Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on API Development, Management, Monitoring, and related technologies.

Fixing 403 auth errors when you replay traffic

Trigger warning: this one is about Java, authentication, and Docker Compose files. If that is not your thing, I am sorry, but they are part of life and they are honestly not that hard to work with. Everything here is open source on our GitHub repo, so you can follow along. Recording an authenticated Java flow, replaying it, hitting the dreaded 403, and fixing it with a proxymock recommendation.

Capture once, test forever

We’ve gotten used to understanding our applications through signals, summaries, and traces. Tiny little bits of information about how the app really works. Not because that’s the best way to do it, but because it’s been too hard to get the real thing. The real information exists. It’s on the network. How people called your app and what your code did. What other systems it called, the database queries it made, and the result sets that came back.

How to use Postman Visualizer: a step-by-step guide

API responses are often easier to understand when they are displayed visually instead of as raw JSON. While Postman is widely used for testing APIs, many developers overlook one of its most useful features which is the Postman Visualizer. While it is not as fully featured as a dedicated dashboarding platform like SquaredUp, it is a great way to quickly visualize API responses during development and debugging.

We won't train on your data is not a security architecture

Every enterprise contract I’ve signed in the last two years has the same clause. “Vendor will not use Customer Data to train machine learning models.” Sometimes it’s a paragraph. Sometimes it’s a whole section. The language varies but the intent is identical: don’t feed our production data into your AI. I get it. I sign the same clause as a vendor. But here’s what’s been bothering me: that clause is a promise, not an architecture.