In this two-post series, I’ve addressed most of 16 different practices to secure APIs with Apache APISIX.
-
API Versioning
In this short article, we detail the three options for versioning HTTP APIs: path-based, query-based, and header-based.
-
Chopping the monolith in a smarter way
Instead of forking the call on the client side, we fork the call on the Gateway side.
-
System Architecture: Move Authentication to the API Gateway
When exposing an application to the outside world, consider a Reverse-Proxy or an API Gateway to protect it from attacks.
-
Managing Data Residency: Concepts & Theory
Take a look at data residency and design a draft architecture to implement it. In the next article, we will delve into the technical details.
-
A Poor Man’s API
Creating a full-fledged API requires resources, both time and money. Let’s achieve it without writing a single line of code!
-
Backend-for-Frontend: The Demo
Let’s use a very simple e-commerce use-case to demo how to implement the Backend-for-Frontend with and without the help of Apache APISIX.
-
Write Your Own Service Discovery Client for Apache APISIX
Most modern infrastructures are dynamic – servers are cattle, not pets. In this article, I describe how to implement a dynamic node registry based on a YAML file.
-
Discussing Backend For Front-end
The idea behind BFF is to move logic from each microservice to a dedicated deployable endpoint.
-
How to Secure Your Web Apps With An API Gateway
When header values depend on the underlying web app, we need to reload the configuration without downtime and Continuous Deployment pipeline integration.