VP Innovation at Axway, Co-founder at Vordel

Mark O'Neill

Subscribe to Mark O'Neill: eMailAlertsEmail Alerts
Get Mark O'Neill via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Mark O'Neill

All Around the World - API Workshops for OAuth, Mobile, REST Here at Axway, we regularly run API Workshops worldwide which bring together API practitioners in discussion, debate, and exposure to technologies such as OAuth 2.0, API developer portal design, and identity. And when we say "worldwide", we mean worldwide. To illustrate this, my colleague Philipp Schöne has created an interactive map on CartoDB of the API Workshops over the past year, with photos of each. All that's missing is a backing track of Daft Punk's "Around the World" :) Each API Workshop has been eventful in its own way, and for example I recall the spirited debate on SOA and API Management, led by Kevin Kohut from Accenture and Randy Heffner from Forrester, at our API Workshop in Phoenix in September. Here are other highlights I'd pick out: Open Bank Project covering their vision for APIs for banking a... (more)

Getting started with the Vordel Gateway

My colleague Ian Marsh has written some really useful blog posts about how to get started with the Vordel Gateway , including the ubiquitous "Hello World" and then some really useful pointers to how to create policies inside the Gateway. Definitely useful and worth following Ian over at http://enterprisegateway.wordpress.com/ ... (more)

Rise of the Thing - Internet of Things

Here are some predictions for the API space for 2014: Rise of the Client It's generally agreed that an API is only as good as the clients which use it. An unused API is a failure. So that's why it's odd that so much attention has focused on the server side of APIs, with comparatively little attention paid to the client side (there are exceptions though, like Runscope's handy Request Editor and hurl.it, to help developer API clients). If you ask an API provider about how their API is going to be called by clients, often you are met with a hand-wavy answer along the lines of "It's RE... (more)

Using Token Translation and SAML to Link Domains Together

SOA in the Cloud on Ulitzer Token translation using SAML is now quite an established way to allow applications in one security domain to communicate with applications in another security domain, on behalf of a user whole identity does not have to also flow with the data. For more info go to Vordel's government page and then click on "Secure Cross-Domain". Can a similar architecture be used for SOA-to-Cloud and "inter-cloud" scenarios? The answer is "yes - watch this space...." ... (more)

All the Web’s an API

I've written a "guest view" article for SD Times about the usage of API Keys in Web/Cloud APIs. API keys seem like a simple way to manage access to a Web API, but if the authentication scheme is not secure then they are dangerously simple (or simply dangerous). A key part of Cloud security is effective management of API key based authentication. The article is here: http://www.sdtimes.com/GUEST_VIEW_ALL_THE_WEB_S_AN_API/By_MARK_O_NEILL/About_APIS_and_CLOUDCOMPUTING_and_SECURITY/34049 ... (more)