Book Image

Oracle API Management 12c Implementation

Book Image

Oracle API Management 12c Implementation

Overview of this book

Table of Contents (19 chapters)
Oracle API Management 12c Implementation
Credits
Foreword
About the Author
Acknowledgments
About the Author
About the Author
Acknowledgments
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Implementing OAG


The first step when opening up functionality to partners via APIs was to identify which business services were to be externalized. Once done, subsequent steps were required to apply suitable Web Service Manager (WSM) policies and API Gateway policies to satisfy first-line and second-line defense security requirements. This was achieved as follows:

  • Identify which business services are the candidates to be exposed as an API

  • Work jointly with the security team to define a set of policies to be applied to these APIs, both first line and second line of defense:

    • Authentication: where to authenticate the external users?

    • Authorization: once they are authenticated, authorize users to determine access rights to an API?

    • Service-level agreements: define whether the services should be highly available and define any time restrictions on usage?

    • Specify if the identity of the consumer needs to be propagated throughout the chain of execution?

  • Identify suitable integrity and configuration mechanisms...