API Products in Apigee In this blog, we will learn what the API Products in Apigee. When sharing APIs with developers, giving direct access to each individual API can be difficult to manage. Apigee solves this with API products—packages that group one or more APIs together, along with rules that define how they can be…
Securing Apigee Hybrid with HashiCorp Vault In this blog, we will learn how to secure Apigee Hybrid with Hashicorp Vault. Description: In enterprise-grade API platforms like Apigee Hybrid, managing sensitive infrastructure secrets—such as Google service account keys and Cassandra database credentials—is essential for ensuring security, compliance, and operational resilience. Traditionally, secrets stored in Kubernetes manifests…
XML Threat Protection Policy in Apigee In this blog, we will learn about the XML Threat protection policy in Apigee. APIs frequently exchange data in XML format, which, while powerful, can also introduce security vulnerabilities if not properly validated. Malicious actors may attempt to exploit XML processing weaknesses to launch attacks such as XML bombs,…
Custom Error Handling Framework in APIGEE In this blog, we will learn how to handle the custom error Framework in Apigee. A robust error logging framework is a critical asset for operational efficiency, customer satisfaction, and long-term cost savings. By capturing detailed diagnostic information—including request and response metadata, backend interactions, and contextual error traces—in a…
Securing Google Apigee with Armor In this blog, we will learn how to secure Google Apigee with Armor. Description: Google Apigee provides a full lifecycle API management solution, but securing APIs in today’s threat landscape requires more than basic rate-limiting or authentication. Armor, a cybersecurity platform offering cloud-native threat prevention, delivers enhanced perimeter protection through…
Caching and Persistence in APIGEE In this blog, we will learn about Caching and Persistence in APIGEE. In modern API ecosystems, performance and scalability are critical. Apigee simplifies these challenges by offering powerful, policy-driven caching mechanisms that reduce latency, minimize backend calls, and improve user experience. Leveraging its built-in policies and internal frameworks, Apigee offers…
Rate Limiting in APIGEE In this blog, we will learn about Rate limiting in Apigee. In today’s digital landscape, protecting APIs from threats such as Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks is essential. Apigee provides built-in security policies like Quota and Spike Arrest to safeguard APIs against traffic surges and ensure controlled usage. Quota…
OAuth Security in APIGEE This blog explores implementing OAuth Security in Apigee proxy flows. Controlling and securing API access is essential in proxy development. Apigee offers policies tailored to various requirements. The OAuth policy manages OAuth grant types and handles code and token generation for authenticating proxy requests. OAuth streamlines the authorization process for client…
Apigee Analytics for API Performance and Business Insights In this blog, we will learn about Apigee Analytics for API performance and Business Insights. Introduction In today’s digital landscape, APIs are the backbone of modern applications, connecting services, systems, and users. But how do businesses ensure that their APIs are performing optimally? How can developers, operations…
Using CMEK with Google Apigee In this blog, we will learn how to use Customer Managed Encryption Key (CMEK) with Google Apigee Customer Managed Encryption Key (CMEK) in Google Apigee Hybrid Introduction Customer Managed Encryption Keys (CMEK) provide enterprises with greater control over their encryption mechanisms by allowing them to use their own cryptographic keys…