The Touchpoint Architecture Platform uses an API Gateway for 'external' client applications to access the TPA platform API's. API Security defines how the APIs of the Touchpoint Architecture are protected and can communicate between each other in a secure and scalable way.
The target state for the Touchpoint Architecture is that all APIs within ING across all countries, can communicate with each other with little restrictions within the platform.
Systems which are outside of the Touchpoint Platform (Security Boundary) will use the API Gateway to access APIs within the platform.
The API Gateway will handle all Client Application-specific security measures (like CORS, CSRF, JSON Busting for browsers and SRP channel for Mobile, etc) to avoid APIs to have to implement these themselves.
Your Day-to-Day:
Who we are looking for?
We are currently looking for 1 senior developer for our NGINX Squad within Touchpoint. The squad is divided over two locations, Amsterdam and Bucharest.
The products our team delivers are not only the authentication proxy for all internet channels in the Netherlands and Belgium, but also various authentication components. These are the target TokenAPI, FederatedIdentityService (OIDC/SAML) and legacy authenticating applications. Furthermore, we deliver security components, which are reused in the ING developer frameworks to verify users, extract user information and provide secure API to API communication. Another large component is for automation in which we automate the flows we provide via the gateway. This also means expertise of the Touchpoint Automation (TPS) and the used languages there, like REGO.
What you bring to the team:
What we offer
• Excellent salary
• Professional working environment
• Working in an enthusiastic DevOps team with a high development pace
• 36 hour working week
• pension scheme
• 13th month salary
• Informal working environment with innovative colleagues