Developing software in the Real World

Changing Apigility's auth token expiry

By default, the OAuth 2 token that is generated in an Apigility app expires in 1 hour. Upon expiry, the client is expected to use the refresh token to get a new access token. You can see this when you authenticate via a POST to /oauth as you get this response back:

If you need longer than 1 hour, then simply add this top level configuration setting:

The access_lifetime key controls the expiry… continue reading.

Custom OAuth2 authentication in Apiiglity

I have a client that's writing an Apigility API that needs to talk to a database that's already in place. This also includes the users table that is to be used with Apigility's OAuth2 authentication. Getting Apigility's OAuth2 integration to talk to a specific table name is quite easy. Simply add this config:

To the relevant adapter within zf-mvc-auth => authentication config. However, if you want to use different column names, that's a bit… continue reading.

Apigility tutorial on TechPortal

A few days ago, techPortal published my tutorial Create a RESTful API with Apigility. Apigility was announced at ZendCon US in October 2013 and I think that it looks like a useful tool for creating APIs. I particularly like that versioning is built in from the start and that it handles content negotiation. If you want to learn about Apigility, then have a read. The source code is available on GitHub.

Investigating Apigility

At ZendCon 2013, Zend announced Apigility which is intended to ease the creation of APIs. It consists of these things: A set of ZF2 modules that do the heavy lifting of creating an API A application wrapper for creating standalone web API applications A built-in administration website for use in development to define the API Rather nicely, it supports REST and RPC and deal with error handling, versioning & content negotiation for you. Getting started… continue reading.