Developing Custom Policies to Secure Your Enterprise APIsJamie WilliamsSenior Software EngineerCA Technologies

DO3X47EV

DEVOPS

3 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD

© 2016 CA. All rights reserved. All trademarks referenced herein belong to their respective companies.

The content provided in this CA World 2016 presentation is intended for informational purposes only and does not form any type of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA.

For Informational Purposes Only Terms of this Presentation

4 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD

Abstract

In this session on CA API Gateway we'll focus on basic policy creation and demonstrate the ease with which enterprise APIs can be secured.

We will also spend some time on policy performance factors, troubleshooting, and understanding points of failure when securing APIs.

Jamie WilliamsCA TechnologiesSenior Software Engineer

5 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD

Agenda

INTRODUCTION TO SERVICES, POLICIES, AND ASSERTIONS

SECURING YOUR API

PERFORMANCE CONSIDERATIONS

TROUBLESHOOTING

1

2

3

4

6 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD

Introduction to Services, Policies, and Assertions

A Service is a logical construct that represents the sum of the API calls the client side can call to access the service that the Gateway is protecting

Every service has a policy that implements an individual flow of data between the client and the back-end service

Assertions are the building blocks of policy that determine the authentication method, identity credentials, transport method, and routing method for the service

7 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD

Live Demo

8 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD

Recommended Sessions

SESSION # TITLE DATE/TIME

DO3X49E CA API Gateway: Managing and migrating Gateway policies with the Gateway Migration Utility 11/14/2016 at 11:00 am

DO3X52E CA Mobile App Services: Build the Powerful Mobile App Every Enterprise Needs in Under an Hour 11/14/2016 at 1:00 pm

DO3X51E Workshop on Policy Creation, Management and Support for OAuth and OIDC in CA Mobile API Gateway 11/14/2016 at 2:00 pm

9 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD

Questions?

10 © 2016 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD

Thank you.

Stay connected at communities.ca.com

@CAWORLD #CAWORLD © 2016 CA. All RIGHTS RESERVED.11 @CAWORLD #CAWORLD

DevOps – API Management and Application Development

For more information on DevOps – API Management and Application Development, please visit: http://cainc.to/DL8ozQ