Platform Engineering

We regularly write about our technical experiences (good and bad) and what we're learning from the market.

    Tags

    Validating RSA JWT Tokens with Azure API Management

    Posted by Sujay Athavale on 31 July 2020

    Azure, Azure API Management, security, OAuth 2.0, api policy, RSA, RS256, JWT

    TL;DR

    In this post, I highlight recently enhanced capabilities of the Validate JWT policy in Azure API Management and the specific gap that addresses for customers. I also provide related recommendations, tips and policy samples, which are not as yet available in Microsoft documentation.

    Validate JWT policy

    The ...

    Continue reading

    Keeping Secrets Secret in Azure Web Apps

    Posted by Tim Nicol on 12 May 2020

    App Services, CICD, Microsoft Azure, security, Azure Key Vault, Azure Pipelines, Azure DevOps, Azure Web Apps

    As an Azure developer that specialises in building integration solutions using the Azure Cloud Platform, I typically work to provide integrated connectivity and functionality between enterprise systems.  This can include existing on-premises systems (including legacy) as well as more contemporary workloads that run in...

    Continue reading

    LDAP Security in Mule

    Posted by Devendra Khanolkar on 26 February 2015

    tech, mule, ldap, security

    On a recent client engagement we adopted SOAP over HTTP as our preferred communication channel for Web Service consumers. Since the transport protocol was HTTP, our next requirement was to setup HTTP Basic Authentication and role-based authorization. We tend to prefer simpler transport-level authentication over...

    Continue reading