Book Image

Implementing Oracle API Platform Cloud Service

By : Andrew Bell, Sander Rensen, Luis Weir, Phil Wilkins
Book Image

Implementing Oracle API Platform Cloud Service

By: Andrew Bell, Sander Rensen, Luis Weir, Phil Wilkins

Overview of this book

Implementing Oracle API Platform Cloud Service moves from theory to practice using the newest Oracle API management platform. This critical new platform for Oracle developers allows you to interface the complex array of services your clients expect in the modern world. First, you'll learn about Oracle’s new platform and get an overview of it, then you'll see a use case showing the functionality and use of this new platform for Oracle customers. Next, you’ll see the power of Apiary and begin designing your own APIs. From there, you’ll build and run microservices and set up the Oracle API gateways. Moving on, you’ll discover how to customize the developer portal and publish your own APIs. You’ll spend time looking at configuration management on the new platform, and implementing the Oauth 2.0 policy, as well as custom policies. The latest finance modules from Oracle will be examined, with some of the third party alternatives in sight as well. This broad-scoped book completes your journey with a clear examination of how to transition APIs from Oracle API Management 12c to the new Oracle API Platform, so that you can step into the future confidently.
Table of Contents (12 chapters)

Why provide Groovy for logging?

The availability of a limited use of Groovy (the limitations will become clear shortly) is necessary as when it comes to logging and recording of API message content several considerations need to be accounted for, particularly:

  • The payloads for an API maybe large but only a small part of the content needs to be logged, remembering writing contents to disk is a lot slower than the cost of executing logic to reduce what needs to be written to logs.
  • API payloads may contain sensitive data (for example, personal data, passwords, and so on) which should not be included into log files as the log files are written in plain text and not encrypted in their standard configuration. For example, if the API is handling credit card transactions, logging the card information would conflict with the Payment Card Industry (PCI) rules.
The full rules for PCI compliance...