Scenario: you have a web & mobile front-end, both using a REST API as a back-end. You want to secure that back-end with authentication / authorization. How do you do that in Azure? There are obviously a bunch of ways to do that. In this post, I’ll discuss the recommended approach: using Azure Active Directory. … More Securing REST API using Azure Active Directory
If you had any doubts about the increased pace in IT innovation, look at Docker Containers. The project was open sources in March 2013 as a container technology for Linux and 1.5 years later, in Octobre 2014, Microsoft announced they were integrating that technology on Windows Server 2016! That’s 1.5 years from toe in the … More Docker Containers on Windows Server
I’ve introduced WordPress REST API Nuget package in my last blog post. It’s an SDK to access WordPress REST API. Today, I’ve open sourced it on Codeplex. You can visit it on https://wordpressrestapi.codeplex.com/. If you want to collaborate to increase the API surface covered, do not hesitate to ping me!
I use WordPress.com as my blog platform. It hosts the WordPress CMS software and adds a few goodies. I was curious about their API after noticing that my Blog App (Windows Live Writer) tended to create duplicate of pictures, leaving lots of unused assets in my Media library. This really is a personal pet peeve … More Nuget Wordpress REST API – Authentication
I recently read an article from Bill Appleton of Dream Factory with the provocative title SOA is not a Mobile Backend. It raised quite a few good points that were in the back of my mind for more than a year. Basically, what is the difference between SOA and API? To an extent it is … More SOA vs Mobile APIs
Has somebody been peeking on my X-mas list? Indeed, one of the weakness of the current Azure Paas solution I pointed out last year was that on non-trivial solutions you end up with plenty of secrets (e.g. user-name / password, SAS, account keys, etc.) stored insecurely in your web.config (or similar store). I was suggesting, … More Azure Key Vault
Ronnie Mitra published a nice review of the current security protocols & standards available to you to protect your API. Ronnie gives a good overview of what used to be available, in SOAP WS-*, what is currently available (HTTPS, OAuth and the like) and what is brewing for the future (Oz & Macaroons).