Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)
0 likes786 views
The document discusses the enabling of OAuth 2.0 with Sentinet API Management, highlighting its importance in managing APIs amidst the rise of open innovation and new markets. It covers key components and architecture related to API management, emphasizing security, governance, and performance insights. Additionally, it illustrates use cases and authorization flows associated with OAuth 2.0, emphasizing non-invasive integration and protocol mediation.
![JWT: JSON Web Token
{
“typ": "JWT",
"alg": "RS256"
}
{
"aud": "5db8b7cb-c027-43cf-991b-ae399dc883e0",
"iss": "https://sts.windows.net/38179760-91c3-4593-9510-d8d4938527d2/",
"iat": 1444589612,
"nbf": 1444589612,
"exp": 1444593512,
"tid": "38179760-91c3-4593-9510-d8d4938527d2",
"oid": "37f764d3-63f9-492c-ae02-990687aa1c25",
"roles": [ "Editor", "Reader", "Guest“ ],
"sub": "HDTX9yqHzslOUqLbXwlTid-xb1aJwTVMGvzKw7ruDVg"
}
Header
Claims
eyJhbGciOiJIUzI1NiIsIIkpXVCJ9.eyJzdWIiOiIxMjM0NTY3O4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxQ
Header Claims Signature](https://image.slidesharecdn.com/201510coditsentinet46btug-151014131844-lva1-app6891/85/Enable-Oauth2-0-with-Sentinet-API-Management-Massimo-Crippa-BTUG-Event-17-320.jpg)
More Related Content
Similar to Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event) (20)
Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)
- 1. Enable Oauth2.0 with Sentinet API Management
- 2. Enable Oauth2.0 with Sentinet API Management
- 3. Nice to meet you Massimo Crippa Integration Architect at Codit BizTalk D/I Api Management [email protected] codit.eu/blog @mas_que_crippa linkedin.com/in/massimocrippa
- 4. Agenda
- 5. The rise of APIs 0 10000 20000 30000 40000 50000 60000 2007 2008 2009 2010 2011 2012 2013 2014 2015 Number of Public APIs Managed Total APIs ➔ Fueled by mobile, cloud, open & big data, IoT ➔ Public APIs are just the “tip of the iceberg” ➔ Open Innovation and New Markets ➔ Enable Composite Enterprise Approach ➔ Build on Partner Capabilities ➔ APIs are drivers of innovation in the enterprises. APIs are booming and this reflects the importance of their management
- 6. API Management – The Pillars Gets more insights in performance and quality of your solution. Runtime quality. Capability to support traffic peak, avoid to flooding the backend service Scalability API security is one of the biggest concerns for enterprises Security Software quality, versioning, standards, complete life- cycle, drive the adoption Governance Insights
- 7. Concept - Service Broker The service broker deals with the challenges SOA and API consumers Security Scalability Governance Insights
- 8. Nodes / Proxies Software intermediaries Management portal Configure the façade, get insights Management APIs Interoperable web services Repository Persist and durable repository • Configure the virtualization / design your service • Configurations and Policies are stored in the repository • Node(s) poll for configuration changes • Node(s) apply new configuration • At runtime, the Node enforces the design-time decisions • Tracking data is asynchronously transmitted to the repository • Get insights about the performances and quality of the solution API Management components
- 9. Customer case : Before - unmanaged > 300 endpoints various security configuration BizTalk GroupConsumers B2B LOB
- 10. After : Managed via Virtualization 1 security configuration BizTalk GroupConsumers B2B LOB Security Monitoring Governance SLA Discoverable Accessible Sentinet
- 11. Sentinet and BizTalk Server ESB Layer orchestration transformation pub&sub validation HR systemPayroll system security mediation virtualization governance SENTINET Layer SLA extensibility transformation, validation, routing, etc alerting
- 12. Tonight use case: As is Internal app Dev/Test REST http SOAP net.tcp SOAP http
- 13. Tonight use case: To be Internal app Dev/Test http SOAP net.tcp SOAP http Business partner OAuth2.0 net.tcp OAuth2.0 No impact on the current BizTalk implementation No impact on the consumers Protocol enablement
- 14. OAuth 2.0 It’s not for Authentication …and not for Authorization OAuth is a delegation protocol Authorization flows: ➔ Authorization code (native apps) ➔ Implicit (js / SPAs) ➔ Resource owner password credentials (trusted client / applications) ➔ Client credentials (server to server)
- 15. Authorization Code (simplified) Four actors: ➔ Resource owner ➔ Client application ➔ Authorization Server (AAD) ➔ Resource Server (APIs)
- 16. OAuth 2.0 One very important thing The Client knows nothing about the user
- 17. JWT: JSON Web Token { “typ": "JWT", "alg": "RS256" } { "aud": "5db8b7cb-c027-43cf-991b-ae399dc883e0", "iss": "https://sts.windows.net/38179760-91c3-4593-9510-d8d4938527d2/", "iat": 1444589612, "nbf": 1444589612, "exp": 1444593512, "tid": "38179760-91c3-4593-9510-d8d4938527d2", "oid": "37f764d3-63f9-492c-ae02-990687aa1c25", "roles": [ "Editor", "Reader", "Guest“ ], "sub": "HDTX9yqHzslOUqLbXwlTid-xb1aJwTVMGvzKw7ruDVg" } Header Claims eyJhbGciOiJIUzI1NiIsIIkpXVCJ9.eyJzdWIiOiIxMjM0NTY3O4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxQ Header Claims Signature
- 18. OAuth 2.0 with Sentinet Passive authorization mode : • Resource owner • Client credentials Passive authorization mode : • Validate authorization token
- 19. Demo
- 20. Extensibility Runtime msg processing Sentinet features Governance RoutingSecurity Monitoring SLA Management Audit Virtualization Testing Cloud enablement Reporting
- 21. Takeaways ➔ Protocol enablement in a non-invasive way ➔ Protocol mediation SOAP to REST ➔ Integration service is claim-aware ➔ Get insights about performance and quality of our APIs
- 22. Thank you
Editor's Notes
- #19: Passive authorization mode Service side Client side