What's New

Introducing Bluemix Native API Management in CF Apps – The Most Integrated API Tooling on the Market

Share this post:

Introducing Native API Management in Bluemix Cloud Foundry, the most integrated API Tooling on the public cloud.  You can add security and control to an API in seconds, all without having to leave the Cloud Foundry UI or Bluemix CLI.  This is our second Bluemix integration, coming just weeks after integrating with OpenWhisk.We sat down with developers and listened to what they needed on day-one to control and secure their APIs.

We then integrated the basic secure and control functionality from  API Connect directly into the CF runtime UI and the CLI, to create a unique and powerful experience.  This new experience is an easy and simple way to get started on your API journey.

API Security and Control in under 10 seconds!

Cloud Foundry Runtime UI Picture
Cloud Foundry Runtime UI
You can add security (API Key, API Secret, OAUTH, and CORS) and rate-limiting… all in 10 seconds – not 37 steps like alternative solutions, without having to manually set up a gateway (check out a video below).  When the API is exposed, you can then see API level analytics, look at logs for debugging, and test endpoints with a built-in explorer tool.   Additionally, instantly share the API with other developers inside of your Bluemix organization or externally with a simple link to the API documentation.

“I just need an API Key, Rate-limiting, and an easy way to share it…”

Does this sound familiar?  Is this you?   Many of the developers that we talked to had this comment.  They wanted to secure their app, be able to put basic rate-limiting on it, and then share the API specs with their team to quickly consume it.   We listened.   You can create an API Key and, not only do you get the key, but you all get a link to our API Explorer that you can share with the API Key embedded in it (and the ability to create a Secret).    Additionally, we listened to many mobile developers that use OAUTH 2.0 for Social Login on their apps.  You can select our OAUTH Security option, pass the token as an “Authentication” header, and we automatically validate the token at the gateway.  You can protect your underlying app (and databases) with both App level authentication (API Key/Secret) and user-level authentication (OAUTH – social log-in).

API management should not be a full-time job, it should be easy, fast, and fun. You should work on coding, not spending time setting up or worrying about your gateway. We can help! You focus on the next killer app or microservice, we will worry about the gateway.

Check it out

Log into Bluemix, find or create an CF App or OW Action, click on API management, and you are there.  This tool is built into Bluemix and, best of all it is free for unlimited API calls for 2017.

Create your first API with our getting started guide!

The best is yet to come

Over the few months, we plan to add this functionality into  Bluemix Developer experience so you can add a gateway as you create a CF app or Container, to make it even easier to create a microservice and APIs. We also will have advanced API management, analytics, more advanced policies, and a dev portal experience to the native environment.


More What's New stories
April 18, 2019

Load Balancing API Calls Across Regions with IBM Cloud Internet Services and Cloud API Gateway

In this article, we'll explore load balancing traffic across two geographically-separated backends built on IBM Cloud Functions. We'll use the IBM Cloud API Gateway to deploy the same API definition in both regions, and then intelligently route traffic with IBM Cloud Internet Services.

Continue reading

April 10, 2019

Improving Your Event Streaming Experience with IBM Event Streams v2019.1.1

We're excited to announce the availability of IBM Event Streams v2019.1.1, another step in our goal to provide clients with the most efficient way to deploy and run Apache Kafka (while leveraging their existing IT systems) so that so they can ultimately build more differentiated, intelligent, event-driven experiences for their customers.

Continue reading

March 29, 2019

Adding Sign In to Multicloud Applications Without Code Changes

In this post, we will explore a proof of concept illustrating how we can leverage identity federation using a single IBM Cloud App ID instance along with common operational patterns, such as Kubernetes and Istio, to create a centralized identity and access management model that can transparently secure applications/services across cloud environments.

Continue reading