Coldfusion Futuristic Technologies
The 2016 ColdFusion release includes a range of features which make it quick and simple for you to start using state-of-the-art web technologies. The primary interface for two diverse applications to communicate with one another is an API. As a result, there has been a huge and ongoing increase in the amount of private and public APIs being built by all sorts of organizations of various sizes. According to Forrester predictions, it seems that over three quarters of Fortune 100 companies may have open APIs by the end of the year.
APIs are taking over the present and look set to continue into the future, but it isn’t that easy for organizations of any size to put an API strategy in place. They need to: Begin by defining the API strategy’s business objectives, Design APIs by using REST (a more popular interface) or SOAP (the legacy interface). When a design has been completed, API must be coded using a given language, including CFML. It might seem like an API strategy is ready to hit the market at this point, but there’s more to do. APIs must be secured with a strong access control mechanism such that authorized users are the only ones who can access to the APIs. With access controls in place, strategies for managing various versions across the API lifecycle must be put in place. It is also recommended practice to associate an SLA with an API so the organization can charge for an API in accordance with the SLA desired by end developers or API consumer groups.
Developers who are within an organization and external to it also must be engaged for a good API strategy. To engage developers, you generally need to do things like giving access to a portal which provides clear documentation for all APIs and methods, letting them try the API directly from the UI of the portal without writing code, and allowing them to register their applications and sign up for SLA plans associated with an API. When you’ve put the developer portal in place, it is vital that you take in clear metrics about every activity associated with the API and its access. This makes it possible to measure progress being made towards the various business objectives that were planned in the API strategy.
The 2016 ColdFusion API Manager can take care of everything you need when it comes to securing, managing, and measuring the impact of APIs, as well as engaging developers. This is all made possible thanks to the super simple and quick feature set that API Manager offers. This lets you take APIs all the way from an original idea to production without any trouble, as the API Manager handles most of the necessary parts of the process before your API strategy goes live.
API Developer Portal
The API developer portal is part of the API Manager package and allows end developers and subscribers to register their apps. It also makes it possible for them to view the documentation for each API, try APIs from the user interface without writing any code, sign up for APIs for the associated SLAs, and access highly detailed analysis about API usage by the developer.
Integrating ColdFusion with API Manager
API manager offers an Admin portal which allows you to define the ColdFusion discovery server. When you’ve set a discovery sever on ColdFusion, you can quickly import REST services defined in the ColdFusion server. You can actually publish the associated APIs with minimal configuration needed. You can even install the ColdFusion server and API Manager as part of the same Java Virtual Machine (or JVM) so API Manager will start and stop in parallel with the ColdFusion server.
API Monitoring
The API Manager has three associated roles: Administrator, Publisher, Subscriber. Each of the three roles have a detailed dashboard for analytics where a range of metrics such as API name, request method, version, timestamp, data in and out, and SLA used are traked. This dashboard is fully customizable for both administrators and publishers.
API Version and Lifecycle Management
With API Manager, you can easily create multiple versions of an API by simply copying all settings from your previous version onto a newer one – this means that only the difference between the two APIs can be configured at the API Manager portal. You can also use API Manager to flag an API as either a draft, published, deprecated, or retired. Notifications which correspond with these flags are sent to developers who have subscribed to retired or deprecated versions of the API to let them know.
API Rate Limiting and Throttling
With the help of the API Manager in ColdFusion, you can define different SLAs for throttling and rate limiting. These limits can limit access to an API after a certain number of accesses per time unit (e.g. minutes, hours). Rate limiting is usually on these shorter time frames – think a second or a minute – while throttling works for larger time units such as whole days or months. You can also make these hard or soft limits. If it’s a soft limit then a notification will be sent after a certain pre-decided limit.
API Access Control
API Manager lets you use basic authentication as well as OAuth, API key, and OAuth with SAML to enforce access control in a way that suits you. A basic authentication simple involves a username and password which are compared against a user store that is configured in the administrator of ColdFusion. API keys for each application registered by the developers can be generated by API Manager to authenticate access for a given API. On top of this, API Manager supports Oauth mechanisms so tokens can be generated instead of keys to give access control through the built-in Oauth server in API Manager itself. SAML-based servers can also be linked with the Oauth server, such that the SAML server becomes an authorization server for a token exchange mechanism.