Malcolm Sparks
CTO of JUXT
Building a Secure API Platform
A data-driven approach
Who am I?
| 1982-1991 | BASIC, 68000 |
| 1991-1996 | C, C++, UNIX |
| 1996-2009 | JVM (Java, XML) |
| 2009-2023 | JVM (Clojure) |
Malcolm Sparks, Founder & CTO @ JUXT
@malcolmsparks (GitHub, X, LinkedIn, etc.)
Languages
Who am I?
| 1997 | Server-side Java, CORBA, RMI, Servlets |
| 1998 | Enterprise JavaBeans, EJBHome |
| 1999-2003 | J2EE App Servers, Servlet/JSP containers |
| 2006+ | REST |
| 2010 | plugboard, Liberator |
| 2014 | bidi, yada |
| 2019+ | jinx, pick, reap, tick, grab... |
| 2020-2023 | Site |
Projects
- Founded 2013
- "to simplify the way the world develops software"
- Web Development, Information Systems
- Lots of experience building APIs
Introducing 'Site'
An API server
API Design-First
API Design-First
API Design-First
Introducing 'Site'
- Really, just a web server, backed by a database
- Web resources are documents, keyed by URI
- Each document contains metadata for how to handle the resource
- Content negotiation
- Conditional requests
- Cacheing
- Operations are resources
- Document defines database operations (in code), access control
Introducing 'Site'
- Web resources can be bundled, e.g.
- OpenAPI
- OAuth2
- Your API
- OAuth2
- grants: authorization_code + pkce, implicit, resource owner credentials, client_credentials
- app registry, access token issuance
- Access Control
- RBAC, ABAC, PBAC, ReBAC...
- 100% Open Source, written in Clojure (JVM)
Installing Site
docker run --net host ghcr.io/juxt-site/site-server
alias site=
'docker exec -it
$(docker ps -qf ancestor=ghcr.io/juxt-site/site-server) site'
Initializing Site
site initDemo...
Questions?
Malcolm Sparks, Founder & CTO @ JUXT
@malcolmsparks (GitHub, X, LinkedIn, etc.)
Please contact me if you are interested in discussing these ideas with me:
mal@juxt.pro
Building A Secure API Platform: A Data-driven Approach
By Malcolm Sparks
