“Just like lighthouses have helped sailors navigate the world for thousands of years, electronic beacons can be used to provide precise location and contextual cues within apps to help you navigate the world.” (The Google Beacons development team)
What I find thrilling about beacons is that in their simplest sense they are unaware of themselves or any devices around them and we – humans – are not aware of them. So how is possible that these tiny transmitters are being used to help people in their daily lives? According to reports, 5 million beacons attached to the walls around the world are used to offer great help to people with regard to an array of things like travel, shopping, parking, entertainment, transportation, inventory management, assets tracking, indoor navigation and at last but not least in the healthcare space through more efficient processes and improved patient-care.
Wellness First is a fictitious gym that utilizes beacons to improve the customer experience. In this post we’ll take a close look at the Ionic Framework Mobile App I’ve built that uses Estimote beacons to target a customer located near the room where a Yoga class is just about to start and offers an unbeatable discount.
Continue reading “Wellness First: an inside look at Beacon technology”
OAuth 2.0 is an awesome standard. It has made it much easier to discuss standard security flows, uses gloriously simple REST APIs and provides a very robust mechanism by which to provide third-party authorisation. Unfortunately, while the third party authorisation mechanisms are great for web clients, the fact that they rely upon browser redirects or collecting credentials in order to use the Resource Owner Password flow make them less awesome for third parties who are delivering API-driven experiences via mobile apps or smart devices.
In this scenario, we are looking for a mechanism by which we can provide informed consent to resource owners; doesn’t risk exposing user credentials to third parties; and can be API-driven for the third-party, not relying upon browser behaviour. In this post we will explore an approach that checks all of these boxes, something that I have called an ‘Out-of-band Consent’, in which credentials and consent are handled through a process which is entirely removed from the third-party requesting application.
Continue reading “3-Legged OAuth for Non-Web Clients”
The cloud services are rapidly changing and are becoming easier all the time. This blog is an example of that.
One of the things that has changed is the network configuration of Oracle Java Cloud Service and Oracle SOA Cloud Service. It’s been a common task to create communication channels with these services to administer the environments. So that means creating specific security rules and typically it is a usual practice of creating different ports specific for the administration network traffic. Now, this already been done for you.
Continue reading “Network Channels with Java Cloud + SOA Cloud has become a little easier”
As of Dec 2016 aka Release 16.4.5, the ICS Scheduler has finally arrived!
You cannot imagine how excited I am! As a regular integrator of SaaS systems, I’ve started noticing a trend where most SaaS softwares offer comprehensive REST/SOAP APIs, but wait… with a catch, they’re all passive. Meaning you can call them to get/put data, but you can’t trigger an activity from them when certain data has changed. Some of my peers have even commented that we’ve gone backwards in time before SOA where everything is batch processed.
Rant aside. To automate integration between 2 “passive” APIs, you will need some form of trigger, preferably a scheduler. ICS has had a scheduler function for File/FTP connectors for a while now. This new function applies on Orchestrations, which means you can pretty much schedule and integrate any connector.
Today I’m going to showcase creating a scheduler that will send SMSes to me every 10min. The SMS gateway is implemented using REST. You can practice this with any connection you can view the response with (Email/Database).
Configuration in ICS
Create a new Orchestration integration.
Continue reading “First play with the Oracle Integration Cloud Service (ICS) Scheduler”
Oracle ICS provides OAuth authentication for REST APIs using a curl-like syntax. Given the many implementations of OAuth are not exactly to spec, syntax pitfalls sometimes occur. ICS provides the flexibility configure using regex the values needed to pull out the tokens from the JSON payload.
This flexibility allows us to integrate with the gamut of OAuth-compliant REST APIs in the consumer apps market.
Today, we’re going to use TrackVia (https://developer.trackvia.com/livedocs)
TrackVia is pitched to LOB users as a low-code alternative to spreadsheets, legacy databases and complicated enterprise systems to track, manage and automate critical business processes or operational workflows with greater efficiency, speed and ease.
Continue reading “Custom 2-legged OAuth with Oracle Integration Cloud Service (ICS)”
In this post we will explore utilising Mobile Cloud Service (MCS), which provides RAML based tooling, in order to define an API, and create mock services for that API which we can run anywhere. While Mobile Cloud Service provides a wide array of incredibly useful tools for rolling out APIs, and simplifying a number of common mobile development tasks; in this post I am going to focus exclusively on the API design tooling which far outstrips pretty much every other API design tool I have played with.
Continue reading “Using Mobile Cloud Service to Design and Mock APIs”
In the previous blog post, we looked at how to set up a basic project using Spring Boot. In this post, we want to continue exploring the DevCS capabilities that enable developers to contribute code and collaborate.
We’ll add the new code in a new branch. You can create the new branch either in DevCS itself:
Continue reading “Further explorations of Developer Cloud Service”