Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

API Economy, Realizing the Business Value of APIs

365 views

Published on

API Economy, Realizing the Business Value of APIs

Published in: Technology
  • Be the first to comment

API Economy, Realizing the Business Value of APIs

  1. 1. ADOBE COLDFUSION SUMMIT 2016 Elishia Dvorak | Adobe API Economy: Realizing The Business Value of APIs Through Adobe API Management
  2. 2. API Economy • Treat your APIS as one of your value added products • Added value service for your customers • Monetization of new services through business models • Flexibility for future transitions • Additional revenue streams • What are businesses core assets? • Customer data • Processes • Functionality • Content • Future Business Opportunities • Leverage core assets + External Services 2 Business Value Added value services Core Assets Core Assets + External Services
  3. 3. How To Monetize an API? • Analytics expose metrics • Access Control • API call to exposed analytics and reporting services • Every component of APIM is exposed as a REST API 3
  4. 4. Monetization: Transactional • Transactional Processing • Micropayment solutions • Revenue based on volume • Fee per transaction • API (fee per call) • Global Cash Card • Experian • Paypal • Google Maps API 4
  5. 5. Monetization: Subscription • Subscription Packages • Premium Services • Different SLAs 5 Free • Minimum SLA • Entry Level • Freemium Tier 1 • Unlimited SLA • Paid • Unlimited • Premium Tier 2 • Medium SLA • Paid • Basic
  6. 6. Monetization: Marketplace • Drive growth in services through vendor products • API Services to increase vendor visibility • Subscriptions • Commissions 6 Marketplace Vendor Vendor Vendor You
  7. 7. Monetization: Partnership • Partnership Expansion • Strategic distribution through revenue sharing • Growth in numbers • Groupon • Market America shop.com 7
  8. 8. Why API Management? Access Control Versioning Analytics Documentation PortalsTestingCaching
  9. 9. Manual • Build your own • Multiple methods • API Key • Oauth2 • Basic • Be a security expert • Ensure update schedule • Manually manage edits Managed • Choose method • API Key | Oauth2 | Basic • Publish your API • Global configuration settings • Easily updated • Managed software • Regular update schedule Access Control
  10. 10. Manual • Build a manual approach • Stick with it • Manually update connected consumers of changes • Create a notification system for URI changes Managed • Specify the version number in publish workflow • Choose Lifecycle • Draft • Published • Deprecated • Retired • Notifications happen automatically Versioning & Lifecycle
  11. 11. Manual • Potentially leverage an analytics API • Build your own • Complex • High effort level Managed • Auto-generated • Customized Views/Reports • Drag and drop • Detailed statistics • Drill-down click through Analytics
  12. 12. Manual • Manually Implement documentation framework • Swagger • RAML Managed • Integrated Swagger • Subscribers can view formatted details of APIs • Lifecycle of API • Version/Description • Security Level • Resources Documentation
  13. 13. Manual • Create a cache layer • How to cache? • Where to store cache? • What to cache? Managed • Click the box and specify timeouts • Cache response (GET) • Method level caching Caching
  14. 14. Manual • Build test platform for user roles • Creating API • Consuming API Managed • Available Interface for testing based on role • Publisher testing at creation • Subscriber testing via portal • View • Inputs & Request details • Returned JSON/XML details • Status codes Testing
  15. 15. Manual • Build a new site for developers to view APIs • Complex project • Resourcing • High effort level Managed • Roles based portal available • Publisher Role • Create APIs • Manage subscribers • Metrics Dashboard • Subscriber Role • Explore APIs • Register Applications • Subscribe to API Portals
  16. 16. API Management Platform 2016 6  Throughput: single node – More than a billion requests per day!  Negligible latency for thousands of concurrent users < 30ms  Throughput: 1.8x per additional node  Users: 2x more per additional node  Latency: continues to be < 30ms  Simplified API workflows  Intuitive user interface  Easy analytics interface Speedy SimpleScalable
  17. 17. Request Flow of an API Manager7 </> APIGateway API Portal REST REST REST SOAP Partner IoT People Adobe ColdFusion Intranet App Server Cloud Network
  18. 18. Demo
  19. 19. Future Updates and Plans • Update release target mid-November 2016 • Primary Focus on Threat Protection • Track a range of vulnerabilities • Maximum request size associated with an API • Restrict access to the API based on a range of IP address • Validation of XML/JSON data based on the number of nested levels of data • configurable by the publisher • DOS, can have many nested levels to break API • specify the schema of what is acceptable • Prevention of XSS by encoding the input to an API • Protection against CSRF • Ability to enforce HTTPS for the API request to the gateway • 2 way SSL (between API Manager and End point) 9
  20. 20. Future Updates and Plans • Basic and Oauth added to Test Workflow • Multiple test end points: support for Oauth • Error response in JSON/XML format rather than HTML • Unbundled Installer • User Management: • SAML Integration for Portals • role-driven • Multitenancy – Sandboxed Partners • different portals and different administrators • organization level concept with own policies • JSON to XML and XML to JSON choice 0
  21. 21. Proof of Concept Opportunity 1 21 API Manager POC Direct Engineering Resources No License Required Hot Fix Support Step by Step Guidance Contact: elishia@adobe.com
  22. 22. More API Focused Sessions • Powering Adobe PhoneGap Applications with ColdFusion APIs • Monday 2:45-3:45pm • Build your own secure and real-time Dashboard for mobile and web • Monday 4-5pm • Customer Showcase: Bringing the API manager into your existing stack • Monday 4-5pm • Deep Dive into new API Manager : Hands on Approach (BYOL – VM install prerequisite) • Tuesday10:15 -12:30 (Walkthrough) • Security and Access Control for APIs using ColdFusion API Manager • Tuesday4 -5pm 2

×