Authlete introduced FAPI on Apigee with Authlete and multi-region failover leveraging GCP

Yesterday (November 6, 2019), Google Cloud had a meetup called Google Cloud Inside Fintech. Tatsuo Kudo, Solution Strategist of Authlete, joined the event to introduce overview of Financial-grade API (FAPI), integration of Apigee and Authlete to support FAPI, and our use case in leveraging Google Cloud as a SaaS provider. We hope it is valuable for the attendees.

This article summarizes the FAPI support in Apigee and Authlete’s failover capability utilizing Google Cloud Platform (GCP).

Integration of Apigee and Authlete to support FAPI

FAPI Part 2 (Read & Write) requires the following advanced security measures in comparison with typical OAuth 2.0 deployments.

  • Request objects to protect authorization requests
  • Hybrid flow or JARM to protect authorization responses
  • Mutual TLS or private_key_jwt for client authentication
  • Issuing and verifying “sender-constrained” access tokens

By integrating Authlete, Apigee can support the FAPI Part 2 without additional development of those features on it.

Authlete’s multi-region failover capability leveraging GCP

We provide the Authlete service running on either of managed cloud or on-premise as per customer requirements, and have been using GCP as an infrastructure component of our managed cloud.

We recently announced the release of Authlete’s enhanced failover capability for disaster recovery measures, that leverages a multi-region GCP infrastructure. It allows customers, especially in financial services industry, to provide secure and highly-available APIs with industry standards such as OAuth 2.0, OpenID Connect, and FAPI.