Blog
Insights for API governance and platform teams
Ideas and patterns for shipping APIs safely—lifecycle, gateway policy, workflows, developer portal, observability, and AI agent access—without vendor lock-in.
Written for platform, security, and integration leads who run Zerq on-prem, hybrid, or cloud.
Subscribe via RSSUpdated when we publish—no inbox required.
Articles
- Idempotent payment APIs at the gateway layer: duplicate request protection with Zerq workflows
- fintech
- payments
- workflow-builder
Implement idempotent payment APIs at the gateway layer using Zerq's workflow builder — Redis-backed duplicate detection, no backend code changes needed.
Read article - mTLS for B2B API partners: a complete setup guide
- security
- mtls
- partner-integration
Set up mTLS B2B partner API authentication in Zerq: certificate generation, nginx ingress config, profile setup, and per-partner audit trail in 7 steps.
Read article - Your API Gateway Is Your AI Gateway: Connect Claude, Cursor, and ChatGPT to Your APIs with MCP
- mcp
- model-context-protocol
- ai-agents
Stop building a second AI gateway. Claude, Cursor, ChatGPT, and any MCP-compatible client can call your existing enterprise APIs through the same gateway, credentials, and audit trail you already have — via MCP.
Read article - API Platform Automation with Zerq Management MCP — Collections, Policies, Clients, Audit, and Metrics via Claude, ChatGPT, and CI/CD
- management-mcp
- model-context-protocol
- api-platform-automation
Manage your entire API platform via MCP — collections, proxies, workflows, policies, clients, profiles, credentials, audit logs, and metrics — with Claude, ChatGPT, Manus, Cursor, and CI/CD under the same OIDC identity and RBAC as your admin UI.
Read article - 82% of Security Executives Are Confident in Their AI Agent Policies. Over Half of Those Agents Are Running Without Oversight.
- ai
- security
- governance
The State of AI Agent Security 2026 Report found that 82% of executives feel confident their existing policies cover AI agents — while more than half of deployed agents operate without monitoring or logging. That gap is producing an 88% enterprise incident rate.
Read article - How AI Agents Authenticate to Enterprise APIs Securely
- ai-agents
- api-security
- mcp
AI agents need to call enterprise APIs. Here's how to do it securely - same credentials, same audit trail, no separate authentication path. A practical guide for enterprise teams.
Read article - Blast Radius: How a Single Compromised AI Agent Can Poison 87% of Your Downstream Operations in Four Hours
- agentic-ai
- api-security
- governance
Research on multi-agent system failures found that a single compromised agent can poison 87% of downstream decision-making within four hours. The only reliable containment layer is the API gateway — if it's built for agent-level identity and per-client blast-radius controls.
Read article - How to Build a Complete API Audit Trail for Banking Regulators
- banking
- compliance
- audit-trail
Banking regulators want to know who accessed which API, when, and what happened. Here's how to build an API audit trail that satisfies regulators and internal compliance teams.
Read article - Your Quarterly Access Review Covers Humans. It Misses 82 Machine Identities Per Employee.
- security
- compliance
- ai
Enterprise access reviews are built around human users. But the identity surface has inverted: for every employee, there are now an estimated 82 machine identities operating against your APIs. Without a machine-identity-aware gateway model, your access reviews are compliance theatre.
Read article