Platform Engineering

We regularly write about our technical experiences (good and bad) and what we're learning from the market.

    Tags

    Validating RSA JWT Tokens with Azure API Management

    Posted by Sujay Athavale on 31 July 2020

    Azure, Azure API Management, security, OAuth 2.0, api policy, RSA, RS256, JWT

    TL;DR

    In this post, I highlight recently enhanced capabilities of the Validate JWT policy in Azure API Management and the specific gap that addresses for customers. I also provide related recommendations, tips and policy samples, which are not as yet available in Microsoft documentation.

    Validate JWT policy

    The ...

    Continue reading

    OAuth for your Business Group in Anypoint Platform

    Posted by John Kim on 03 September 2019

    APIs, mule, anypoint, OAuth 2.0, api policy, okta, cloudhub, openid, business groups

    OAuth 2.0 is a common way to secure your APIs. In Anypoint Platform, you can configure OpenID Connect (OIDC) client management in the External Identity section to use an external identity provider for authentications. (MuleSoft has an article that explains this in detail).

    However, it is only possible to set this at...

    Continue reading