Describe the bug
Problem:
Currently Microcks provides powerful API mocking capabilities, but there's limited comprehensive documentation on how to properly secure these mock endpoints using authentication mechanisms. The recommended approach is to front Microcks with an API gateway, hence we need clear guidance for implementations across popular gateway solutions.
It would be beneficial if users had step-by-step instructions on how to:
- Configure authentication for Microcks mock endpoints
- Implement proper security controls via API gateways
- Set up best practices for rate limiting and access control
Proposed Solution
Create a comprehensive community-driven guide for securing Microcks endpoints with various API gateway solutions. This would enable users to follow standardized security practices regardless of their gateway of choice.
Tasks
Call for Contributions
We're looking for community members with expertise in specific API gateways to contribute to this documentation effort. If you have experience with any of the gateways mentioned above or others not listed, please share your knowledge by commenting on this issue or submitting a pull request.
Attach any resources that can help us understand the issue.
These issues in the microcks repo discuss problems related to this issue.
microcks/microcks#1471 (closed)
microcks/microcks#1182 (stale)
Describe the bug
Problem:
Currently Microcks provides powerful API mocking capabilities, but there's limited comprehensive documentation on how to properly secure these mock endpoints using authentication mechanisms. The recommended approach is to front Microcks with an API gateway, hence we need clear guidance for implementations across popular gateway solutions.
It would be beneficial if users had step-by-step instructions on how to:
Proposed Solution
Create a comprehensive community-driven guide for securing Microcks endpoints with various API gateway solutions. This would enable users to follow standardized security practices regardless of their gateway of choice.
Tasks
Task 1: Define the Current Security Challenges
Task 2: Kong Gateway Implementation
Task 3: AWS API Gateway Implementation
Task 4: Traefik Implementation
Task 5: Apigee Implementation
Task 6: NGINX Implementation
Call for Contributions
We're looking for community members with expertise in specific API gateways to contribute to this documentation effort. If you have experience with any of the gateways mentioned above or others not listed, please share your knowledge by commenting on this issue or submitting a pull request.
Attach any resources that can help us understand the issue.
These issues in the microcks repo discuss problems related to this issue.
microcks/microcks#1471 (closed)
microcks/microcks#1182 (stale)