Welcome!

VP Innovation at Axway, Co-founder at Vordel

Mark O'Neill

Subscribe to Mark O'Neill: eMailAlertsEmail Alerts
Get Mark O'Neill via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Mark O'Neill

Andrew Sciberras, the man with the most impressive mustache in Identity (until he shaved it off!), has written a very useful post on how Axway and ViewDS interop together using XACML to enable external authorization for SOA and APIs. The interop announcement, which coincides with the Cloud Identity Summit in Monterrey, speaks about how customers can now leverage ViewDS and Axway together in order to create complex authorization rules. An example of such a rule would be "Only the patient or their doctor can access a medical record, or the patient's parents or guardians if the patient is under 18 years of age". These types of policies are particularly suited to XACML. The overall architecture is shown below: For more info on the interop, check out the info on the Axway website. ... (more)

API Workshops roll on - Detroit / Connected Car - and next stop Munich June 10

Last Tuesday in Detroit, along with IC-Consult, Axway ran an API Workshop in Detroit. Many attendees from the major car companies were present. One of the big conversation topics was Social Login ("Login with Google", etc). This is something which we saw can be implemented using the Axway API Gateway, and in fact the API Gateway can be used to map from a Social Login to a local on-premises Identity and Access Management product like Oracle Access Manager (here's a description of the Google to Oracle OAM mapping in action). That allows for a hybrid Cloud/On-Premises identity appro... (more)

Configuring OAuth for initial LDAP Authentication

Although OAuth is not for authentication (the "auth" is for authorization), it usually presupposes that an authentication event has taken place. In the case of the Axway API Gateway, you can use the internal use store for this authentication, or you can use a third-party repository like LDAP. If you want to switch to LDAP, you can simply choose a different authentication repository under "Validate credentials against this repository" in the OAuth 2.0 policies in Policy Studio as shown below: If you want to add a new authentication repository, you can find these under "Authenticat... (more)

Video: Mobile App calling APIs, using the Axway API Portal and API Gateway

This week I am in Sydney, Australia, for Gartner AADI this Monday and Tuesday, then the Axway API Workshop here on Wednesday (still time to register if you're in Sydney!). The API Workshop ends with a wine reception, pitting French wines against Australian wines. In keeping with the theme, my colleague Charles Poulson and I have worked on sample APIs and apps, to see how an API Portal and API Gateway are used as the API backend for mobile apps. In the video below, you can see a "Wine Chooser" sample Android app which consumes an API that's registered in an API Portal, and see the... (more)

APIdentity at Cloud Identity Summit next week

My colleague Ross Garrett is speaking next week at the Cloud Identity Summit on the "APIdentity" track. "APIdentity" is a neat mashup of "API" and "Identity" - I like it. Catch Ross's talk at 2.10pm on Monday 21 July: API Security for the Cloud: Tales from the Trenches Cloud technologies and mobile devices are transforming interactions with organizations via APIs. APIs present an endless opportunity for businesses to generate revenue, engage customers and collaborate with partners; Gartner even predicts 50% of B2B collaboration will occur via Web APIs by 2016. This API Economy create... (more)