Authlete Solution Strategist Presents at Google Cloud Inside Fintech

Tatsuo Kudo, Solution Strategist of Authlete, joined Google Cloud's Google Cloud Inside Fintech on Novermber, 6, 2019.  He discussed the overview of Financial-grade API (FAPI), integration of Apigee and Authlete to support FAPI, and Authlete’s failover capability utilizing the Google Cloud Platform (GCP).

Below is the summary of his presentation.

Integration of Apigee and Authlete to support FAPI

FAPI Part 2 (Read & Write) requires the following advanced security measures in comparison with typical OAuth 2.0 deployments.

• Request objects to protect authorization requests
• Hybrid flow or JARM to protect authorization responses
• Mutual TLS or private_key_jwt for client authentication
• Issuing and verifying “sender-constrained” access tokens

By integrating Authlete, Apigee can support the FAPI Part 2 without additional development of those features on it.

Authlete’s multi-region failover capability leveraging GCP

We provide the Authlete service running on either of managed cloud or on-premise as per customer requirements, and have been using GCP as an infrastructure component of our managed cloud.

We recently announced the release of Authlete’s enhanced failover capability for disaster recovery measures, that leverages a multi-region GCP infrastructure. It allows customers, especially in financial services industry, to provide secure and highly-available APIs with industry standards such as OAuth 2.0, OpenID Connect, and FAPI.