Articles about API gateways, spec-driven development, and building with Rust and WASM.
From schema validation and secrets management to FIPS 140-3 cryptography and GitOps workflows — the specific controls Barbacane provides for SOC 2, PCI DSS, HIPAA, FedRAMP, and beyond.
APIs are easy to launch and nearly impossible to kill. Explore how Barbacane's compiled, spec-driven approach turns API retirement from an organizational ordeal into a routine lifecycle operation.
Auditors don't just ask whether you have security controls. They ask how you can prove those controls were actually enforced. Explore how Barbacane's compiled approach turns your API gateway into a verifiable compliance artifact.
A roadmap isn't a feature wishlist. It's a series of bets about what matters most, made with incomplete information. Here's how we decide what to build next for an open-source API gateway.
Authentication tells you who someone is. Authorization tells you what they can do. Explore how Barbacane's CEL and OPA plugins bring policy-driven access control to the gateway layer, from inline expressions to centralized policy engines.
Most API tooling assumes one repo, one spec. But microservices don't work that way. Explore how Barbacane's multi-spec compilation merges your OpenAPI and AsyncAPI files into a single, validated artifact.
What if your OpenAPI spec wasn't just documentation, but the actual configuration of your production gateway? Explore how Barbacane eliminates configuration drift with a spec-driven, compiled approach.