Cloud & Engineering

We regularly write about our technical experiences (good and bad) and what we're learning from the market.

  • There are no suggestions because the search field is empty.

Tags

Validating RSA JWT Tokens with Azure API Management

Posted by Sujay Athavale on 31 July 2020

Azure, Azure API Management, security, OAuth 2.0, api policy, RSA, RS256, JWT

TL;DR

In this post, I highlight recently enhanced capabilities of the Validate JWT policy in Azure API Management and the specific gap that addresses for customers. I also provide related recommendations, tips and policy samples, which are not as yet available in Microsoft documentation.

Validate JWT policy

The ...

Continue reading

OAuth for your Business Group in Anypoint Platform

Posted by John Kim on 03 September 2019

APIs, mule, anypoint, OAuth 2.0, api policy, okta, cloudhub, openid, business groups

OAuth 2.0 is a common way to secure your APIs. In Anypoint Platform, you can configure OpenID Connect (OIDC) client management in the External Identity section to use an external identity provider for authentications. (MuleSoft has an article that explains this in detail).

However, it is only possible to set this at...

Continue reading