September 14th, 2012

WebSockets Tech Talk

Written by
 

Ronnie Mitra WebSockets Tech TalkWe aim to keep our Tech Talks relevant and interesting for our viewers. We simply want to provide an open forum to discuss and ask questions about key issues around API Management. So, in keeping with that spirit, our next subject for discussion will be Websockets and the excitement surrounding HTML5′s support for the WebSocket protocol. And I’m excited to have Layer 7 API Architect Ronnie Mitra as my guest for this highly-topical Tech Talk.

The hype around the WebSocket standard, which enables a type of bi-directional, socket-based communication not possible with conventional HTTP, has been steadily increasing over the last two years. As adoption of  WebSockets technology increases, API architects need to understand how they can use the protocol to build great APIs for mobile and Web applications.

In this Tech Talk, Ronnie will be discussing:

  • The ins and outs of the WebSocket protocol
  • The relationship between HTTP-based APIs and WebSockets
  • Use cases that are a great fit for the WebSocket standard
  • The challenges of securing a WebSockets connection

Of course, the discussion won’t be limited to just these topics. We also welcome any and all of your questions and comments. In fact, without them the spirit of Tech Talk Tuesday would cease to exist. So please start formulating your questions or comments and be sure to add the date to your calendar.

How to Attend
So be sure you click Add to Calendar in order to get the event details and a reminder on the day.

On the day of the event, join on Livestream or Facebook:

To submit questions:

And here are the full event details:

  • Tech Talk Tuesday: WebSockets
    Tuesday September 18
    9am PDT | 12pm EDT | 5pm BST
    Add to Calendar
August 30th, 2012

Tech Talk, September 4: Publishing Cloud APIs

Publishing Cloud APIsMore and more businesses are moving applications and data to cloud-based infrastructure. The integration models and vendor offerings that facilitate this are pretty diverse (SaaS, IaaS, PaaS, vCloud, AWS, OpenStack… ) but there is a common thread – the need for APIs with which these services can be managed and maintained.

The importance of APIs continues once the infrastructure is in place. Applications in the cloud can expose their own APIs, opening data access to partners, mobile devices or other cloud technologies. This raises questions around how enterprises can effectively leverage cloud APIs while addressing the security and management concerns that will inevitably arise.

I’ll be discussing some of these concerns when I take part in Layer 7’s latest Tech Talk on Tuesday September 4 at 9am PDT/12pm EDT/5pm BST. The subject matter will be Publishing Cloud APIs and – like all our Tech Talks – this interactive Q&A will be broadcast live on the Layer 7 Facebook page and via Livestream.

Here’s how you can join the conversation:

Feel free to ask questions around:

  • Securely exposing APIs from a cloud-based solution
  • Orchestrating APIs for value-added interfaces
  • Enforcing access control and threat protection across hybrid cloud environments

I’m looking forward to chatting with you. Don’t forget to add the Tech Talk to your calendar. See you on Tuesday!

 

August 17th, 2012

Building a Developer Ecosystem: Live Tech Talk, August 21 – 9am PDT | 12pm EDT

Alex Gaber Tech TalkOnce again, it’s time to get ready for Tech Talk Tuesday here at Layer 7. I’m getting excited about this latest one – Building a Developer Ecosystem – for a couple of reasons.

Firstly, I’m excited to be working with our new API Evangelist, Alex Gaber. He has a wealth of experience working with developer communities and he’s ready to answer questions and discuss strategies around developer community building. When it comes to this sort of thing,  Alex is the man. In fact, this weekend he’s onsite at Hack Denver, helping API publishers with their open APIs.

Secondly, I think it’s going to be a great chance for our API publishing audience to learn some really valuable lessons that may help them develop new business partnerships and revenue streams. And we’ll ride the momentum of our last Tech Talk, which had great attendance and – most importantly – excellent contributions from the audience.

Our aim with these Tech Talks is to create an informal channel for engaging with API experts in a live, interactive way. With that in mind, start thinking about any questions you might want to ask Alex, be sure to add Building a Developer Ecosystem to your calendar and join us on August 21 for another great Tech Talk.

On the day of the event, join on Livestream or Facebook:
»  livestream.com/layer7live
»  facebook.com/layer7

Tech Talk Tuesday: Building a Developer Ecosystem
Tuesday, August 21
9am PDT | 12pm EDT | 5pm BST

Submit your questions:
Tweet using the tag #Layer7Live
Email techtalk@layer7.com
Check-in & Chat through Facebook

August 9th, 2012

OAuth World Tour

OAuth World TourSteve and I had another great Tech Talk in Vancouver this week, discussing the recent controversy around OAuth 2.0 and the state of the standard in general. A couple of questions that came up (thank you Michael and David, among others) were around the availability of libraries for iOS and Android platforms.

Although I’m not as familiar with Android, there definitely seems to be a lack of tooling for enabling OAuth 2.0 on iOS today. The lack of client-side libraries for standards-based access control on mobile devices generally could be problematic for API adoption in the enterprise, as mobile applications represent one of the main targets for enterprise APIs.

Facilitating OAuth on mobile applications is going to be central to my presentation at next week’s Chicago Mobile Meetup where I’ve been invited to speak. At the meetup, we’ll be describing client-side OAuth tooling patterns, exchanging our ideas about different approaches and discussing some code samples.

From there, I will be making my way to Australia for an API Management Breakfast Seminar in Melbourne, where I’ll be talking about API Management in general but also covering the latest in OAuth 2.0 solutions. Finally, I’ll be moving on to the Gartner AADI Summit in Sydney, where Layer 7 will be at booth S6.

August 6th, 2012

To OAuth or Not to OAuth? That is the Question – The Long Road to Standardization for OAuth 2.0

Written by
 

Tech Talk with Francois LascellesTo OAuth or not to OAuth? That seems to be the question many in the API business must ask themselves now that OAuth has moved closer to becoming a standard for authentication. OAuth 2.0 reached a major milestone this week on the road to becoming a standard, when the Internet Engineering Task Force (IETF) approved a draft of OAuth version 2.0. Layer 7′s Chief Architect Francois Lascelles says: “This milestone solidifies the OAuth 2.0 claim of being a standard.”

But OAuth’s journey towards becoming a standard hasn’t been completely smooth. Last week, the original editor of the OAuth 2.0 specification and author of OAuth 1.0, Eran Hammer, resigned and removed his name from the specifications. Layer 7′s own CTO, Scott Morrison, offered his support for the specification in a blog post titled Why I Still Like OAuth, in which he stated: “In the end, OAuth is something we all need and this is why this specification remains important. The genius of OAuth is that it empowers people to perform delegated authorization on their own, without the involvement of a cabal of security admins. And this is something that is really quite profound.”

Still, obvious questions remain: Is OAuth 2.0 a solid protocol for authentication? Should I stop building security architecture around such a tainted specification? What other means are there for authentication if OAuth has become too focused on the enterprise? Francois Lascelles will address these questions as well as discussing and commenting on the recent OAuth 2.0 draft approval during our next live Tech Talk, on August 7. Make sure you add this Tech Talk to your calendar, if you want to get the event details and a reminder on the day.

On the day of the event, join on Livestream or Facebook:

And if you’d like to submit some questions: