Securing Microservice APIs

Sustainable and Scalable Access Control O'Reilly eBook

There are several techniques for controlling access to web APIs in microservice architectures, ranging from network controls to cryptographic methods and platform-based capabilities. This short ebook introduces an API access control model that you can implement on a single platform or across multiple platforms to provide cohesive security across your network of microservices.

Download this complimentary eBook now to learn about:

  • A platform-neutral overview of the microservices landscape
  • Current network-, trust-, and platform-based security technologies and solutions that apply to microservice APIs
  • The proposed DHARMA cross-platform model for securing microservice API access control
  • The future of microservices


Get your copy

Thanks for your request !

Text goes here

announcement bar if needed


Approaches to Building Microservices

Every microservices initiative should begin with an analysis of the current and desired architecture, processes and culture. Among other discoveries, this analysis will reveal what application monoliths can be broken down into microservices or which independent services can be created for new applications. The current state and preferred strategy of adoption can suggest different methodologies for microservice development. One of the advantages of using a low-code platform like CA Live API Creator to build your microservices architecture is that it directly enables various approaches to development.

A data-first approach to building microservices is most suitable if there is a legacy data source and a new application is needed around it. For instance, you could decompose an existing monolith by extracting some independent portion of the underlying data and providing a microservices-driven data access layer, or you could create a novel data-as-a-service offering providing immediate value to silos of existing data.

An app-first approach to building microservices starts with an idea of a bounded context in which to build a microservice. In a point-and-click application-level UI, developers can design a new model with vocabulary and relationships customized to a specific domain. CA Live API Creator builds the database on the fly, constructs the data model based on the application designed, and automatically creates the APIs necessary to support it. This is a good top-down approach to building complete microservices (or just plain APIs) without requiring deep database skills.

A model-first approach to building microservices helps transition from resource model metadata to a complete, running microservice exposed through APIs. CA Live API Creator builds the underlying database and resulting APIs from a simple, human-readable and writeable JSON document; existing Swagger metadata can be converted as well. The whole process with CA Live API Creator is a couple of clicks or API/CLI calls away.

A code-first approach to building microservices starts without a database, or builds very quickly on a simple database-backed framework, to write arbitrary microservice code. CA Live API Creator provides rich developer tooling, including a powerful JavaScript runtime engine, access to a full Java® stack, inline code editors with code completion, helper libraries to turn complicated tasks like message format transformation or API callouts into a single line operation, and an inline debugger that lets you set breakpoints and step through the code execution a line at a time, seeing the current value of variables as you go. For microservices implementing “function-as-a-service”–type scenarios, this is a fantastic approach.








Solution Zone


Request Your Complimentary Copy

Tell us a bit about yourself and you'll immediately receive a copy of the eBook.
You'll also be kept in the loop on the latest best-practices and insights on APIs and microservices.