By Forum Systems | Date posted: July 23, 2015
SOAP-to-REST conversion is a critical aspect of secure Agile API development. Time is not a luxury that B2B application developers can enjoy. Demand is high, turnaround times are short, and the ever-increasing adoption of powerful mobile devices creates a parallel demand for providing mobile apps access to internal business APIs which may have been originally built for legacy B2B applications. Mobile app developers typically want to use simple HTTP calls and receive lightweight JSON responses. However, the services these apps need to access are often SOAP / XML based. This is where SOAP-to-REST conversion becomes a requirement, not an option. If you are wrestling with building SOAP-to-REST conversion policies, the story of how one Australian organization partnered with us to securely expose its APIs to dozens of healthcare industry organizations can help guide your efforts.
HAMBS provides a wide range of software development and hosting services to Australia’s private health insurance industry such as its HAMBS (Hospital and Medical Benefits System) application software for health insurance funds.
HAMBS approached us as part of its effort to help drive their infrastructure modernization initiative. They wanted to securely expose APIs to private health insurance funds, third parties and internal clients.
HAMBS decided to implement Forum Sentry API Gateway for two primary reasons: security and ease-of-use.
Given the sensitive nature of the information being exposed through their APIs, data security was, and remains, critically important. Forum Sentry API Gateway can be deployed at the network edge to perform complex access control decisions and enforcement. Supporting a comprehensive set of authentication tokens, including OAuth 2.0, Forum Sentry acts as both an authorization server and a resource server where it performs three key steps:
- Authenticates inbound credentials with a custom internal database schema
- Federates these credentials via OAuth tokens for SSO
- Delegates authentication to other services and APIs
HAMBS also wanted a solution that could integrate with both new applications and legacy apps. To do this, the solution had to support multiple authentication and authorization methods, including Basic Auth and OAuth 2.0. And, the solution needed to provide SOAP-to-REST conversion in order to enable RESTful apps to communicate with their existing SOAP infrastructure.
Forum Sentry API Gateway features a no-code approach to provisioning and deploying policies. With a simple point-and-click interface, Forum Sentry enabled HAMBS to quickly expose new APIs and build a policy platform that is easy to maintain and extend. Further, Forum Sentry helps modernize the HAMBS architecture while preserving precious time and resources, providing the organization with an agile, secure infrastructure to create more applications and better serve their customers.
To learn more about our partnership with HAMBS, follow this link to the full case study: HAMBS Leverages Forum Sentry to Securely Expose APIs.