API Gateway SSL configuration in Production

Introduction This blog provides steps to configure SSL certificate in Oracle API Gateway node’s trust store. It becomes necessary when API gateway in installed in “production” mode. Without SSL certificate you won’t able to deploy an API to gateway node, because in production mode gateway must communicate with APIP management tier over SSL. Another use-case […]

API Platform Service Callouts using a Groovy Policy

Purpose The purpose of this post is to demonstrate through a practical example how a Developer might enrich an API payload using a Service Callout from within a Groovy Policy.   Background Since the release of Oracle API Platform v17.2.5, there has been a standard Policy entitled Service Callout 2.0 (version 1.0 having been deprecated […]

API Platform Custom Host Name and Certificate

Once you have provisioned an Oracle API Platform CS instance, one of the first things you will notice is the access to the various consoles are done via Public IP addresses:   Another issue you will come across is that the certificate used for the instance is “Not Secure”, and therefore HTTPS is disabled due […]

Continuous Integration with Apiary, Dredd, and Wercker

There are many tools in the market to design, develop, and test API’s. Some of these tools could be used separately. Some others could be combined. Every time a change is introduced in the design or implementation of an API, it would be nice to have tests and builds run automatically. Continuous Integration (CI) is a software […]

Setup Oracle API Gateway on OCI-Classic in Oracle Public Cloud

This blog provides steps to get Oracle API Gateway up and running on Oracle cloud- OCI Classic VM We will see following steps: 1. Create compute instance on Oracle Cloud Infrastructure Classic (OCI-classic) 2. Create Logical gateway in API management console and Assign grants to add nodes 3. Connect OCI-classic instance using SSH and copy […]

Setting Up Certificates in the API Platform Gateway using SSLCertUtility

Introduction Establishing secure connections between API boundaries is something that most companies (if not all) will be concerned about during the implementation of API-based projects. This is important whether if you are exposing APIs for consumption or if you are invoking existing APIs. In order to establish secure connections, SSL certificates are the most well known practice used […]

Decoding JWT using the API Platform Groovy Policy

Introduction With the explosion of APIs; most of the today’s computing challenges are being driven by it and therefore, new standards had to emerge to make sure that APIs can be used securely, while allowing developers to avoid having to reinvent the wheel every time they implement aspects such as authorization. One good example is […]

Everything you Should Know about the API Platform Groovy Policy

Introduction Developers using the API Platform Cloud Service often make use of the built-in policies that comes with the platform; to implement any logic that needs to be executed before delivering the actual message to the backend service. One common policy used is the Groovy policy, which allows API developers to write Groovy scripts that […]