Last week, I spoke at the INTEGRATE conference. During my talk, I’ve conducted a survey about Azure API Management. 200 attendees participated in this survey, which leads to interesting insights! You can discover them here.
Last week, I’ve presented at INTEGRATE my 10 favorite tips and tricks for Azure API Management. I want to share them here with you! Automate your backups Dynamically expose your Open API definitions Send API Inspector Traces to Application Insights Hide stack...
Stack traces are a nice gift for hackers, because they reveal details about the underlying technology that you are using. From a security perspective, it is good to remove stack traces when exceptions occur and just return a generic error message, like I described in...
Lately, I had the requirement to access data from the incoming HTTP body, which was form-urlencoded (Content-Type: application/x-www-form-urlencoded). I assumed this was something simple to do, however it turned out more complex than expected. HttpUtility? My first...
Azure API Management’s default security mechanism is built on top of subscriptions. Whilst this is a very simple way to protect your APIs, it’s often not secure enough. Many scenarios require the APIs to be protected with OAuth2, which is perfectly...
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.