Nowadays, SOA architecture is a key basis for any successful integration. Many organizations have opened their gates to allow secure online B2B integration using Rest/SOAP APIs. Millions of transaction are executed each day. API Management solutions make the integration set up part much easier by providing potential partners controlled access to the core API reference. API performance plays crucial role and should be planned already in the design time. Cache is one of the common uses cases that could drastically improve the overall performance. This post will describe how to implement internal DataPower cache to manage and store access tokens.
For this use case let's assume we are integrating with an external partner to invoke a Business API. The API is secured and for each invocation we should provide a Bearer authorization header carrying an OAuth access token. To obtain the access token the partner provides an additional API. An example of a simple, but not necessarily optimized, API design could look like that:
This could be easily achieved by using the DataPower Global Variables as these variables persist beyond the scope of request-response processing. However, keep in mind that use of global variables may introduce unexpected problems as it is not thread safe, there is always a risk of a memory leak, and if used incorrectly can cause DataPower restart.
References
IBM Knowledge Center - DataPower variables
No comments:
Post a Comment