Blog
Insights for API governance and platform teams
Ideas and patterns for shipping APIs safely—lifecycle, gateway policy, workflows, developer portal, observability, and AI agent access—without vendor lock-in.
Written for platform, security, and integration leads who run Zerq on-prem, hybrid, or cloud.
Subscribe via RSSUpdated when we publish—no inbox required.
Articles
- Enforcing open banking consent at the API gateway: a step-by-step workflow guide
- open-banking
- psd2
- workflow-builder
Step-by-step guide to enforcing PSD2 consent at the API gateway with Zerq's workflow builder: real node config, full audit trail, no custom backend code.
Read article - Idempotent payment APIs at the gateway layer: duplicate request protection with Zerq workflows
- fintech
- payments
- workflow-builder
Implement idempotent payment APIs at the gateway layer using Zerq's workflow builder — Redis-backed duplicate detection, no backend code changes needed.
Read article - mTLS for B2B API partners: a complete setup guide
- security
- mtls
- partner-integration
Set up mTLS B2B partner API authentication in Zerq: certificate generation, nginx ingress config, profile setup, and per-partner audit trail in 7 steps.
Read article - Your API Gateway Is Your AI Gateway: Connect Claude, Cursor, and ChatGPT to Your APIs with MCP
- mcp
- model-context-protocol
- ai-agents
Stop building a second AI gateway. Claude, Cursor, ChatGPT, and any MCP-compatible client can call your existing enterprise APIs through the same gateway, credentials, and audit trail you already have — via MCP.
Read article - API Platform Automation with Zerq Management MCP — Collections, Policies, Clients, Audit, and Metrics via Claude, ChatGPT, and CI/CD
- management-mcp
- model-context-protocol
- api-platform-automation
Manage your entire API platform via MCP — collections, proxies, workflows, policies, clients, profiles, credentials, audit logs, and metrics — with Claude, ChatGPT, Manus, Cursor, and CI/CD under the same OIDC identity and RBAC as your admin UI.
Read article - 82% of Security Executives Are Confident in Their AI Agent Policies. Over Half of Those Agents Are Running Without Oversight.
- ai
- security
- governance
The State of AI Agent Security 2026 Report found that 82% of executives feel confident their existing policies cover AI agents — while more than half of deployed agents operate without monitoring or logging. That gap is producing an 88% enterprise incident rate.
Read article - How AI Agents Authenticate to Enterprise APIs Securely
- ai-agents
- api-security
- mcp
AI agents need to call enterprise APIs. Here's how to do it securely - same credentials, same audit trail, no separate authentication path. A practical guide for enterprise teams.
Read article - Blast Radius: How a Single Compromised AI Agent Can Poison 87% of Your Downstream Operations in Four Hours
- agentic-ai
- api-security
- governance
Research on multi-agent system failures found that a single compromised agent can poison 87% of downstream decision-making within four hours. The only reliable containment layer is the API gateway — if it's built for agent-level identity and per-client blast-radius controls.
Read article - How to Build a Complete API Audit Trail for Banking Regulators
- banking
- compliance
- audit-trail
Banking regulators want to know who accessed which API, when, and what happened. Here's how to build an API audit trail that satisfies regulators and internal compliance teams.
Read article