The first in a series of NGINX labs intended for educational and workshop purposes. Topics covered here include installation, load balancing, custom access logs, cache proxies, API live monitoring and dynamic configurations.

The purpose of this lab is to demo how NGINX Controller API Management Module and NGINX App Protect can secure the OAuth Authorization Code flow, which is core to Open Banking specifications. The NGINX App Protect will be deployed as an Ingress Controller for Kubernetes and will provide both negative and positive security by ingesting the OpenAPI declaration file. The NGINX API Gateway will be controlled by NGINX Controller, will publish the application API based on the same OpenAPI declaration file, will provide JWT authentication and authorization and enforce rate limiting. The deployment and configuration of these elements will be performed automatically through a CI/CD pipeline. ELK dashboards will be used for visualization purposes and, lastly, a DAST tool will also be run as part of the CI/CD pipeline. BIG-IP APM is deployed as both Authorization Server with OpenID Connect support and as OAuth Client, in separate instances.