Validating OAuth 2.0 Access Tokens with NGINX and NGINX Plus

2019-05-14 KENNETH 0

Validating OAuth 2.0 Access Tokens with NGINX and NGINX Plus Image courtesy of John T. on unsplash.com There are many options for authenticating API calls, from X.509 client certificates to HTTP Basic authentication. In recent years, however, a de facto standard has emerged in the form of OAuth 2.0 access tokens. These are authentication credentials passed from client to API server, and typically carried as an HTTP header. OAuth 2.0, however, is a maze of interconnecting standards. The processes for issuing, presenting, and validating an OAuth 2.0 authentication flow often rely on several related standards. At the time of writing there are eight OAuth 2.0 standards, and access tokens are a case in point, as the OAuth 2.0 core specification (RFC 6749) does not specify a format for access tokens. In the real world, there are two formats in common usage: JSON Web Token (JWT) as [ more… ]

NGINX Is Now Officially Part of F5

2019-05-09 KENNETH 0

NGINX Is Now Officially Part of F5 Today it’s official: NGINX is now part of F5. When F5 announced its intention to acquire NGINX, I wrote about how one chapter of the NGINX story was ending and the next beginning. In the almost two months since then, members of the F5 and NGINX teams have been planning how the companies will come together. All the hard work pays off today as we officially start executing our plans and authoring the new chapter together. My colleague, Sidney Rabsatt, will talk in an upcoming blog about the value of merging our respective technologies. In this post, I want to focus on the value of merging the people, culture, and vision of the two companies. Let me start by reassuring everyone of a few things: NGINX is becoming a business unit within F5. We [ more… ]

No Image

Announcing New Cloud Marketplace and Module Solutions for NGINX and NGINX Plus

2019-05-08 KENNETH 0

Announcing New Cloud Marketplace and Module Solutions for NGINX and NGINX Plus The companies that are successful in becoming digitally enabled and customer‑obsessed – and therefore prepared to compete as we enter the 2020s – are those best able to collaborate internally and externally. The dynamic combination of technology and partnering redefines and rewires organizations, necessitating a new collaborative leadership system to serve as the backbone that supports agile, collaborative execution. In November of 2018 I started the journey to build out the NGINX strategic alliances and partnership organization. I wanted to build an infrastructure that will enable scale as we continue to grow our ecosystem. Companies come to us ready to partner – purposefully and opportunistically, in one‑to‑one relationships, multi‑partner engagements, and in ecosystems. Partner readiness for the 2020s is not as simple as having an alliance management team that supports a center of excellence [ more… ]

NGINX Controller API Management Module vs. Kong: Performance Comparison

2019-05-07 KENNETH 0

NGINX Controller API Management Module vs. Kong: Performance Comparison table.nginx-blog, table.nginx-blog th, table.nginx-blog td { border: 2px solid black; border-collapse: collapse; } table.nginx-blog { width: 100%; } table.nginx-blog th { background-color: #d3d3d3; align: left; padding-left: 5px; padding-right: 5px; padding-bottom: 2px; padding-top: 2px; line-height: 120%; } table.nginx-blog td { padding-left: 5px; padding-right: 5px; padding-bottom: 2px; padding-top: 5px; line-height: 120%; } table.nginx-blog td.center { text-align: center; padding-bottom: 2px; padding-top: 5px; line-height: 120%; } h4 { font-weight:bolder; font-size:110%; } h5 { font-weight:bolder; font-size:110%; } The API management (APIM) market is a crowded space. The latest Gartner Magic Quadrant for Full Life Cycle API Management ranks 22 vendors, with 7 in the Leaders quadrant. Competing in an existing market requires establishing a strong position to differentiate and stand out from the competition. So what makes NGINX’s API management solution different? At NGINX our goal is to make [ more… ]

No Image

Ask NGINX | April 2019

2019-05-01 KENNETH 0

Ask NGINX | April 2019 Every month, we take a moment to share the expertise of our team, and answer a number of great questions we’ve received from both our customers and open source users. These questions range from how to use our products in a variety of use cases to how to effectively integrate third‑party tools and platforms with NGINX. These answers come from our experts including technical architects, systems engineers, and our award‑winning customer support specialists. Does NGINX Plus work with Diffie‑Hellman? Yes. For those who don’t know: Diffie‑Hellman is a protocol used to create a secret key shared by two parties (this operation is commonly referred to as the SSL/TLS “handshake”). The two parties then use the key to encrypt subsequent communication between them. A more precise answer is that NGINX Open Source and NGINX Plus work with [ more… ]