CIS13: Identity-enabled Network APIs

  • 386 views
Uploaded on

Andrew Johnston, Technology Strategy Manager, Services Enablement, Telus …

Andrew Johnston, Technology Strategy Manager, Services Enablement, Telus
Many organizations face a common set of challenges as they look to contribute their APIs to the online and mobile application ecosystems. Key concerns include defending our customers from potential API abuse, putting our customers in control of their own service experiences, delivering the best possible user-experience and presenting usable APIs to developers. Learn how TELUS has approached these challenges with the assistance of standards like OAuth 2.

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
386
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
16
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Mobile Identity: Truth and Dare – Identity-enabled APIs Andrew Johnston Member of the TELUS team Cloud Identity Summit 2013 July 12, 2013
  • 2. TELUS Public2 n  (coverage map) n  (key services, technology)
  • 3. TELUS Public3 Why APIs are important n  Re-using capabilities saves time and money. n  Introducing well-considered APIs affords the abstraction of complexity. n  Opening access to capabilities for 3rd parties brings: n  additional savings; n  greater access to innovation.
  • 4. TELUS Public4 Why measuring API use is important What we expected 1.  SMS (messaging) 2.  Location 3.  MMS (picture messaging) 4.  Charging 5.  Subscriber profile What we saw 1.  Subscriber profile 2.  Charging 3.  SMS (messaging) 4.  Location 5.  MMS (picture messaging) “There’s something missing.”
  • 5. TELUS Public5 Why identity is important to APIs n Every API needs a subject. n “On the Internet, nobody knows you’re a dog.”
  • 6. TELUS Public6 Authentication as an API n  TELUS issues secure credentials to our subscribers. n  Let’s use those! n  Look to what’s working and, ideally, standardized. n  SAML 2.0 Web Browser Single Sign-On Profile. n  Don’t write security software. n  Privacy benefits available. “OK, but…”
  • 7. TELUS Public7 API Authorization n  Developer usability counts, too. n  Standards are still a good idea. n OAuth 2.0 n  Writing your own security software is still a bad idea. n  Build on what you have. n  Re-use is fun and valuable! n  Customers get a say.
  • 8. TELUS Public8 What worked well for us n  All customer feedback is positive. n  If they’re unhappy, you’ve learned something! n  Developers are people, too. n  Help them by letting them focus on what they want. n  Keep interfaces simple and consistent with how they will be used. n  Look for standards with: n  a number of interoperable, commercially-supported implementations; n  good tools for a number of platforms; n  an accessible community of practice. n  Re-use represents real value. “Web views? Really?”
  • 9. Questions? andrew.johnston@telus.com