Securing an API with Google Cloud API Gateway and OAuth 2.0
-
Centralized management of your APIs,
-
Monitoring and logging, and
- Centralized security, which is the focus of this lab.
Learning Objectives
Upon completion of this lab you will be able to:
- Deploy API Gateway in front of your APIs
- Use OpenAPI to configure API Gateway
- Use OAuth 2.0 to secure your APIs
- Explain the basic concepts of OAuth 2.0
Intended Audience
This lab is intended for:
- Software Developers
- API Developers
- Security Engineers
Prerequisites
You should possess:
- A basic understanding of Python
- A basic understanding of JSON or YAML format is helpful but not required
Updates
April 27th, 2024 - Lab topic refactored to focus on OAuth 2.0 and API Gateway as the comparison with Cloud Endpoints became less relevant as the Cloud Endpoints Framework supports only deprecated runtimes (Python 2.7 and Java 8)
December 6th, 2023 - Addressed user ban issue and promptly added a warning
August 26th, 2022 - Resolved an issue causing the test application to not enable the sign in button
May 26th, 2022 - Correct error within VM instance
Environment before
Environment after
Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.