A founder of a former company said something to me as we closed the doors, “I wish I built a tiered subscription model at the start.” He went on to describe how many companies give up too much capability with their initial release, then when it becomes popular, they can’t grow or easily
We’ve been hearing a lot from our customers lately about the power of using APIs and microservices to expand business and speed time-to-market for new offerings. These new projects are almost always built using many different components and with that have complex security requirements – the
During Gartner’s recent IAM conference, I noticed an emerging conversation around the issues of API usage at the enterprise level. Enterprise adoption of APIs is viewed as an inevitable consequence of the ongoing digital transformation many IT professionals are managing. API stands for
Part 3: Microservices Authorization In-Depth This is a multi-part series of articles describing why and how one can approach applying Externalized Dynamic Authorization to an API and/or microservices architecture that uses OAuth 2.0 flows and/or OpenID Connect (OIDC). Externalized Dynamic
How ABAC works with an API Gateway Many insurance companies use Attribute Based Access Control (ABAC) solutions to enable partners or clients to directly manage their own information within the insurance company’s infrastructure. In this blog we’ll have a closer look at a typical deployment
