Your SlideShare is downloading. ×
CIS13: Identity-enabled Network APIs
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

CIS13: Identity-enabled Network APIs


Published on

Andrew Johnston, Technology Strategy Manager, Services Enablement, Telus …

Andrew Johnston, Technology Strategy Manager, Services Enablement, Telus
Many organizations face a common set of challenges as they look to contribute their APIs to the online and mobile application ecosystems. Key concerns include defending our customers from potential API abuse, putting our customers in control of their own service experiences, delivering the best possible user-experience and presenting usable APIs to developers. Learn how TELUS has approached these challenges with the assistance of standards like OAuth 2.

Published in: Technology, Business

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Mobile Identity: Truth and Dare – Identity-enabled APIs Andrew Johnston Member of the TELUS team Cloud Identity Summit 2013 July 12, 2013
  • 2. TELUS Public2 n  (coverage map) n  (key services, technology)
  • 3. TELUS Public3 Why APIs are important n  Re-using capabilities saves time and money. n  Introducing well-considered APIs affords the abstraction of complexity. n  Opening access to capabilities for 3rd parties brings: n  additional savings; n  greater access to innovation.
  • 4. TELUS Public4 Why measuring API use is important What we expected 1.  SMS (messaging) 2.  Location 3.  MMS (picture messaging) 4.  Charging 5.  Subscriber profile What we saw 1.  Subscriber profile 2.  Charging 3.  SMS (messaging) 4.  Location 5.  MMS (picture messaging) “There’s something missing.”
  • 5. TELUS Public5 Why identity is important to APIs n Every API needs a subject. n “On the Internet, nobody knows you’re a dog.”
  • 6. TELUS Public6 Authentication as an API n  TELUS issues secure credentials to our subscribers. n  Let’s use those! n  Look to what’s working and, ideally, standardized. n  SAML 2.0 Web Browser Single Sign-On Profile. n  Don’t write security software. n  Privacy benefits available. “OK, but…”
  • 7. TELUS Public7 API Authorization n  Developer usability counts, too. n  Standards are still a good idea. n OAuth 2.0 n  Writing your own security software is still a bad idea. n  Build on what you have. n  Re-use is fun and valuable! n  Customers get a say.
  • 8. TELUS Public8 What worked well for us n  All customer feedback is positive. n  If they’re unhappy, you’ve learned something! n  Developers are people, too. n  Help them by letting them focus on what they want. n  Keep interfaces simple and consistent with how they will be used. n  Look for standards with: n  a number of interoperable, commercially-supported implementations; n  good tools for a number of platforms; n  an accessible community of practice. n  Re-use represents real value. “Web views? Really?”
  • 9. Questions?