, but it is a client-application decision. If the CORS headers stop the requested operation then a -1 is showing in the error.

A Gateway Service in IBM API Connect is the runtime that sits inside DataPower. DataPower in containers is designed to have a single gateway service, however in other form factors (RPM, VM, Physical) it is simple to add multiple gateway services to provide a logical separation. However just because you can have one gateway service or ten gateway services (No known technical limits) for a single provider org what is the correct way.

Sometimes a client configures multiple provider orgs to share a single Gateway Service and then later on decides to change their mind. However this requires modifying every single API. This script will replace the currently configured gateway service for all APIs in a provider org and replace it with a new gateway service.

Nexus is a third party docker registry that allows users to configure it as a proxy. This means that when a request comes for an image it is downloaded directly and stored in nexus. If you are not wanting to use nexus as a proxy you can follow the instructions here. https://www.ibm.com/docs/es/cpfs?topic=plugin-bastion-host

Someone at Pixar deleted all of Toy Story 2 and the backup hadn't worked for a month, and the only reason we saw that movie was b/c someone on maternity leave had a copy of it on her home computer.

Her name is Galyn Susman and she is now the producer for the new Lightyear movie!

— Chris Albon (@chrisalbon) February 15, 2022

I needed to produce a network policy that would allow egress to a single server (for back ups) but otherwise restricted all egress traffic to staying in the cluster.

I needed to produce a network policy that would allow egress to a single server (for back ups) but otherwise restricted all egress traffic to staying in the cluster.

I get it, you need to find revenue from APIs to justify the investment costs. Every customer I have seen with plans for Public APIs has a dream of monetizing them. However what is the real cost of monetization?