Four short links: 13 March 2020

  1. OpenAMan open-access management solution that includes authentication, SSO, authorization, federation, entitlements and web services security.
  2. Building Relationships as a Remote Engineering ManagerAnd if you haven’t realized it yet, get used to this—you’re going to spend a lot of time writing.
  3. API Security Maturity Model — I’m not sure if I agree with this specific framework, but I like the idea of a maturity model for APIs in general and security in particular. Level 0 – API Keys and Basic Authentication; Level 1 – Token-Based Authentication; Level 2 – Token-Based Authorization; Level 3 – Centralized Trust Using Claims.
  4. Hexagonal Architecture (Netflix) — The idea of Hexagonal Architecture is to put inputs and outputs at the edges of our design. Business logic should not depend on whether we expose a REST or a GraphQL API, and it should not depend on where we get data from—a database, a microservice API exposed via gRPC or REST, or just a simple CSV file. How Netflix used this architectural concept in practice.