Brenton House - Digital Strategist and Influencer

Understanding API First Strategy and Benefits

Mon, 31 Jan 2022 19:53:17 GMT

What is an API First Strategy?

API First is more than building an API for every product you have. API First is a strategic and tactical methodology for how you view your products and your business and about adopting a mindset where your products are capabilities that you can deliver. API First focuses on the business value of APIs and what they deliver.

An API First and API-led Integration Strategy is essential to every organization. The companies that are adopting an API First Strategy are the ones that are gaining ground the quickest in the growing API Economy. API First allows you to view your business as a set of API Products that work together to provide the features, data, and capabilities that your organization's products produce.

APIs are what enable businesses to engage with consumers in the digital world and are how your products are going to be judged in the API Economy.

How fast are things moving in the API Economy? Let's take a look.

What happens in a minute?

A lot can happen in a minute.

In a single minute:

UPS will deliver 11,319 packages

Apple will make a little over $70k dollars

In a single minute, over $3 million dollars will be donated to charities around the world.

In the next 60 seconds, over 700K telephone calls will be made.

60 seconds is not a lot of time but it is enough time for a lot to happen.

A lot can also happen in a digital minute

In fact, according to the 2021 results compiled by Domo, a lot DOES happen in a digital minute.

These are some pretty big numbers.

For instance, in the next 60 seconds:

People watch 694K hours of videos on YouTube
Twitter users post 575k tweets
Slack users send 148k messages
Users stream 452k hours of video on Netflix
Google conducts 5.7M searches
12M people send an iMessage
6M people shop online
Users send 2M SnapChats
People watch 167M videos on TikTok

The list goes on and on but there is one thing in common.

All of these services (and more!) are powered by APIs.

Finish reading the full post here 👉 API Strategy Explained with Brenton House

Frankenstein APIs Explained! - API Cyber Security Series

Thu, 30 Dec 2021 20:24:00 GMT

Frankenstein APIs Explained!

Unknown APIs can be scary but not every API is a monster.

This is part of the API Cybersecurity 101 series by Software AG's Senior API Strategist, Brenton House. A continuing series on API Security and Cybersecurity.

You may have never heard of a Frankenstein API. But there is a good chance you have used one at some point. It is important to know what a Frankenstein API is because your API Security could depend on it.

A Frankenstein API is one that is created in the deepest depths of a dark and secret laboratory.

No. Not really.

But this type of API is usually creatively pieced together using unorthodox methods and is driven by a strong need for functionality.

So let’s start with the basics.

What is an API?

The acronym API stands for Application Programming Interface. Basically, it is non-human systems (or applications) that talk to each other in an agreed-upon way! Most often, people are talking about Web APIs, which include things like REST, GraphQL, gRPC, SOAP, etc. The introduction of smartphones caused an exponential growth and adoption of APIs as pretty much every single mobile application uses APIs.

What is API Security?

The simple answer is that it is about applying and managing security for your APIs but we all know, there is nothing simple about API Security.

There are 7 basic categories for APIs.

Public APIs
Internal APIs
Partner APIs
Composite APIs
Shadow APIs
Zombie APIs
Frankenstein APIs

So what is a Frankenstein API?

What happens when you really need an API for something and that API does not exist?

Take for instance Google Public Search Results (SERP) API. Have you ever used it?

Me neither. It doesn't exist.

That doesn't mean that people don't need APIs like this though. You may have used services that provide APIs to show you how your website (and the websites of others) rank for certain keywords and queries.

Another example might be where a web application product has an API but it is very limited and doesn't provide access to all the information and functionality that the corresponding web application does.

This is another example where someone might end up building an API.

Now when I say building, I really mean piecing/hacking/cobbling it together using unorthodox and unconventional methods such as screen scraping and other techniques. When done right, these can provide the valuable data that wasn't provided by the original product but it comes with many risks...

Some of the risks to be concerned about stem from the fact that this API was not created by the same organization that created the original product.

Frankenstein APIs can be extremely fragile

A Frankenstein API does not have the insider information needed to make the API stable and durable. For instance, ~~if~~ (sorry, WHEN, not if) Google were to change how search engine results were laid out or presented, then every Frankenstein API that was created by scraping the Google Search Engine Results Pages (SERP) would most likely break (depending on the how major the changes were).

Frankenstein APIs can bypass product security

If a Frankenstein API was created to fill the gap created by missing features in the original product, it is very possible that the mechanism for scraping the data and compiling it into an API would be bypassing security. What I mean by that is the resulting Frankenstein API would not require the same security that the scraping tool (or another mechanism) was required to provide in order to retrieve the data from the original application.

Frankenstein APIs can cause undue load on resources

There is no guarantee on the experience level of the developer (or developers) that creates a Frankenstein API. Since they are not part of the organization that created the original application, the techniques used to "retrieve" the data may be, well... less than optimized. The code in a Frankenstein API could be eating up all kinds of resources owned by the original application owner. Calls could be taxing servers, bandwidth, and other resources that all result in lots of money.

Frankenstein APIs could expose vulnerabilities

This one is not strictly limited to Frankenstein APIs but you could be asking for problems. Once you have an external developer or hacker digging through your applications looking for a way to capture the data they need, they could discover vulnerabilities in your system that would not have been found otherwise. Vulnerabilities can be found by hackers not creating Frankenstein APIs but it would be wise to not create more opportunities.

API First to the rescue

A solid API First strategy can be helpful in avoiding some of the problems that arise due to Frankenstein APIs. If your organization treats APIs like a Product and always creates an API First, BEFORE creating an application, you can engineer security into a proper API, thus alleviating the need for a Frankenstein API.

NO API FOR YOU!!

If you absolutely insist on not providing an API for the users of your applications, you will need to take precautions. By the way, I DO NOT recommend this option!

You will need to have very advanced mechanisms in place to protect your web applications (and other sources of data) from screen scraping and other data retrieval mechanisms. This can be tough to do and you will have to be constantly changing it in order to keep of with the latest data retrieval techniques.

This is not to say that you don't need to protect against screen scraping if also provide an API but it may remove a lot of the motivation for creating a Frankenstein API if you provide a proper API along with your application.

I am not saying Frankenstein APIs are bad, more misunderstood.

My point is for you to be aware that they exist and to treat them with care, especially in terms of API Security.

About Brenton House

Brenton House is Vice President of Digital Evangelism at Software AG. As an API and Digital Transformation Evangelist and Strategist, he has connected enterprises with API solutions and microservices, to help drive innovation and overall business growth for many organizations.

In his 25+ years of experience, he has worked across many industries including broadcasting, advertising, retail, financial services, supply chain, transportation, technology, and publishing -- gaining a breadth of knowledge on all things APIs and Integrations. His diverse experience set and unique creative skill sets have enabled him to equip organizations in creating captivating and innovative products that delight users.

👉 Connect with Brenton House on LinkedIn! 👈

Check out some of our other resources to continue learning more about APIs and Integrations!

⭐    Software AG Blog ▪ https://blog.softwareag.com
⭐    API Knowledge Portal ▪ https://knowledge.softwareag.com
⭐    Software AG Tech Community ▪ https://techcommunity.softwareag.com/
🎬    Software AG YouTube Channel ▪ https://youtube.com/softwareag
🎬    Brenton House's YouTube Channel ▪ https://youtube.com/brentonhouse
🎬    API Shorts YouTube Channel ▪ https://youtube.com/apishorts

👇👇👇 FREE online API Maturity assessment here! 👇👇👇

https://www.softwareag.com/api-maturity

API Security 101 - Cyber Security Explained

Mon, 20 Dec 2021 21:56:00 GMT

A day doesn't go by where some API is in the news because of a vulnerability or leaked data. More than ever before, organizations are placing a renewed emphasis on API Security and Cybersecurity.

APIs are everywhere and API Security is of the utmost importance for every organization. According to a recent Gartner CIO and Technical Executive survey, Cyber and Information security are at the top of the list for planned investments in 2022.

As someone who has spent my entire career in the world of APIs and Internet applications, I have seen first-hand the vulnerabilities that can exist with APIs.

This is part of the API Cybersecurity 101 series by Senior API Strategist, Brenton House.

What is an API?

The acronym API stands for Application Programming Interface. Basically, it is non-human systems (or applications) that talk to each other in an agreed-upon way! Most often, people are talking about Web APIs, which includes things like REST, GraphQL, gRPC, SOAP, etc. The introduction of smartphones caused an exponential growth and adoption of APIs as pretty much every single mobile application uses APIs.

What is API Security?

The simple answer is that it is about applying and managing security for your APIs but we all know, there is nothing simple about API Security.

In 1983, there was a movie called War Games that was released to theaters. You may have never heard of the movie but it was about a boy, David, played by Matthew Broderick, who hacks into NORAD’s Military Computer System and accidentally ALMOST starts World War III. The movie got the attention of the most powerful man in the world, at that time.

According to journalist Fred Kaplan, After seeing a special screening of the movie “War Games”, then-President Ronald Reagan asked the U.S. Military Joint Chief of Staff if something like this could really happen. He asked, “Could someone just break into our most sensitive computers?” A week later, the General response was:

“The problem is much worse than you think.”

From that moment on, U.S. Cybersecurity and Defense policy would never be the same.

Fast forward almost 40 years and everyone with a smartphone has a computer more powerful than any supercomputer that existed at that time. YouTube is now full of free videos and training on how to code and become a serious developer (or a hacker). What that means is that almost anyone, from anywhere, in any country, could be trying to get into your APIs and systems TODAY. Everyone needs to be educated and prepared to defend against API attacks; malicious or not.

What most don’t understand is that API security starts with humans, not computers.

If someone puts their password on a sticky note attached to their monitor, it doesn’t matter how many security checks you do, how much security code you have in place, or what different security products you have installed.

There are, however, a lot of things that you can do to protect yourself and minimize damage from this and other forms of social hacking. We will be covering this in upcoming articles of our API Cybersecurity series.

OWASP Top 10 List for API Security

One thing you might have heard of and need to pay attention to is OWASP.

OWASP is the Open Web Application Security Project.

It’s an international non-profit organization dedicated to web application security.

What they are probably most well-known for is their re-occurring Top 10 list of Web Vulnerabilities.

But in addition to their lists of web vulnerabilities, they also came out with a Top 10 list for API Security. Now it is a few years old but all of these are still important factors to consider with your API Security.

The latest OWASP API Security Top 10 list includes:

API1:2019 Broken Object Level Authorization
API2:2019 Broken User Authentication
API3:2019 Excessive Data Exposure
API4:2019 Lack of Resources & Rate Limiting
API5:2019 Broken Function Level Authorization
API6:2019 Mass Assignment
API7:2019 Security Misconfiguration
API8:2019 Injection
API9:2019 Improper Assets Management
API10:2019 Insufficient Logging & Monitoring

Inside these topics, you are going to discover even more details that you need to be familiar with and understand.

API Keys
API Logging
API Injections
API Hackers
Zero Trust APIs
Shadow APIs
API Access Control
API Security Testing
JWTs
OAuth and OpenID Connect
Identity and Access Management
Multi-Factor Authentication
API Observation
API Threat Detection
And more…

Read the complete article on API Security and API Cybersecurity 101 here!

API Trends 2022 - API Security and Cybersecurity

Mon, 20 Dec 2021 18:00:13 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Security%20and%20Cybersecurity-,API%20Cybersecurity,-At%20number%201

As long as there have been APIs, there have been hackers who are searching for vulnerabilities in those APIs. API Security and Cybersecurity is of critical importance for EVERY organization. Especially now. NOBODY wants to be in the headlines for all the wrong reasons.

Earlier, Gartner had predicted that by 2022, API abuses will move from infrequent to the most-frequent attack vector. The growth in not only the number of APIs but the exponential increase in API usage has made this prediction all the more impactful on businesses around the world.

According to a more recent Gartner CIO and Technical Executive survey, cyber and information security are at the top of the list for planned investments in 2022. This is not surprising as business leaders are feeling the pressure to put budget and resources behind cybersecurity to protect their APIs, data, customers, and the reputation of their companies.

You may have heard the phrase “Shift Left, Shield Right”.

“Shift Left" is referring to is shifting your security focus to the beginning of the API Lifecycle process and to integrate it into the design, development, and every other step of the API Lifecycle all the way to the retirement of an API.

“Shield Right" is talking about the emphasis on continuing to protect your APIs at runtime and beyond. Doing this will allow you to provide a defense against unknown attacks.

Closely related to API Cybersecurity is the topic of encryption and privacy. Because of the close relation to security, they are included in this topic. Organizations are increasing their understanding and proper implementation of encryption to protect their data. Everything from storage and transmission of data requires a critical security eye when planning and implementing DevOps security. Privacy is also directly related to this as API Cybersecurity is an essential key to securing the privacy of users and employees. Not only does data need to be secured but sometimes the best decision is not to store the data at all. There are a lot of government regulations surrounding privacy in certain parts of the world but security and privacy requirements can also drive a strategy that reduces unnecessary data to protect both consumers and enterprises alike.

API Cybersecurity as it is important for everyone to understand API Cybersecurity, what is at risk, and how to protect and defend your APIs and other systems from attacks.

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Security%20and%20Cybersecurity-,API%20Cybersecurity,-At%20number%201

API Trends 2022 - Seamless Integration Solutions

Mon, 20 Dec 2021 17:58:26 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Seamless%20Integration%20Solutions-,Seamless%20Integration%20Solutions,-At%20number%202

An API without any integrations is like a car without fuel or power. It’s may look pretty but it is not very functional.

Not only do APIs need to accept integrations and integrate with other APIs but there can also be complex requirements for chaining and transforming the incoming and outgoing data across these integrations.

APIs need to be able to easily integrate with anything, anywhere. 2022 will see the need for seamless API integrations that grow and scale even further with solid and proven integration tools standing out from the crowd because of their smooth and seamless handling of integration processes, both on-premise and in the cloud. Because of this increased demand for secure integrations with other APIs and systems, organizations want and need products that can remove the friction from their integration experience.

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Seamless%20Integration%20Solutions-,Seamless%20Integration%20Solutions,-At%20number%202

API Trends 2022 - Adaptive API Management

Mon, 20 Dec 2021 17:56:20 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Adaptive%20API%20Management-,Adaptive%20API%20Management,-At%20number%203

Managing the entire API Lifecycle can be challenging. Every organization is different and often the needs and requirements can be quite complex. Enterprises need to adapt quickly to changes in the market, changes in government regulations, changes in technology, and even changes in how (and where) people work.

New APIs are created every day and people need API Management that can adapt as well. Whether you are adapting to new API policy requirements, new API security threats, new API integration requirements, or new API consumer or partner opportunities, the need for an Adaptive API Management system is growing every day.

Because of issues like these, 2022 will see the continued growth of Adaptive API Management systems like webMethods which provides a robust and holistic approach to API Management. Some organizations need on-prem solutions. Others want to use cloud-based SaaS solutions. But a growing number will need something in-between with a mix of both.

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Adaptive%20API%20Management-,Adaptive%20API%20Management,-At%20number%203

API Trends 2022 - API Integration Automation

Mon, 20 Dec 2021 17:53:00 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=and%20Integration%20Automation-,API%20and%20Integration%20Automation,-At%20number%204

This goes beyond some of the automation that we have seen in previous years:

Automated API integration tests
Automated code unit tests
Automated publishing
Automated security checks.

GitHub has recently announced a new development tool called GitHub CoPilot. GitHub Copilot is an artificial intelligence tool developed by GitHub and OpenAI to assist users by auto-completing code. Now there has been a lot of feedback on this (both good and bad) but the point is things are changing. The goal of automation is not to replace workers but to allow workers to focus on more important tasks.

Keep an eye out for an increase in:

Automation for API design with various no-code solutions
Automation with API Integrations
Automation in API creation
Automation for API Management and Governance
Advancements in automation for API Security

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=and%20Integration%20Automation-,API%20and%20Integration%20Automation,-At%20number%204

API Trends 2022 - Industry Specific Breakouts

Mon, 20 Dec 2021 16:49:00 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Industry%2DSpecific%20Breakouts

Take Open Banking as an easy example of this. If you are in the financial industry (especially if you are in a geographical region that has government regulations around this), you have been aware of the changes both in standards and government regulations that have shaped how financial and banking APIs integrate with one another.

The healthcare industry is also seeing similar growth with the development and implementation of FHIR (Fast Healthcare Interoperability Resources) and other healthcare standards.

Expect to see a continuation of growth in some of these existing verticals as well as spikes and new growth in other industries.

Keep a watchful eye on Government, Manufacturing, Transportation/Logistics, Retail, Insurance, Supply chain, Telecom, and some others.

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Industry%2DSpecific%20Breakouts

API Trends 2022 - API Best Practices

Mon, 20 Dec 2021 16:46:28 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=API%20Best%20Practices-,API%20Best%20Practices,-Closely%20related%20to

While there have always been Best Practices of some sort around the use of APIs, Integrations, and Microservices, it has been kind of hit-and-miss with what you could find and where you might find it. Often best practices might have conflicting messages or be so vague as to lead to branches of differing micro best practices.

Although RESTful APIs are solidifying their position as the current standard for APIs, we are also seeing an increase in the use of GraphQL, gRPC, and others. This has driven an increased need for formalized Best Practices around, not only covering what technology and standards to use, but how to do it in the best possible way so as to reduce the amount of future rework involved.

Best Practices include many API topics including (but not limited to):

API Design
API Security
API Integrations
API Transformations
Logging and Tracing
Code and Design Linting
Error Handling
Monetization
Onboarding
Versioning
Observation
Analytics
Documentation
Testing / Audits
Pagination / Bulk Data Handling
Eventing — WebHooks / Polling / Web Sockets
Scalability
And many more!

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=API%20Best%20Practices-,API%20Best%20Practices,-Closely%20related%20to

API Trends 2022 - Open API Standards

Mon, 20 Dec 2021 16:43:00 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Open%20API%20Standards-,Open%20API%20Standards,-At%20number%207

With the advancement of tools, technology, code, and no-code solutions, it’s actually not that difficult to build an API these days. However, building APIs that are extensible, scalable, actually use best practices, and properly implement open standards can be a much more difficult feat.

RESTful APIs and open standards such as SOAP, Swagger, OpenAPI, JSON Schema, AsyncAPI, and GraphQL have been around for a while but we are seeing substantial growth in the community around the development of these standards and the participation from businesses and individuals in keeping these standards up-to-date with new features and improved documentation.

My recommendation would be to get involved with the groups that support these standards and participate in the process of growing the API community. If you are consuming and using these standards, (and I am sure you are), keep up-to-date with the changes to ensure you are producing and integrating with APIs in the best possible (and securest) way.

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=Open%20API%20Standards-,Open%20API%20Standards,-At%20number%207

API Trends 2022 - API Integration Experience

Mon, 20 Dec 2021 16:41:00 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=and%20Integration%20Experience-,API%20and%20Integration%20Experience,-Coming%20in%20at

Everyone wants the experience with their API products to be magical. From APIs, API Documentation, API Developer Portals, and API Artifacts, a lot can be said about the user and developer experience across the entire API landscape.

The reason API Experience is on the Top 10 list is that along with the huge growth of APIs in the past few years, there has been a corresponding growth in expectations that users and developers have when they go to consume or integrate with an API product.

API Products and Portfolios need to include things like:

Being intuitive (a must-have!)
Well-documented APIs
Self-Service Developer Portal
Having a great onboarding experience (zero to API in 5 minutes)
Consistent and useful error messaging
Keep it simple (it has one job)
Don’t be ugly (great UX and aesthetics)
Providing great logging and analytics
Including code samples and Postman scripts
Free-forever developer tier

A great developer and user experience for your APIs and integrations can give you an edge up over your competition and make a world of difference as to whether your digital and non-digital products are successful in this competitive market.

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=and%20Integration%20Experience-,API%20and%20Integration%20Experience,-Coming%20in%20at

API Trends 2022 - API-Led Modernization

Mon, 20 Dec 2021 16:35:00 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=API%2DLed%20Modernization-,API%2DLed%20Modernization,-At%20number%209

Mainframe and legacy systems can be a big dependency (and liability) for many organizations. We are seeing an increase in the number of companies that are using APIs and API Platforms to replace and extend the capabilities of their legacy systems.

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=API%2DLed%20Modernization-,API%2DLed%20Modernization,-At%20number%209

API Trends 2022 - API Economy Growth

Mon, 20 Dec 2021 16:30:00 GMT

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=API%20Economy%20Growth-,API%20Economy%20Growth,-At%20number%2010

The API Economy is taking the world by storm. When talking about the API Economy, we are not just referencing your ability to sell access to your APIs and data.

No, it’s much more than this. It’s about:

Revolutionizing how enterprises are organizing their teams, resources, and budgets.
The entire supply chain being powered by APIs
Ordering dinner and having it delivered to your home.
Providing a way to request an Uber ride and track it from beginning to end
Streaming movies and television shows to televisions, computers, and mobile phones around the world
Ordering fresh groceries and having them delivered from store to front porch

APIs on their own are not enough to drive this digital ecosystem. APIs are simply the enablers for and the gateway to the digital and physical products that you are already creating or plan on creating. APIs are what enable businesses to engage with consumers in the digital world. APIs are how your products are going to be viewed, purchased, consumed, and judged in this digital economy.

In order to compete in this very competitive API market, companies are adopting API First strategies. They are realizing that their APIs are a Product, and not an add-on to their existing products. These decisions to put budget and resources behind their API teams will allow them to succeed and win in 2022.

https://brenton.house/top-10-api-integration-trends-for-2022-49b05f2ef299#:~:text=API%20Economy%20Growth-,API%20Economy%20Growth,-At%20number%2010

Brenton House - Give your App and APIs a Turbo Boost – Part 2

Sun, 20 Oct 2019 17:07:00 GMT

Brenton House talks about Exploring the power and extensibility of APIs for Mobile - Development and Architecture

In Part 1 of this series on Mobile Architecture and Development, we talked about the different ways you can use and extend the mobile platforms for building cross-platform native mobile apps. Today, we dig in with a detailed example of how extend the power of Titanium Alloy, the MVC framework created to make building with Titanium even easier.

When we ended up last time, we saw that we could install a local version of Alloy to build a mobile app. To fully demonstrate the power of this seemingly simple step, I’ve created the open-source framework and published it on GitHub here: https://github.com/brentonhouse/titanium-turbo. I’ve called it “Turbo” to go along with the theme of this series, and I’ll walk you through what I’ve done and demonstrate the power of Turbo.

Read rest of post here on Brenton House - Master API Chef and Strategist

Easily Enable Speech Recognition in Titanium iOS using Hyperloop

Wed, 19 Apr 2017 15:48:00 GMT

Speech recognition in products is already big and it is growing fast. From Siri, Alexa, Google Now, Cortana, and others comes the ability for apps and devices to be able to assist users in a multitude of creative ways. While hands-free control using voice has gathered most of the attention, the introduction of new APIs has also opened the door for developers to use these mature speech recognition features within apps as well.

Appcelerator Titanium already creates iOS and Android native applications but using Hyperloop, developers now have access to even more native capabilities than before!

Brenton House is a Senior Mobile Architect with over 20 years experience in mobile, API, and web development. He has worked with many clients across various industries, including broadcasting, advertising, retail, financial services, transportation, and publishing. His passion for everything mobile together with his mobile strategy and design experience, drive him to create products that inspire and captivate audiences.

Error creating new MVC Controller for Entity Framework

Fri, 01 Jun 2012 22:18:11 GMT

I downloaded and installed Visual Studio 11 (2012) RC today but I am getting an error every time I try to add a MVC controller to a project.

Unable to retrieve metadata for 'MyNamespace.TestEntity. Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.

I know this bug existed in Visual Studio 11 Beta but it is marked as fixed in Microsoft Connect. If anyone has a fix for this, please post!

You can vote for this bug on Microsoft Connect here:

https://connect.microsoft.com/VisualStudio/feedback/details/745901/error-creating-new-mvc-controller-for-entity-framework

Brenton House

Google introduces the Knowledge Graph

Wed, 16 May 2012 19:32:52 GMT

Google is rolling out a HUGE new feature in the next few days. They call it the “Knowledge Graph” and it is supposed to be a much smarter system for gathering the search results that you want. This will set SEO experts scrambling to see how to best optimize sites and content!

[via Google]

Introducing the Knowledge Graph

When you search, you’re not just looking for a webpage. You’re looking to get answers, understand concepts and explore.

The next frontier in search is to understand real-world things and the relationships among them. So we're building a Knowledge Graph: a huge collection of the people, places and things in the world and how they're connected to one another.

This is how we’ll be able to tell if your search for “mercury” refers to the planet or the chemical element--and also how we can get you smarter answers to jump start your discovery.

See it in action

When you search for things, people, or places that Google knows about, we can use the Knowledge Graph to enhance your search results.

Find the right thing
The words you search with can often have more than one meaning. With the Knowledge Graph we can understand the difference, and help you narrow your results to find just the answers you're looking for.

Get the best summary
See key facts about your search with the most useful and interesting information for that particular topic, based on the questions other people have asked.

Go deeper and broader
Make unexpected discoveries and explore a topic more deeply with a springboard of information at your fingertips. What you find may surprise you!

See where your curiosity will take you. Give it a try.

Brenton House

Basic WCF Authentication with SQL Membership Provider

Mon, 07 May 2012 20:10:33 GMT

There is an interesting article on Code Project about using WCF Basic Authentication with SQL Membership Provider. Obviously, there are much more sophisticated ways of securing WCF services but it is an interesting how-to for getting basic security for WCF up and running.

WCF Basic Authentication with SQL Membership Provider

We will show you how to set up WCF Basic Authentication using the SQL Membership Provider provided by Microsoft.It is highly recommended that you walk through the explanations by looking at the source code as it will help you gain a more solid understanding.You can also run the application on your computer.
We will assume you already know how to setup WCF to run in https, since basic authentication without https would be meaningless because the user name and password would be passed as plain texts in the network.
Topics

We will show you:

How to setup the database and the Web Site Administration Tool from the .net framework for managing the Users and Roles

How to setup the WCF Basic Authentication under https and use SQL Membership Provider to validate users and roles

How to make your WCF service consumable by other other platforms such as Java by making the WSDL a single file

You can also see how to make your service consumable by any technology and also set up error handling here.

Brenton House

Frequently Asked Questions about Free Upgrade on SkyDrive

Mon, 07 May 2012 12:33:17 GMT

[via: http://windows.microsoft.com/en-us/skydrive/loyalty]

You’ve been with us a long time, and through a lot of changes. We appreciate you sticking with us, and we want to make it easy for you to keep using your 25 GB of free online storage. All you need to do is go to the SkyDrive storage page and choose Upgrade my storage. That’s it—you’re locked in for 25 GB for free.*

Frequently asked questions

Why is the storage limit changing?
When designing the new SkyDrive, we wanted to create personal cloud storage that was both powerful and that had enough storage to meet the needs of most people—for free. The new SkyDrive offers 7 GB of storage. That’s enough for 20,000 Office docs or 7,000 photos. And unlike before, you can upload big files (up to 2 GB) and automatically sync files or entire folders to SkyDrive right from your PC.

We also wanted to offer additional storage options for people who needed more, without applying a single limit to everyone. So we now offer affordable plans to add up to 100 GB of additional storage to SkyDrive.
What are the new features?
SkyDrive for PC or Mac: Install SkyDrive on your computer and you can access files in your SkyDrive right from your desktop—online or offline. Files in your SkyDrive folder are automatically kept up to date across your PCs and Macs. Available for Windows 8 Consumer Preview, Windows 7, Windows Vista, and Mac OS X Lion.

Apps for Windows Phone, iPhone, and iPad: Get to your files while you’re on the go with the new SkyDrive for iPad app and updated apps for Windows Phone and iPhone. And of course you can still go to SkyDrive.com from your phone’s browser.

Fetch files: Forgot to put a file in your SkyDrive folder? You can access any file stored on your PC running Windows from SkyDrive.com.

Increased upload sizes: Now you can upload and share files up to 2 GB.
What happens if I don’t upgrade my storage? Will I lose my stuff?
No. In the new SkyDrive, everyone gets 7 GB of free storage. If you were using close to this amount before the latest update, we’ve automatically upgraded your storage already . You can always see how much storage you have by signing into SkyDrive and checking the storage meter.
Where can I go to learn more?
You can get more information about SkyDrive on our website. If you have any questions, you can get answers in the SkyDrive forum.

Brenton House

Microsoft Cloud services are changing... Windows Live is dead. Long live SkyDrive.

Mon, 07 May 2012 03:32:00 GMT

http://blogs.msdn.com/b/b8/archive/2012/05/02/cloud-services-for-windows-8-and-windows-phone-windows-live-reimagined.aspx

We have talked quite a bit about SkyDrive and using your Microsoft account for the sign-in and roaming capabilities of Windows 8. These are just two aspects of a broad service infrastructure that you can tap into when using Windows 8 (and Windows Phone, Xbox LIVE, and a host of other services and apps). We want to talk more about the capabilities and features of cloud services for Windows 8 and Windows Phone. To get started, Chris Jones, the VP of our Windows Live group responsible for the development and operations of all of the services and apps, authored this post to introduce the reimagined role of cloud services in Windows 8.
--Steven

Brenton House