August 17th, 2012

Building a Developer Ecosystem: Live Tech Talk, August 21 – 9am PDT | 12pm EDT

Alex Gaber Tech TalkOnce again, it’s time to get ready for Tech Talk Tuesday here at Layer 7. I’m getting excited about this latest one – Building a Developer Ecosystem – for a couple of reasons.

Firstly, I’m excited to be working with our new API Evangelist, Alex Gaber. He has a wealth of experience working with developer communities and he’s ready to answer questions and discuss strategies around developer community building. When it comes to this sort of thing,  Alex is the man. In fact, this weekend he’s onsite at Hack Denver, helping API publishers with their open APIs.

Secondly, I think it’s going to be a great chance for our API publishing audience to learn some really valuable lessons that may help them develop new business partnerships and revenue streams. And we’ll ride the momentum of our last Tech Talk, which had great attendance and – most importantly – excellent contributions from the audience.

Our aim with these Tech Talks is to create an informal channel for engaging with API experts in a live, interactive way. With that in mind, start thinking about any questions you might want to ask Alex, be sure to add Building a Developer Ecosystem to your calendar and join us on August 21 for another great Tech Talk.

On the day of the event, join on Livestream or Facebook:
»  livestream.com/layer7live
»  facebook.com/layer7

Tech Talk Tuesday: Building a Developer Ecosystem
Tuesday, August 21
9am PDT | 12pm EDT | 5pm BST

Submit your questions:
Tweet using the tag #Layer7Live
Email techtalk@layer7.com
Check-in & Chat through Facebook

August 9th, 2012

OAuth World Tour

OAuth World TourSteve and I had another great Tech Talk in Vancouver this week, discussing the recent controversy around OAuth 2.0 and the state of the standard in general. A couple of questions that came up (thank you Michael and David, among others) were around the availability of libraries for iOS and Android platforms.

Although I’m not as familiar with Android, there definitely seems to be a lack of tooling for enabling OAuth 2.0 on iOS today. The lack of client-side libraries for standards-based access control on mobile devices generally could be problematic for API adoption in the enterprise, as mobile applications represent one of the main targets for enterprise APIs.

Facilitating OAuth on mobile applications is going to be central to my presentation at next week’s Chicago Mobile Meetup where I’ve been invited to speak. At the meetup, we’ll be describing client-side OAuth tooling patterns, exchanging our ideas about different approaches and discussing some code samples.

From there, I will be making my way to Australia for an API Management Breakfast Seminar in Melbourne, where I’ll be talking about API Management in general but also covering the latest in OAuth 2.0 solutions. Finally, I’ll be moving on to the Gartner AADI Summit in Sydney, where Layer 7 will be at booth S6.

August 6th, 2012

To OAuth or Not to OAuth? That is the Question – The Long Road to Standardization for OAuth 2.0

Written by
 

Tech Talk with Francois LascellesTo OAuth or not to OAuth? That seems to be the question many in the API business must ask themselves now that OAuth has moved closer to becoming a standard for authentication. OAuth 2.0 reached a major milestone this week on the road to becoming a standard, when the Internet Engineering Task Force (IETF) approved a draft of OAuth version 2.0. Layer 7′s Chief Architect Francois Lascelles says: “This milestone solidifies the OAuth 2.0 claim of being a standard.”

But OAuth’s journey towards becoming a standard hasn’t been completely smooth. Last week, the original editor of the OAuth 2.0 specification and author of OAuth 1.0, Eran Hammer, resigned and removed his name from the specifications. Layer 7′s own CTO, Scott Morrison, offered his support for the specification in a blog post titled Why I Still Like OAuth, in which he stated: “In the end, OAuth is something we all need and this is why this specification remains important. The genius of OAuth is that it empowers people to perform delegated authorization on their own, without the involvement of a cabal of security admins. And this is something that is really quite profound.”

Still, obvious questions remain: Is OAuth 2.0 a solid protocol for authentication? Should I stop building security architecture around such a tainted specification? What other means are there for authentication if OAuth has become too focused on the enterprise? Francois Lascelles will address these questions as well as discussing and commenting on the recent OAuth 2.0 draft approval during our next live Tech Talk, on August 7. Make sure you add this Tech Talk to your calendar, if you want to get the event details and a reminder on the day.

On the day of the event, join on Livestream or Facebook:

And if you’d like to submit some questions:

July 19th, 2012

Hypermedia APIs – Tech Talk Tuesday July 24 Featuring Mike Amundsen

Mike Amundsen Tech TalkOur recent Tech Talk discussing OpenID Connect was great. We had some pre-questions sent in via email, lots of live questions through the stream and some great questions through our twitter hashtag #Layer7Live.  We’re going to pick up on the momentum of that last Tech Talk and continue on with our next interactive API-focused discussion on July 24 at 9am PDT.

We’re very excited to be welcoming Mike Amundsen, Layer 7′s Principal API Architect, back to the Tech Talk studio. He’s ready to take on questions and discuss hypermedia APIs, a subject he literally wrote the book on.

  • What makes a hypermedia API different from other API types?
  • How is designing one different from designing any other form of API?
  • What are the benefits or complications for the publisher and the developer?

These are just a few of the questions that arise when thinking about designing hypermedia APIs. Now’s the time to get your thinking caps on and start formulating the questions you want to ask Mike on his specialist subject.

Make sure you click Add to Calendar to get the full event details and a reminder on the day.

On the day of the event, join on Livestream or Facebook:
»  livestream.com/layer7live
»  facebook.com/layer7

Submit your questions:

July 6th, 2012

OpenID Connect: Live Tech Talk July 10 9am PDT

OpenID ConnectOur Tech Talks strive to focus on the most interesting and relevant API Management topics for both developers and publishers. And as new and evolving protocols emerge, we want to provide a forum for developers and publishers alike to discuss these protocols in an open discussion forum. So with that in mind, our next Tech Talk will focus on OpenID Connect.

OpenID Connect is an emerging standard that adds federated authentication to OAuth 2.0-enabled systems. It’s a suite of lightweight specifications that provide a framework for identity interactions via RESTful APIs. And in its simplest deployment, OpenID Connect allows all types of clients including browser-based, mobile and javascript to request and receive information about identities and currently authenticated sessions.

So, it’s a relatively simple protocol that helps make authenticating complicated scenarios easier. And let’s be honest – simple and easy are always welcome when it comes to securing RESTful APIs. Authorization and authentication are now available using only one technology. This makes life easier for anyone looking to secure their APIs.

But of course, questions always arise when discussing the various implementation scenarios for OpenID Connect. That’s why we’re excited to welcome Senior Software Developer Sascha Preibisch as our special guest for our July 10 Tech Talk Tuesday. He will answer any OpenID Connect questions you may have – so get those questions ready and join us on July 10 at 9am PDT.

Here’s how to join the discussion:

Click here to get a reminder in your calendar.

On the day of the event, join on Livestream or Facebook:
»  livestream.com/layer7live
»  facebook.com/layer7

Tuesday, July 10 | 9am PDT | 12pm EDT | 5pm BST

Submit your questions:
Tweet using the tag #Layer7Live
Email techtalk@layer7.com
Check in & Chat through Facebook