I’m focused on how systems communicate through APIs, Gateways, and Integration Patterns. Most of my work is around Apigee and API Security, where I aim to blend enterprise design with hands-on experimentation. I break things, fix them, and document the path so it scales for others too.

Current focus: Apigee X, OAuth2 identity flows, and CI/CD automation.
Building proxies is one thing. Building them to be secure, reliable, and scalable is the real craft.

All implementations live inside the Apigee-Lab monorepo.

A secure, optimized gateway for handling weather API traffic.

• Added JWT authentication and Spike Arrest to protect routes.
• Reduced backend load with Response Caching and smart pre-fetching.
• Implemented tiered Monetization Quotas (Silver/Gold) for controlled usage.

Technologies: Apigee X JWT Caching Policies Spike Arrest FaultRules

A mock banking API built to demonstrate clean identity and access management.

• Implemented Client Credentials Flow for machine-to-machine security.
• Designed Conditional Proxy Flows separating public and protected routes.
• Set up Products, Developers, Apps to enforce granular scopes and limits.

Technologies: Apigee X OAuth 2.0 Client Credentials Conditional Flows API Products

A composition layer for consolidating multiple backend responses into a single payload.

• Used parallel Service Callouts to reduce round-trips.
• Applied JavaScript transformations for JSON/XML normalization.
• Added fault-tolerant routing for stability during backend failures.

Technologies: Apigee X JavaScript Policy Service Callout JSON Mashup API Composition

A continuous delivery setup for API proxies.

• Built GitHub Actions workflows to lint, package, and version proxies.
• Integrated apigeelint to catch structural and policy errors before merge.
• Added artifact staging for controlled deployments.

Technologies: GitHub Actions Node.js Apigeelint Bash CI/CD

A centralized security module for global policy enforcement.

• Built reusable Shared Flows to standardize logic across proxies.
• Enforced Spike Arrests and Security Headers globally via FlowCallout.
• Decoupled governance rules from individual proxy logic.

Technologies: Apigee X Shared Flows FlowCallout Traffic Management

A structured technical notebook.

• Concepts: OAuth, JWT, reverse proxies, governance.
• Bug Log: Real-world debugging notes from experiments.
• Snippets: Reusable templates for policies and TargetEndpoints.

A clean, semantic HTML portfolio.

Apigee | OAuth2 | JWT | CI/CD | GitHub Actions | Postman | Linux | JavaScript

1. Standardizing security logic through Shared Flows.
2. Exploring advanced traffic management and priority-based rate limiting.
3. Designing Developer Portals for API consumer onboarding.

If you work with Apigee, Kong, or any other API gateway, I’d be glad to connect.

• Star the repos if they help.
• If you see a cleaner way to design a flow or policy, feel free to open a PR.

-