API Management

954 views

Published on

Mobile is hot.
Enterprises want to expose data for developers and thats where API Management comes in. I looked into it and this presentation gives a short overview of the items you are faced with.

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
954
On SlideShare
0
From Embeds
0
Number of Embeds
13
Actions
Shares
0
Downloads
39
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Thank you for the opportunity to meet with you today.

    Before I tell you a little bit about Ciber, I want to explain Ciber’s approach to doing business.

    We don’t see ourselves as consultants or technology vendors. We see ourselves as partners, and that impacts everything we do.

    That’s why we’re client focused. We listen to your challenges and goals. They’re what drive our solutions and guide everything we do.

    And, we’re results driven. We measure success by results … the same way you do.

    This approach – client focused, results driven – is how Ciber transforms engagements into long-term partnerships … which gives our clients the reassurance of doing business with someone they know and trust.

    Nearly 97 percent of our clients say they’d use Ciber again. During the next XX minutes, I’ll show you who we are and why our clients stay with us.
  • API Management

    1. 1. API Management Roger van de Kimmenade
    2. 2. 6/26/2014 | 2 | ©2014 Ciber, Inc.
    3. 3. 6/26/2014 | 3 | ©2014 Ciber, Inc. What is an API ? • API = Application Programming Interface • API = SaaS? • API = SOA Service? • API alias Open API, public API, webapi • API = Lightweight interface • API = Exposing data for customers/partners • API can act as façade to SOA
    4. 4. 6/26/2014 | 4 | ©2014 Ciber, Inc. What are the business values of APIs ?
    5. 5. 6/26/2014 | 5 | ©2014 Ciber, Inc. What are the business values of APIs ?
    6. 6. 6/26/2014 | 6 | ©2014 Ciber, Inc. API Business Models
    7. 7. 6/26/2014 | 7 | ©2014 Ciber, Inc. API types
    8. 8. 6/26/2014 | 8 | ©2014 Ciber, Inc. What is API Management ?
    9. 9. 6/26/2014 | 9 | ©2014 Ciber, Inc. API can come in many forms • http • https • REST • SOAP • Plain Text • XML • JSON • Other media
    10. 10. 6/26/2014 | 10 | ©2014 Ciber, Inc. API Documentation • SOAP -> WSDL • REST -> Swagger (a specification and framework implementation for describing, producing, consuming, and visualizing RESTful web services) • REST -> I/O Docs, APIary.io • JSON Home document • ALPS, Application Level Profile Semantics
    11. 11. 6/26/2014 | 11 | ©2014 Ciber, Inc. What makes a good API? • Granularity • Thin interfaces • No versioning (backward compatibility) • Focus on the message rather than on the client or server
    12. 12. 6/26/2014 | 12 | ©2014 Ciber, Inc. API Granularity ServiceDomainEnterprise Enterprise API GetKlanten API geefKlant Boekenplank Content API geefBoek Zoek API zoekBoek
    13. 13. 6/26/2014 | 13 | ©2014 Ciber, Inc. Item Enterprise Domain Service Services All services in 1 API Services within domein Several APIs 1 service within 1API Explosion of APIs Authorization - Whole API - Not flexible - Policies for whole API - Can be domain specific - More Flexible - Very flexible - Maintenance hell Versioning - Whole API changes - API can be versioned - Versioning per service Data filtering - Complex - - Data filtering per service Governance - Complex, difficult overview - Better to maintain - Easier to set responsibilities - Maintenance hell - Overview difficult API Granularity
    14. 14. 6/26/2014 | 14 | ©2014 Ciber, Inc. Externe Consumer API Gateway Klanten Service Interne BNL Consumer 3 Consumers Service Interface KlantAPI CRM Service ESB Consumer Consumer KlantService Service Impl. API Services
    15. 15. 6/26/2014 | 15 | ©2014 Ciber, Inc. Internal and/or external Item Internal (services) External (APIs) protocol Standardize on 1 protocol More protocol needed Data security Less important? More under control Sometimes crucial Data format Easier to standardize Multiple formats needed (JSON/XML/Plain) Versioning Can change more often Need for stable interfaces Support of multiple versions needed Security More control internally (No SSL, encryption, throttling) DDOS attacks Throttling needed Auditing Authentication en autorization Services Service Repository More services (i.e. CRM) Through ESB API Store Only external services Through DMZ and API Gateway
    16. 16. 6/26/2014 | 16 | ©2014 Ciber, Inc. API Management architecture
    17. 17. 6/26/2014 | 17 | ©2014 Ciber, Inc. API Components Component Functionality API Gateway • Authentication (OAuth, HTTP Auth, SSL) • Authorization • Data filtering • Throttling • Data transformation • Protocol transformation • Routing • Sandbox API Manager • Managing users/partners • Publish API • API development cycle API Store • Searching of API services • Registration of partners • Subscribing on API • API documentation/interface • Sandbox
    18. 18. 6/26/2014 | 18 | ©2014 Ciber, Inc. Security • Authentication - Basic Authentication - OAuth 2.0 - SAML - NLTM - Social login • Authorization - OAuth • SLA - Throttling - Scaling - Billing
    19. 19. 6/26/2014 | 19 | ©2014 Ciber, Inc. API Authenticatie/Autorisatie • OAuth als API Token en Klant autorisatie Partner App API Gateway Klanten Service API Oauth Token KlantenService Check Klant Oauth token Klant Oauth Token Klant Oauth Token
    20. 20. 6/26/2014 | 20 | ©2014 Ciber, Inc. Governance? • What to govern? • Commitment to clients for a certain amount of time • Don’t break clients • Managing the life-cyle • Versioning
    21. 21. 6/26/2014 | 21 | ©2014 Ciber, Inc. API vs SOA
    22. 22. 6/26/2014 | 22 | ©2014 Ciber, Inc. API Examples
    23. 23. 6/26/2014 | 23 | ©2014 Ciber, Inc. PayPal API
    24. 24. 6/26/2014 | 24 | ©2014 Ciber, Inc. API Architecture
    25. 25. 6/26/2014 | 25 | ©2014 Ciber, Inc. References • https://www.youtube.com/watch?v=Yu4vr_5JP0Q • WebAPI en API Management (youtube)

    ×