Change is the primary cause of service reliability issues for agile engineering teams. In this post, I’ll cover how you can limit the impact of a buggy change, making it past your quality gates with Kong Gateway and Spinnaker for canary deployment.

Fastly’s next-gen WAF (formerly Signal Sciences) integrates with Kong Konnect to block malicious requests to your services. Kong Gateway provides a robust and secure enterprise API management platform to front web traffic. In partnership, Fastly focuses on Layer 7 application security for that traffic. This article will explain how Kong Konnect and Fastly work together.

With web applications and public APIs becoming increasingly important to how organizations interface with their customers and partners, many are turning to dedicated tools that can help protect these assets.

This tutorial shows you how to create a custom Kong Gateway plugin with Go programming language. The sample plugin I created adds an extra layer for security between consumers and producers. The way it works is it identifies consumers through a consumer-key from a query string. Without this parameter, they’ll get an error message.

The more services you have running across different clouds and Kubernetes clusters, the harder it is to ensure that you have a central place to collect service mesh observability metrics. That’s one of the reasons we created Kuma, an open source control plane for service mesh. In this tutorial, I’ll show you how to set up and leverage the Traffic Metrics and Traffic Trace policies that Kuma provides out of the box. If you haven’t already, install Kuma and connect a service.

In Kong Mesh 1.2, we added a number of new features to help enterprises accelerate their service mesh adoption. One of the major new features was native Open Policy Agent (OPA) support within the product. In the demo image above, you can see a number actions taking place across a simple web application. These “actions” ultimately are various GET, POST, and DELETE methods (API calls) across various tiers of our microservice application.

Hello Kong Nation 👋 ! We’re back with another fresh release of Kong Gateway (OSS). Read on for the latest release information.

Azure API Management (APIM) is a powerful platform that enables you to publish and scale APIs while ensuring they are secured. One of the great features of Azure APIM is that you can add plugins and transforms to your APIs without any code change or restarts. These capabilities are deployed using XML Policies which are a collection of statements.

Keep in mind that these instructions are a starting point. You may need to change some of the steps to harden your environment when running in production. For more detailed information, visit our Kong Gateway documentation.

Almost all aspects of businesses are transforming to digital and internet-based solutions. It’s happening from the ground up, starting with developers. You’re building applications for your organizations, and you’re racing to get software and services out to the market faster. The faster your company moves, and the more you build, the more likely you need an API gateway governance strategy.

Developers use application programming interfaces, or APIs, to assemble data and functionality for new mobile or web apps, but when it comes to interacting with APIs, developers are often faced with two popular options: REST or GraphQL. In this article, we’ll explore how these approaches compare, and we’ll offer REST API best practices that can be applied to build a more consistent experience for GraphQL API consumers.