Rohan Lopes Blog

  Google Apigee X is the API management platform which allow to develop and manager experience API's.  This APIs can be made available to multiple clients with different security policies.  Example, a Mobile Developer might need a JWT access token validation policy vs a traditional system might need same API with HTTP Basic policy.  As an API management platform, it allow several security policies like SQL injections, JSON Threat Protection etc.  Google Apigee X is full managed API management platform. It consist of a management plane and runtime plane. You can also implement Hybrid model i.e. Cloud & On-Premise runtime instances.  You can refer, below link for high level architecture: https://cloud.google.com/apigee/docs/api-platform/architecture/overview For a hands on experience and details overview, would recommend completing below course and labs: Course: API Design and Fundamentals of Google Cloud's Apigee API Platform       ...

After a long break from the blog posting, I have decided to start posting again. In this post we will demo how to enable CORS in Axway API Gateway and use Postman to verify whether the Cross-Origin Resource Sharing (CORS) are enabled on the API or not. You need to enable the CORS setting on the API, if you are planning to call the API from javascript which is running in browser. For more details on CORS, please check below links https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS To enable CORS on Axway API By Default, CORS are enabled for all domains for the frontend API in Axway. You can verify the setting on Frontend API -> Inbound -> Advance tab Enable CORS from all domains  If you want to restrict or configure specific CORS setting, you can create the CORS profile on frontend API. Click on CORS profile, Add a new CORS profile, with ORIGIN URL or ALLOWED HEADER's You will need to select the configured profile, please re...