SlideShare a Scribd company logo
1 of 57
Download to read offline
MICHIGAN ORACLE USERS SUMMIT 2022
WEDNESDAY OCTOBER 26,2022
2:20PM @W210A
GETTING STARTED WITH API MANAGEMENT
PRESENTER NAME: AHMED ABOULNAGA
PRESENTERTITLE: TECHNICAL DIRECTOR
TABLE OF CONTENTS
Introduction 3
APIs – A Brief Overview 6
ClientTools – Examples of Options 9
Walkthrough of REST 14
What is API Management? 21
API Gateways – HowThey Fit in API Management 25
WSO2 API Manager 29
OracleAPI Gateway (cloud) 37
FinalThoughts 51
INTRODUCTION
ABOUT ME
Ahmed Aboulnaga
 Master’s degree in Computer Science from George Mason University
 Recent emphasis on cloud,DevOps,middleware,security in current projects
 OracleACE Pro, OCE, OCA
 Author, Blogger,Presenter
 @Ahmed_Aboulnaga
WHAT THIS PRESENTATION WILL COVER
API Concepts API Management
Concepts
API Management
Products & Services
APIs
REST
cURL
API Management
API Gateway
WSO2 API Manager
Oracle API Gateway
1 2 3
1a
1b
1c
2a
2b
3a
3b
APIS
A BRIEF OVERVIEW
WHAT IS AN API?
 Application Programming Interface
 Nowadays, when APIs are mentioned,it typically refers to web APIs
 REST and SOAP web services expose application data and functionality over the
internet
WHAT IS AN API?
 All cloud vendors provide some type of API to their services
 This allows for programmatic access to cloud services
 A basic understanding of cURL, REST, and JSON is helpful
 Most cloud providers use the REST architectural style for their APIs
Client REST API Backend System
JSON / XML
GET / POST / PUT / DELETE
CLIENT TOOLS
EXAMPLES OF OPTIONS
SAMPLE REST CALL USING SOAPUI
https://api.agify.io?name=ahmed
 Popular web service client
 Support SOAP and REST
www.soapui.org
 Free version available
SAMPLE SOAP CALL USING SOAPUI
http://webservices.oorsprong.org/websamples.countryinfo/CountryInfoService.wso?WSDL
 Includes support of functional testing, service simulation,and load testing
POSTMAN
 PopularAPI client
 Free version available
www.postman.com
 Numerous features that include:
‒ Create API documentation
‒ Automated testing
‒ Design and mock APIs
‒ Monitor APIs
‒ Etc.
CURL
 Open-source command-line tool
 Supports more than 22 different protocols (e.g.,
HTTP,HTTPS,FTP,etc.)
 For HTTP,supports all methods (e.g., GET, POST,
PUT,DELETE, etc.)
 Very useful for testing RESTful web services
 Other advanced tools available include Postman,
SoapUI,Oracle SQL Developer,etc.
 Example service:
https://api.weather.gov/alerts/active?area=MI
WALKTHROUGH OF REST
WHAT IS REST?
 REpresentational StateTransfer
 Architectural style for distributed hypermedia system
 Proposed in 2000 by Roy Fielding in his dissertation
 Web Service implemented with REST is called RESTful web service
 REST is not a protocol like SOAP. It is rather an architectural style
 REST services typically use HTTP/HTTPS, but can be implemented with other
protocols like FTP
REST ARCHITECTURAL CONSIDERATIONS
Uniform interface: Easy to understand and readable results and can be
consumed by any client or programming language over basic protocols.
URI-based access: Using the same approach to a human browsing a
website where all resource are linked together.
Stateless communication: Extremely scalable since no client context is
stored on the server between requests.
REST METHODS
 The HTTP protocol provides multiple methods which you can utilize for RESTful web services
 The table maps the HTTP method to the typical REST operation
 Some firewalls may limit some HTTP methods for security reasons
HTTP Method REST Operation
GET Read
POST Create
PUT Update
DELETE Delete
OPTIONS List of available methods
HEAD Get version
PATCH Update property/attribute
Most common in
web applications
Most common in
REST to provide
CRUD functionality
RESOURCES
 Requests are sent to resources (i.e., URLs)
 Each resource represents an object which identified by a noun (e.g., employee,etc.)
 Each resource has a unique URL
 When performing a POST (create) or PUT (update),you must pass additional values
Resource HTTP Method REST Output
https://hostname/hr/employee GET Retrieve a list of all employees
https://hostname/hr/employee/12 GET Retrieve details for employee #12
https://hostname/hr/employee POST Create a new employee
https://hostname/hr/employee/12 PUT Update employee #12
https://hostname/hr/employee/12 DELETE Delete employee #12
https://hostname/hr/employee/12/address GET Retrieve address for employee #12
HTTP RESPONSE CODES
 HTTP response codes determine the overall response of the REST invocation
HTTP Code Status Description
2XX (200,201,204) OK Data was received and operation was performed
3XX (301,302) Redirect Request redirected to another URL
4XX (403,404) Client Error Resource not available to client
5XX (500) Server Error Server error
JSON
 JavaScript Object Notation
 Pronounced“Jason”
 An object surrounded by { }
 An array or ordered list
 REST can support both JSON and XML
 Less verbose than XML, but lacks metadata support
//JSON Object
{
"employee": {
"id": 12,
"name": "Kobe",
"location": "USA"
}
}
//JSON Array
{
"employees": [
{
"id": 12,
"name": "Kobe",
"location": "USA"
},
{
"id": 13,
"name": "Jordan",
"location": "Canada"
},
{
"id": 14,
"name": "Barkley",
"location": "USA"
}
]
}
WHAT IS API MANAGEMENT?
INDUSTRY DEFINITION OF “API MANAGEMENT”
“Organizations are implementing strategies to manage APIs so they
can respond to rapid changes in customer demands”
“Gives enterprises greater flexibility when reusing the functionality of
API integrations and helps save time and money without trading off
security”
“Modernize legacy applications,move to the cloud, create new
products,integrate with Salesforce and SAP, and much more”
“Accelerate innovation in today’s rapidly changing marketplace”
WHAT IS API MANAGEMENT?
 Unified API Management Solution
 For public and privateAPIs
 Centralizing control (e.g., access control)
 Rate limiting and usage policies
 Analytics
 Monetization
https://www.altexsoft.com/blog/api-management/
API MANAGEMENT TOOLS – A GARTNER DEFINITION
 What does a comprehensiveAPI Management tool consist of?
‒ Supports all stages of the API lifecycle,namely: planning and design, implementation and testing, deployment
and exploitation, and versioning and retirement
‒ Some vendors of API Management solutions specialize only in subsets of the API lifecycle, such as API gateways
and testing, while others focus on the entire lifecycle
 ComprehensiveAPI management tools typically include support in the following:
https://medium.com/transparent-data-eng/best-api-management-tools-2021-c03344dbd63b
FunctionalArea Description
Developer Portal
Self-service,fully unified catalog of APIs in which you can enable and manage the ecosystems of
developers who create and use APIs
API Gateway Management of the runtime environment,monitoring of security and API usage
Policy Management & Analytics Security configuration,mediation,and analysis of actual use of APIs
API Design & Development Toolkit for designing and creatingAPIs and integratingAPIs on existing systems
APITesting From basic mock tests to advanced functional,performance,and security tests
API GATEWAYS
HOW THEY FIT IN API MANAGEMENT
WHAT IS AN API GATEWAY?
 Sits between a client and a collection of backend services
 Acts as a reverse proxy to accept all API calls, aggregate the various services required to fulfill them,
and return the appropriate result
 Handles common tasks such as user authentication,rate limiting, and statistics
 When should you use an API Gateway?
‒ To provide a single,unifiedAPI entry point across
‒ To protect your APIs from overuse and abuse (using authentication and rate limiting)
‒ To understand how people use your APIs (using analytics and monitoring)
‒ To monetizeAPIs
‒ In a microservices architecture (a single request could require calls to dozens of distinct applications)
CHALLENGES
 Web services are the primary mechanism for applications and systems
to interoperate,communicate,and exchange data messaging
 Web services are the foundation for system-to-system communication
 Many organizations have unmanaged,insecure,and direct access by
developers to backend web services
?
Number of web services
(i.e., APIs)
?
Type of web service
security deployed
?
Usage, SLA, and
reuse metrics
PROBLEMS
Web App Java
Web Service Fusion Apps
Web Service Salesforce Web Service PayPal
Web App Java Web App Java
BENEFITS OF AN API GATEWAY
 Introduce a gateway to virtualize and abstract all backend web services
 Provides a consistent mechanism to secure and track web services
Benefits
▪ Increase security through modern
and standardized implementation
of API security for all LANL web
services
▪ Avoid open/direct access to
backend services
▪ Centralized catalog of published
APIs
▪ Maximum investment through
service reuse
▪ Threat/bot/DDOS detection
Web App Java
Web Service Fusion Apps
Web Service Salesforce Web Service PayPal
Gateway
WSO2 API MANAGER
WSO2 API MANAGER
 WSO2 API ManagerVersion 4.1.0
 Open-source,enterprise-gradeAPI management for on-premises,cloud, and hybrid
architectures
 Provides gateway capabilities
wso2.com/api-management
WSO2 API MANAGER – CREATING AN API
WSO2 API MANAGER – CONFIGURINGAN API
WSO2 API MANAGER – API CATALOG
WSO2 API MANAGER – OVERVIEW OF API
WSO2 API MANAGER – TESTINGTHE APIWITH CURL
WSO2 API MANAGER – TESTINGTHE APIWITH SOAPUI
ORACLE API GATEWAY (CLOUD)
ORACLE API GATEWAY
 Not to be confused with the legacy, on-prem Oracle API Gateway product
 Cloud-based service to publish APIs with private endpoints that are accessible internally
 Integrated with Oracle Cloud Infrastructure Identity and Access Management (IAM)
 Expose APIs with public IP addresses to accept internet traffic
 Support transformation, CORS, authentication/authorization, and request limiting
 Highly availability
 Single consolidated API endpoint https://docs.oracle.com/en-us/iaas/Content/APIGateway/Concepts/apigatewayoverview.htm
https://docs.oracle.com/en-us/iaas/Content/APIGateway/home.htm
ORACLE API GATEWAY – COST
ORACLE API GATEWAY – TUTORIAL
https://www.oracle.com/webfolder/technetwork/tutorials/infographics/oci_apigw_gs_quickview/apigw_quickview_top/apigw_quickview/index.html
ORACLE API GATEWAY – LOCATION IN CONSOLE
ORACLE API GATEWAY – CREATE A GATEWAY
ORACLE API GATEWAY – CREATE A DEPLOYMENT
ORACLE API GATEWAY – CREATE A DEPLOYMENT
ORACLE API GATEWAY – GATEWAY SERVICE DETAILS
ORACLE API GATEWAY – FIRST ATTEMPT AT CALLING API
ORACLE API GATEWAY – ENABLE ACCESS AND EXECUTION
LOGGING
ORACLE API GATEWAY – ADD 443 INBOUNDTO FIREWALL
ORACLE API GATEWAY – USINGTHE CORRECT URL CONTEXT
ORACLE API GATEWAY – CALLINGTHE ORIGINAL
UNAUTHENTICATED SERVICE
FINALTHOUGHTS
GARTNER MAGIC QUADRANT FOR FULL LIFECYCLE API
MANAGEMENT
Leaders:
 Google Apigee
 Mulesoft
 IBM
 Axway
 Software AG
 Kong
 Microsoft
WHERE API GATEWAYS FIT IN THE OVERALL ARCHITECTURE
GETTING STARTED WITH ORACLE API GATEWAY
https://docs.oracle.com/en-us/iaas/Content/APIGateway/home.htm
RECAP
Concepts
 API
 REST
 JSON
ClientTools
 SoapUI
 Postman
 cURL
Solutions
 API Management
 API Gateway
Products & Services
 WSO2 API Manager
 OracleAPI Gateway
www.mous.us
THANKYOU
SAVE THE DATE
• ASCEND CONFERENCE 2023
June 11-14,2023
Caribe Royale Resort
Orlando,Florida
https://ascendusersconference.com
• MOUS 2023
October 25, 2023
Schoolcraft College -VisTaTech Center,
18600 Haggerty Rd, Livonia,MI
https://www.mous.us
www.mous.us
THANKYOU
SURVEYS
• Session Surveys
Please complete the session survey for this
session.
The survey will be provided to each
attendee.

More Related Content

Similar to Getting Started with API Management

What's New in Confluent Platform 5.5
What's New in Confluent Platform 5.5What's New in Confluent Platform 5.5
What's New in Confluent Platform 5.5confluent
 
apidays LIVE Hong Kong - Orchestrating APIs at Scale by Hieu Nguyen Nhu
apidays LIVE Hong Kong - Orchestrating APIs at Scale by Hieu Nguyen Nhuapidays LIVE Hong Kong - Orchestrating APIs at Scale by Hieu Nguyen Nhu
apidays LIVE Hong Kong - Orchestrating APIs at Scale by Hieu Nguyen Nhuapidays
 
Web API or WCF - An Architectural Comparison
Web API or WCF - An Architectural ComparisonWeb API or WCF - An Architectural Comparison
Web API or WCF - An Architectural ComparisonAdnan Masood
 
How APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsHow APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsWSO2
 
Secc tutorials development and deployment of rest web services in java_v2.0
Secc tutorials development and deployment of rest web services in java_v2.0Secc tutorials development and deployment of rest web services in java_v2.0
Secc tutorials development and deployment of rest web services in java_v2.0Aravindharamanan S
 
Vijay Oscon
Vijay OsconVijay Oscon
Vijay Osconvijayrvr
 
WinRT and the Web: Keeping Windows Store Apps Alive and Connected
WinRT and the Web: Keeping Windows Store Apps Alive and ConnectedWinRT and the Web: Keeping Windows Store Apps Alive and Connected
WinRT and the Web: Keeping Windows Store Apps Alive and ConnectedJeremy Likness
 
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptxTransform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptxkmani5
 
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx (3).ppt
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx (3).pptTransform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx (3).ppt
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx (3).pptHusseinWassof
 
GlueCon 2018: Are REST APIs Still Relevant Today?
GlueCon 2018: Are REST APIs Still Relevant Today?GlueCon 2018: Are REST APIs Still Relevant Today?
GlueCon 2018: Are REST APIs Still Relevant Today?LaunchAny
 
Taking Control of Your Future: Own Your Service Platforms
Taking Control of Your Future: Own Your Service PlatformsTaking Control of Your Future: Own Your Service Platforms
Taking Control of Your Future: Own Your Service PlatformsAlan Quayle
 
Building Restful Applications Using Php
Building Restful Applications Using PhpBuilding Restful Applications Using Php
Building Restful Applications Using PhpSudheer Satyanarayana
 
Fundamentals of Web Development For Non-Developers
Fundamentals of Web Development For Non-DevelopersFundamentals of Web Development For Non-Developers
Fundamentals of Web Development For Non-DevelopersLemi Orhan Ergin
 
Developing a Service-oriented Architecture (SOA)- based Product Management Pl...
Developing a Service-oriented Architecture (SOA)- based Product Management Pl...Developing a Service-oriented Architecture (SOA)- based Product Management Pl...
Developing a Service-oriented Architecture (SOA)- based Product Management Pl...Amine KOUIS
 
Red Hat Openshift on Microsoft Azure
Red Hat Openshift on Microsoft AzureRed Hat Openshift on Microsoft Azure
Red Hat Openshift on Microsoft AzureJohn Archer
 
Web2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalWeb2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalMunish Gupta
 
Rest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbookRest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbookKaty Slemon
 

Similar to Getting Started with API Management (20)

What's New in Confluent Platform 5.5
What's New in Confluent Platform 5.5What's New in Confluent Platform 5.5
What's New in Confluent Platform 5.5
 
apidays LIVE Hong Kong - Orchestrating APIs at Scale by Hieu Nguyen Nhu
apidays LIVE Hong Kong - Orchestrating APIs at Scale by Hieu Nguyen Nhuapidays LIVE Hong Kong - Orchestrating APIs at Scale by Hieu Nguyen Nhu
apidays LIVE Hong Kong - Orchestrating APIs at Scale by Hieu Nguyen Nhu
 
Api design part 1
Api design part 1Api design part 1
Api design part 1
 
Web API or WCF - An Architectural Comparison
Web API or WCF - An Architectural ComparisonWeb API or WCF - An Architectural Comparison
Web API or WCF - An Architectural Comparison
 
How APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsHow APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile Environments
 
Secc tutorials development and deployment of rest web services in java_v2.0
Secc tutorials development and deployment of rest web services in java_v2.0Secc tutorials development and deployment of rest web services in java_v2.0
Secc tutorials development and deployment of rest web services in java_v2.0
 
Vijay Oscon
Vijay OsconVijay Oscon
Vijay Oscon
 
WinRT and the Web: Keeping Windows Store Apps Alive and Connected
WinRT and the Web: Keeping Windows Store Apps Alive and ConnectedWinRT and the Web: Keeping Windows Store Apps Alive and Connected
WinRT and the Web: Keeping Windows Store Apps Alive and Connected
 
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptxTransform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx
 
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx (3).ppt
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx (3).pptTransform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx (3).ppt
Transform-to-Smart-ERP-using-Custom-Mobile-Apps.pptx (3).ppt
 
GlueCon 2018: Are REST APIs Still Relevant Today?
GlueCon 2018: Are REST APIs Still Relevant Today?GlueCon 2018: Are REST APIs Still Relevant Today?
GlueCon 2018: Are REST APIs Still Relevant Today?
 
Taking Control of Your Future: Own Your Service Platforms
Taking Control of Your Future: Own Your Service PlatformsTaking Control of Your Future: Own Your Service Platforms
Taking Control of Your Future: Own Your Service Platforms
 
Web api
Web apiWeb api
Web api
 
Building Restful Applications Using Php
Building Restful Applications Using PhpBuilding Restful Applications Using Php
Building Restful Applications Using Php
 
REST full API Design
REST full API DesignREST full API Design
REST full API Design
 
Fundamentals of Web Development For Non-Developers
Fundamentals of Web Development For Non-DevelopersFundamentals of Web Development For Non-Developers
Fundamentals of Web Development For Non-Developers
 
Developing a Service-oriented Architecture (SOA)- based Product Management Pl...
Developing a Service-oriented Architecture (SOA)- based Product Management Pl...Developing a Service-oriented Architecture (SOA)- based Product Management Pl...
Developing a Service-oriented Architecture (SOA)- based Product Management Pl...
 
Red Hat Openshift on Microsoft Azure
Red Hat Openshift on Microsoft AzureRed Hat Openshift on Microsoft Azure
Red Hat Openshift on Microsoft Azure
 
Web2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalWeb2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere Portal
 
Rest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbookRest api best practices – comprehensive handbook
Rest api best practices – comprehensive handbook
 

More from Revelation Technologies

Automating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTAutomating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTRevelation Technologies
 
Automating Cloud Operations - Everything you wanted to know about cURL and RE...
Automating Cloud Operations - Everything you wanted to know about cURL and RE...Automating Cloud Operations - Everything you wanted to know about cURL and RE...
Automating Cloud Operations - Everything you wanted to know about cURL and RE...Revelation Technologies
 
Introducing the Oracle Cloud Infrastructure (OCI) Best Practices Framework
Introducing the Oracle Cloud Infrastructure (OCI) Best Practices FrameworkIntroducing the Oracle Cloud Infrastructure (OCI) Best Practices Framework
Introducing the Oracle Cloud Infrastructure (OCI) Best Practices FrameworkRevelation Technologies
 
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...Revelation Technologies
 
PTK Issue 72: Delivering a Platform on Demand
PTK Issue 72: Delivering a Platform on DemandPTK Issue 72: Delivering a Platform on Demand
PTK Issue 72: Delivering a Platform on DemandRevelation Technologies
 
PTK Issue 71: The Compute Cloud Performance Showdown
PTK Issue 71: The Compute Cloud Performance ShowdownPTK Issue 71: The Compute Cloud Performance Showdown
PTK Issue 71: The Compute Cloud Performance ShowdownRevelation Technologies
 
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...Revelation Technologies
 
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...Revelation Technologies
 
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...Revelation Technologies
 
The Microsoft Azure and Oracle Cloud Interconnect Everything You Need to Know
The Microsoft Azure and Oracle Cloud Interconnect Everything You Need to KnowThe Microsoft Azure and Oracle Cloud Interconnect Everything You Need to Know
The Microsoft Azure and Oracle Cloud Interconnect Everything You Need to KnowRevelation Technologies
 
Compute Cloud Performance Showdown: Amazon Web Services, Oracle Cloud, IBM ...
Compute Cloud  Performance Showdown: Amazon Web Services, Oracle  Cloud, IBM ...Compute Cloud  Performance Showdown: Amazon Web Services, Oracle  Cloud, IBM ...
Compute Cloud Performance Showdown: Amazon Web Services, Oracle Cloud, IBM ...Revelation Technologies
 
Securing your Oracle Fusion Middleware Environment, On-Prem and in the Cloud
Securing your Oracle Fusion Middleware Environment, On-Prem and in the CloudSecuring your Oracle Fusion Middleware Environment, On-Prem and in the Cloud
Securing your Oracle Fusion Middleware Environment, On-Prem and in the CloudRevelation Technologies
 
Oracle BPM Suite Development: Getting Started
Oracle BPM Suite Development: Getting StartedOracle BPM Suite Development: Getting Started
Oracle BPM Suite Development: Getting StartedRevelation Technologies
 
Developing Web Services from Scratch - For DBAs and Database Developers
Developing Web Services from Scratch - For DBAs and Database DevelopersDeveloping Web Services from Scratch - For DBAs and Database Developers
Developing Web Services from Scratch - For DBAs and Database DevelopersRevelation Technologies
 
Domain Partitions and Multitenancy in Oracle WebLogic Server 12c - Why It's U...
Domain Partitions and Multitenancy in Oracle WebLogic Server 12c - Why It's U...Domain Partitions and Multitenancy in Oracle WebLogic Server 12c - Why It's U...
Domain Partitions and Multitenancy in Oracle WebLogic Server 12c - Why It's U...Revelation Technologies
 
Oracle Database Cloud Service - Provisioning Your First DBaaS Instance
Oracle Database Cloud Service - Provisioning Your First DBaaS InstanceOracle Database Cloud Service - Provisioning Your First DBaaS Instance
Oracle Database Cloud Service - Provisioning Your First DBaaS InstanceRevelation Technologies
 

More from Revelation Technologies (20)

Operating System Security in the Cloud
Operating System Security in the CloudOperating System Security in the Cloud
Operating System Security in the Cloud
 
Getting Started with Terraform
Getting Started with TerraformGetting Started with Terraform
Getting Started with Terraform
 
Automating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and RESTAutomating Cloud Operations: Everything You Wanted to Know about cURL and REST
Automating Cloud Operations: Everything You Wanted to Know about cURL and REST
 
Automating Cloud Operations - Everything you wanted to know about cURL and RE...
Automating Cloud Operations - Everything you wanted to know about cURL and RE...Automating Cloud Operations - Everything you wanted to know about cURL and RE...
Automating Cloud Operations - Everything you wanted to know about cURL and RE...
 
Introducing the Oracle Cloud Infrastructure (OCI) Best Practices Framework
Introducing the Oracle Cloud Infrastructure (OCI) Best Practices FrameworkIntroducing the Oracle Cloud Infrastructure (OCI) Best Practices Framework
Introducing the Oracle Cloud Infrastructure (OCI) Best Practices Framework
 
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
 
PTK Issue 72: Delivering a Platform on Demand
PTK Issue 72: Delivering a Platform on DemandPTK Issue 72: Delivering a Platform on Demand
PTK Issue 72: Delivering a Platform on Demand
 
PTK Issue 71: The Compute Cloud Performance Showdown
PTK Issue 71: The Compute Cloud Performance ShowdownPTK Issue 71: The Compute Cloud Performance Showdown
PTK Issue 71: The Compute Cloud Performance Showdown
 
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
Everything You Need to Know About the Microsoft Azure and Oracle Cloud Interc...
 
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
 
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
Compute Cloud Performance Showdown: 18 Months Later (OCI, AWS, IBM Cloud, GCP...
 
The Microsoft Azure and Oracle Cloud Interconnect Everything You Need to Know
The Microsoft Azure and Oracle Cloud Interconnect Everything You Need to KnowThe Microsoft Azure and Oracle Cloud Interconnect Everything You Need to Know
The Microsoft Azure and Oracle Cloud Interconnect Everything You Need to Know
 
Cloud Integration Strategy
Cloud Integration StrategyCloud Integration Strategy
Cloud Integration Strategy
 
Compute Cloud Performance Showdown: Amazon Web Services, Oracle Cloud, IBM ...
Compute Cloud  Performance Showdown: Amazon Web Services, Oracle  Cloud, IBM ...Compute Cloud  Performance Showdown: Amazon Web Services, Oracle  Cloud, IBM ...
Compute Cloud Performance Showdown: Amazon Web Services, Oracle Cloud, IBM ...
 
Securing your Oracle Fusion Middleware Environment, On-Prem and in the Cloud
Securing your Oracle Fusion Middleware Environment, On-Prem and in the CloudSecuring your Oracle Fusion Middleware Environment, On-Prem and in the Cloud
Securing your Oracle Fusion Middleware Environment, On-Prem and in the Cloud
 
Hands-On with Oracle SOA Cloud Service
Hands-On with Oracle SOA Cloud ServiceHands-On with Oracle SOA Cloud Service
Hands-On with Oracle SOA Cloud Service
 
Oracle BPM Suite Development: Getting Started
Oracle BPM Suite Development: Getting StartedOracle BPM Suite Development: Getting Started
Oracle BPM Suite Development: Getting Started
 
Developing Web Services from Scratch - For DBAs and Database Developers
Developing Web Services from Scratch - For DBAs and Database DevelopersDeveloping Web Services from Scratch - For DBAs and Database Developers
Developing Web Services from Scratch - For DBAs and Database Developers
 
Domain Partitions and Multitenancy in Oracle WebLogic Server 12c - Why It's U...
Domain Partitions and Multitenancy in Oracle WebLogic Server 12c - Why It's U...Domain Partitions and Multitenancy in Oracle WebLogic Server 12c - Why It's U...
Domain Partitions and Multitenancy in Oracle WebLogic Server 12c - Why It's U...
 
Oracle Database Cloud Service - Provisioning Your First DBaaS Instance
Oracle Database Cloud Service - Provisioning Your First DBaaS InstanceOracle Database Cloud Service - Provisioning Your First DBaaS Instance
Oracle Database Cloud Service - Provisioning Your First DBaaS Instance
 

Recently uploaded

Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneUiPathCommunity
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfROWELL MARQUINA
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 

Recently uploaded (20)

Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyone
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 

Getting Started with API Management

  • 1. MICHIGAN ORACLE USERS SUMMIT 2022 WEDNESDAY OCTOBER 26,2022 2:20PM @W210A GETTING STARTED WITH API MANAGEMENT PRESENTER NAME: AHMED ABOULNAGA PRESENTERTITLE: TECHNICAL DIRECTOR
  • 2. TABLE OF CONTENTS Introduction 3 APIs – A Brief Overview 6 ClientTools – Examples of Options 9 Walkthrough of REST 14 What is API Management? 21 API Gateways – HowThey Fit in API Management 25 WSO2 API Manager 29 OracleAPI Gateway (cloud) 37 FinalThoughts 51
  • 4. ABOUT ME Ahmed Aboulnaga  Master’s degree in Computer Science from George Mason University  Recent emphasis on cloud,DevOps,middleware,security in current projects  OracleACE Pro, OCE, OCA  Author, Blogger,Presenter  @Ahmed_Aboulnaga
  • 5. WHAT THIS PRESENTATION WILL COVER API Concepts API Management Concepts API Management Products & Services APIs REST cURL API Management API Gateway WSO2 API Manager Oracle API Gateway 1 2 3 1a 1b 1c 2a 2b 3a 3b
  • 7. WHAT IS AN API?  Application Programming Interface  Nowadays, when APIs are mentioned,it typically refers to web APIs  REST and SOAP web services expose application data and functionality over the internet
  • 8. WHAT IS AN API?  All cloud vendors provide some type of API to their services  This allows for programmatic access to cloud services  A basic understanding of cURL, REST, and JSON is helpful  Most cloud providers use the REST architectural style for their APIs Client REST API Backend System JSON / XML GET / POST / PUT / DELETE
  • 10. SAMPLE REST CALL USING SOAPUI https://api.agify.io?name=ahmed  Popular web service client  Support SOAP and REST www.soapui.org  Free version available
  • 11. SAMPLE SOAP CALL USING SOAPUI http://webservices.oorsprong.org/websamples.countryinfo/CountryInfoService.wso?WSDL  Includes support of functional testing, service simulation,and load testing
  • 12. POSTMAN  PopularAPI client  Free version available www.postman.com  Numerous features that include: ‒ Create API documentation ‒ Automated testing ‒ Design and mock APIs ‒ Monitor APIs ‒ Etc.
  • 13. CURL  Open-source command-line tool  Supports more than 22 different protocols (e.g., HTTP,HTTPS,FTP,etc.)  For HTTP,supports all methods (e.g., GET, POST, PUT,DELETE, etc.)  Very useful for testing RESTful web services  Other advanced tools available include Postman, SoapUI,Oracle SQL Developer,etc.  Example service: https://api.weather.gov/alerts/active?area=MI
  • 15. WHAT IS REST?  REpresentational StateTransfer  Architectural style for distributed hypermedia system  Proposed in 2000 by Roy Fielding in his dissertation  Web Service implemented with REST is called RESTful web service  REST is not a protocol like SOAP. It is rather an architectural style  REST services typically use HTTP/HTTPS, but can be implemented with other protocols like FTP
  • 16. REST ARCHITECTURAL CONSIDERATIONS Uniform interface: Easy to understand and readable results and can be consumed by any client or programming language over basic protocols. URI-based access: Using the same approach to a human browsing a website where all resource are linked together. Stateless communication: Extremely scalable since no client context is stored on the server between requests.
  • 17. REST METHODS  The HTTP protocol provides multiple methods which you can utilize for RESTful web services  The table maps the HTTP method to the typical REST operation  Some firewalls may limit some HTTP methods for security reasons HTTP Method REST Operation GET Read POST Create PUT Update DELETE Delete OPTIONS List of available methods HEAD Get version PATCH Update property/attribute Most common in web applications Most common in REST to provide CRUD functionality
  • 18. RESOURCES  Requests are sent to resources (i.e., URLs)  Each resource represents an object which identified by a noun (e.g., employee,etc.)  Each resource has a unique URL  When performing a POST (create) or PUT (update),you must pass additional values Resource HTTP Method REST Output https://hostname/hr/employee GET Retrieve a list of all employees https://hostname/hr/employee/12 GET Retrieve details for employee #12 https://hostname/hr/employee POST Create a new employee https://hostname/hr/employee/12 PUT Update employee #12 https://hostname/hr/employee/12 DELETE Delete employee #12 https://hostname/hr/employee/12/address GET Retrieve address for employee #12
  • 19. HTTP RESPONSE CODES  HTTP response codes determine the overall response of the REST invocation HTTP Code Status Description 2XX (200,201,204) OK Data was received and operation was performed 3XX (301,302) Redirect Request redirected to another URL 4XX (403,404) Client Error Resource not available to client 5XX (500) Server Error Server error
  • 20. JSON  JavaScript Object Notation  Pronounced“Jason”  An object surrounded by { }  An array or ordered list  REST can support both JSON and XML  Less verbose than XML, but lacks metadata support //JSON Object { "employee": { "id": 12, "name": "Kobe", "location": "USA" } } //JSON Array { "employees": [ { "id": 12, "name": "Kobe", "location": "USA" }, { "id": 13, "name": "Jordan", "location": "Canada" }, { "id": 14, "name": "Barkley", "location": "USA" } ] }
  • 21. WHAT IS API MANAGEMENT?
  • 22. INDUSTRY DEFINITION OF “API MANAGEMENT” “Organizations are implementing strategies to manage APIs so they can respond to rapid changes in customer demands” “Gives enterprises greater flexibility when reusing the functionality of API integrations and helps save time and money without trading off security” “Modernize legacy applications,move to the cloud, create new products,integrate with Salesforce and SAP, and much more” “Accelerate innovation in today’s rapidly changing marketplace”
  • 23. WHAT IS API MANAGEMENT?  Unified API Management Solution  For public and privateAPIs  Centralizing control (e.g., access control)  Rate limiting and usage policies  Analytics  Monetization https://www.altexsoft.com/blog/api-management/
  • 24. API MANAGEMENT TOOLS – A GARTNER DEFINITION  What does a comprehensiveAPI Management tool consist of? ‒ Supports all stages of the API lifecycle,namely: planning and design, implementation and testing, deployment and exploitation, and versioning and retirement ‒ Some vendors of API Management solutions specialize only in subsets of the API lifecycle, such as API gateways and testing, while others focus on the entire lifecycle  ComprehensiveAPI management tools typically include support in the following: https://medium.com/transparent-data-eng/best-api-management-tools-2021-c03344dbd63b FunctionalArea Description Developer Portal Self-service,fully unified catalog of APIs in which you can enable and manage the ecosystems of developers who create and use APIs API Gateway Management of the runtime environment,monitoring of security and API usage Policy Management & Analytics Security configuration,mediation,and analysis of actual use of APIs API Design & Development Toolkit for designing and creatingAPIs and integratingAPIs on existing systems APITesting From basic mock tests to advanced functional,performance,and security tests
  • 25. API GATEWAYS HOW THEY FIT IN API MANAGEMENT
  • 26. WHAT IS AN API GATEWAY?  Sits between a client and a collection of backend services  Acts as a reverse proxy to accept all API calls, aggregate the various services required to fulfill them, and return the appropriate result  Handles common tasks such as user authentication,rate limiting, and statistics  When should you use an API Gateway? ‒ To provide a single,unifiedAPI entry point across ‒ To protect your APIs from overuse and abuse (using authentication and rate limiting) ‒ To understand how people use your APIs (using analytics and monitoring) ‒ To monetizeAPIs ‒ In a microservices architecture (a single request could require calls to dozens of distinct applications)
  • 27. CHALLENGES  Web services are the primary mechanism for applications and systems to interoperate,communicate,and exchange data messaging  Web services are the foundation for system-to-system communication  Many organizations have unmanaged,insecure,and direct access by developers to backend web services ? Number of web services (i.e., APIs) ? Type of web service security deployed ? Usage, SLA, and reuse metrics PROBLEMS Web App Java Web Service Fusion Apps Web Service Salesforce Web Service PayPal Web App Java Web App Java
  • 28. BENEFITS OF AN API GATEWAY  Introduce a gateway to virtualize and abstract all backend web services  Provides a consistent mechanism to secure and track web services Benefits ▪ Increase security through modern and standardized implementation of API security for all LANL web services ▪ Avoid open/direct access to backend services ▪ Centralized catalog of published APIs ▪ Maximum investment through service reuse ▪ Threat/bot/DDOS detection Web App Java Web Service Fusion Apps Web Service Salesforce Web Service PayPal Gateway
  • 30. WSO2 API MANAGER  WSO2 API ManagerVersion 4.1.0  Open-source,enterprise-gradeAPI management for on-premises,cloud, and hybrid architectures  Provides gateway capabilities wso2.com/api-management
  • 31. WSO2 API MANAGER – CREATING AN API
  • 32. WSO2 API MANAGER – CONFIGURINGAN API
  • 33. WSO2 API MANAGER – API CATALOG
  • 34. WSO2 API MANAGER – OVERVIEW OF API
  • 35. WSO2 API MANAGER – TESTINGTHE APIWITH CURL
  • 36. WSO2 API MANAGER – TESTINGTHE APIWITH SOAPUI
  • 38. ORACLE API GATEWAY  Not to be confused with the legacy, on-prem Oracle API Gateway product  Cloud-based service to publish APIs with private endpoints that are accessible internally  Integrated with Oracle Cloud Infrastructure Identity and Access Management (IAM)  Expose APIs with public IP addresses to accept internet traffic  Support transformation, CORS, authentication/authorization, and request limiting  Highly availability  Single consolidated API endpoint https://docs.oracle.com/en-us/iaas/Content/APIGateway/Concepts/apigatewayoverview.htm https://docs.oracle.com/en-us/iaas/Content/APIGateway/home.htm
  • 39. ORACLE API GATEWAY – COST
  • 40. ORACLE API GATEWAY – TUTORIAL https://www.oracle.com/webfolder/technetwork/tutorials/infographics/oci_apigw_gs_quickview/apigw_quickview_top/apigw_quickview/index.html
  • 41. ORACLE API GATEWAY – LOCATION IN CONSOLE
  • 42. ORACLE API GATEWAY – CREATE A GATEWAY
  • 43. ORACLE API GATEWAY – CREATE A DEPLOYMENT
  • 44. ORACLE API GATEWAY – CREATE A DEPLOYMENT
  • 45. ORACLE API GATEWAY – GATEWAY SERVICE DETAILS
  • 46. ORACLE API GATEWAY – FIRST ATTEMPT AT CALLING API
  • 47. ORACLE API GATEWAY – ENABLE ACCESS AND EXECUTION LOGGING
  • 48. ORACLE API GATEWAY – ADD 443 INBOUNDTO FIREWALL
  • 49. ORACLE API GATEWAY – USINGTHE CORRECT URL CONTEXT
  • 50. ORACLE API GATEWAY – CALLINGTHE ORIGINAL UNAUTHENTICATED SERVICE
  • 52. GARTNER MAGIC QUADRANT FOR FULL LIFECYCLE API MANAGEMENT Leaders:  Google Apigee  Mulesoft  IBM  Axway  Software AG  Kong  Microsoft
  • 53. WHERE API GATEWAYS FIT IN THE OVERALL ARCHITECTURE
  • 54. GETTING STARTED WITH ORACLE API GATEWAY https://docs.oracle.com/en-us/iaas/Content/APIGateway/home.htm
  • 55. RECAP Concepts  API  REST  JSON ClientTools  SoapUI  Postman  cURL Solutions  API Management  API Gateway Products & Services  WSO2 API Manager  OracleAPI Gateway
  • 56. www.mous.us THANKYOU SAVE THE DATE • ASCEND CONFERENCE 2023 June 11-14,2023 Caribe Royale Resort Orlando,Florida https://ascendusersconference.com • MOUS 2023 October 25, 2023 Schoolcraft College -VisTaTech Center, 18600 Haggerty Rd, Livonia,MI https://www.mous.us
  • 57. www.mous.us THANKYOU SURVEYS • Session Surveys Please complete the session survey for this session. The survey will be provided to each attendee.