• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
API and SOA: Two sides of the same coin
 

API and SOA: Two sides of the same coin

on

  • 87 views

 

Statistics

Views

Total Views
87
Views on SlideShare
87
Embed Views
0

Actions

Likes
0
Downloads
2
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    API and SOA: Two sides of the same coin API and SOA: Two sides of the same coin Presentation Transcript

    • API and SOA : Two sides of the same coin? Alistair Farquharson CTO, SOA Software Sachin Agarwal, VP Product Marketing SOA Software Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Speakers Alistair Farquharson CTO SOA Software Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved. Sachin Agarwal VP, Prod. Marketing SOA Software
    • API and SOA Resources • Resource Center – http://resource.soa.com/ • Webinar Recording – http://resource.soa.com/resource/webinars • Follow us on: www.facebook.com/soasoftware www.linkedin.com/company/soasoftware @soasoftwareinc Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • SOA Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Key to Adoption • Two keys: – Interestingly it started off similarly to APIs – with the promise of new revenue and the IoT was on the tip of everyone’s tongues. – The fact is that, five/ten years ago the demand for IoT and Mobile was almost non-existent compared to today. – SOA turned inward, even though that was not the original goal necessarily – The promise of re-use drives businesses to a service orientation – Standards adoption Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Limitations • It’s a complex world with complex issues and it requires support and skills to do correctly. To do SOA right, you need the company behind you, but there are massive payoffs and incredible success stories • Since SOA became an integration technology, it had to become sophisticated (I use that term on purpose) – Security (WS-S*) – Transactionality (WS-*) – Multi-protocol • The timelines associated with an ROI are long, simply because projects are long and organizations are large • A pragmatic reason: readability: Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Common Components Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • SOA Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Example - The SOA Catalog • SOA was initially focused on UDDI, WSDL and SOAP. • The idea was that the UDDI standard would provide a consistent way to discover services and associated metadata. • As a sign of things to come, the UDDI standard, while ratified, lost support. I believe that this was due to: – Inflexibility – Human readability Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • UDDI - Technical and Inhuman(e) Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • The Repository • Over time, the UDDI Registry has been replaced by the Repository • Repositories are more flexible, typically template and workflow driven • Repositories are focused on the development lifecycle • Their goal is to guide development activities and provide visibility and accountability in the SDLC process • Now we are seeing API developer portals emerge to complement internal repositories Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • SOA SOA, in its focus on machine to machine integration and standardization, has, in the past, forgotten about the human in the equation. This is changing. Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • API Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Why APIs? Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • The API Portal • The API Catalog approaches the problem from a completely different direction based on its origins – Consumer-facing – Mobile/Web App consumer • APIs continue the trend of human to human, rather than machine to machine, interaction • The developer is now the customer, rather than a participant – A lack of enthusiasm for standards has forced a document-centric approach, which is better for humans anyway – The need for channel marketing has driven a portal design – The need for developer engagement has improved utility Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • The Different Roles Repository • • • • API Portal • • • • Production SDLC Security Inside Both are required Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved. Consumption Promotion/Support Provisioning Outside
    • The Need for Both Production Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved. Consumption
    • Unified API Platform Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • The relationship between APIs and SOA Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • • API initiatives are the lucky ones: – Business funding – Green field – Shifted center of gravity Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Common Misconceptions • APIs and Web Services are distinguished by the technology they use, JSON vs. SOAP • APIs have become the external interface to an organization while Web Services have become components for internal collaborations Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • What is an API • Has become a broader term than web service, it is not exclusive to JSON/HTTP as some may lead us to believe • Can utilize different data formats such as XML, SOAP, JSON, or plain text • Can utilize different transports such as WebSockets, HTTP, TCP, MLLP, JMS, or MQ • Does not exclude Web Services, SOAP, XML, JMS Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Differentiating through Exposure • The choice of technology should be dictated by the client: – Web/JavaScript – JSON/HTTP, WebSockets – Mobile – JSON/HTTP – Java A2A – XML over the most relevant protocol • You may need to expose multiple types depending on the channel Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Simplifying the Landscape • APIs are a superset of Web Services – it is a business differentiation, not a technical one – Business, product focus – Shifted center of gravity • You need a single platform that is flexible enough to handle multiple: – Transports and Protocols – Message types – Descriptors and Documentation Standards Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Sample Topology Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • What’s wrong with the API platform? Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Wire Protocol • APIs are typically JSON/REST – Web/Mobile • Web Services are typically XML/SOAP – A2A Integration • Management platforms need to cater to both. Typically, however, they focus on one to the detriment of the other. Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • The Need for Both • Depending on the consumer, APIs may need to be SOAP as well as JSON/REST • APIs regularly leverage backend SOAP services within an organization • The management platform therefore needs to: • Understand both APIs and Services • Mediate between SOAP/XML and JSON/REST • Understand the dependencies between APIs and Services to facilitate change management, root cause alaysis etc. Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Descriptor • API developers ideally write detailed documentation, with samples messages and code to communicate API details. – Pro : Human readable – Con : Change management is subjective • Web Services primarily use WSDL and WS-Policy – Pro : Change management is explicit – Con : Difficult to understand Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • The Need for Both • Effective change management and version control demands that the API and Web Service are formally described in some way – WSDL – Swagger – WADL • The side benefits of this are: – Document generation – Code generation Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Security • APIs typically leverage OAuth or HTTP request signing mechanisms for security – Transport-based (HTTP) – Device capable • SOA leverages WS-S, SAML, WS-Trust, etc – Message-based – XML Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • The Need for Both • Security mediation between web standards and WS-* standards is critical • A deep understanding of the different standards and policies is required, including: – OAuth 1.0a/2.0 – Header-based signature mechanisms – SAML – WS-Security – XACML • Token and identity mediation is critical Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Summary SOA, in its focus on machine to machine integration and standardization, forgot about the human in the equation. APIs, in their focus on ease of use, have forgotten about management and control. You need both Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Successful APIs Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Key Components There are three key components to making an API effort successful in the long term.  Design  Implementation  Program Management All of these require a comprehensive platform 35 Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • APIs are tip of the Iceberg! Drive Accelerate Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved. Monetize Analyze
    • What does a Management Platform Provide Business Foundation/ Functional Tier Service Arch. Lifecycle Data arch. NonFunctional Tier Security, Mediation, QoS, Analytics Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved. Protocol Tier Publishing, Oauth, etc.
    • Business Foundation/Functional Tier • Service Rationalization, Reuse • Lifecycle Management • Change Management • Impact Analysis Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Non-Functional Tier • Security – Integration with Enterprise SSO/LDAP – Message Security/Encryption – Threat Protection • Orchestration • Monitoring – Rate limiting – QoS – SLA • Analytics Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • Protocol Tier • SOAP • JSON • etc Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • The Unified SOA & API Platform Analytics Developer Engagement Gateway Services Service Integration Lifecycle Management Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.
    • API and SOA Resources • Resource Center – http://resource.soa.com/ • Webinar Recording – http://resource.soa.com/resource/webinars • Follow us on: www.facebook.com/soasoftware www.linkedin.com/company/soasoftware @soasoftwareinc Copyright © 2001-2013 SOA Software, Inc. All Rights Reserved.