Downloaded 114 times
Uploaded byWSO2
API Management Platform Technical Evaluation Framework
The document outlines a framework for evaluating API management platforms, highlighting the importance of APIs as business capabilities. It discusses strategies for API adoption, challenges to overcome, and the features that a robust API management platform should offer, including monitoring, governance, and analytics. Emphasis is placed on creating high-quality, secure APIs that enhance developer engagement and drive ecosystem adoption.
More Related Content
Similar to API Management Platform Technical Evaluation Framework
![[Workshop] Managing the API lifecycle with Open Source Technologies](https://cdn.slidesharecdn.com/ss_thumbnails/workshopmanagingtheapilifecyclewithopensourcetechnologies1-190704142905-thumbnail.jpg?width=640&height=640&fit=bounds)
![[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...](https://cdn.slidesharecdn.com/ss_thumbnails/wso2summitsydney2019buildingasuccessfulapistrategyfromscratchandwinningit-190308025748-thumbnail.jpg?width=640&height=640&fit=bounds)
![[Roundtable] Choreo - The AI-Native Internal Developer Platform as a Service](https://cdn.slidesharecdn.com/ss_thumbnails/choreo-deck-250328074645-511dded7-thumbnail.jpg?width=640&height=640&fit=bounds)
API Management Platform Technical Evaluation Framework
- 1. Last Updated: June.2015 API Management Technical Evaluation Framework Vice President, Platform Evangelism, WSO2 Chris Haddad
- 2. REST Easy withAPI 101 An API is a business capability delivered over the Internet to internal or external consumers • Network accessible function • Available using standard web protocols • With well-defined interfaces • Designed for access by third-parties
- 3. Beyond the Technology-API Strategy Steps • Understand your business model and IT-business goals • Expose a business capability as an API product • Socialize availability • Encourage ecosystem adoption and API composition
- 4. API Adoption Barriers Inabilityto configure service per consumer Limited Scale Difficult to manage requirements and coordinate schedules Difficult On-Ramp nvisible business capabilities Poor documentation Lengthy access process Delivery concerns trust in stability, reliability, availability, performance Security Risks
- 5. Why use anAPI Management Platform o Easily build and deploy a managed API o Rapidly re-factor legacy services as consumable RESTful APIs o Increase API adoption o Solve difficult Quality of Service, lifecycle, and governance challenges o Demonstrate API business value
- 6. Evolve beyond NakedAPIs A Managed API is: Actively advertised and subscribe-able Exhibits high Quality of Service (QoS) Available with Service Level Agreements (SLAs) Secured, authenticated, authorized and protected Monitored and monetized with analytics
- 7. What API ManagementPlatform Offers o Increase API adoption o Enhance API visibility by offering developer portal o Offer self-service access o Engage the community o Easily build and deploy a managed API o Apply RESTful API design notations o Assign service level tiers and access controls o One button publication into production
- 8. What API ManagementPlatform Offers o Rapidly re-factor legacy services as consumable RESTful APIs o Mediation primitives o Align developer experience with RESTful design o Solve difficult Quality of Service, lifecycle, and governance challenges o Service level tiers, monitoring o Approval workflow o API versioning and lifecycle states o Demonstrate API business value o Subscription, usage, performance, monetization
- 9. API Platform Evaluation Vectors oSolutionsArchitecture oDesign and Implement oSecure oPublish and Engage oMonitor and Manage oAnalyze API Interactions
- 10. Solutions Architecture Category Score IntuitiveDevelopment Experience DevOps Friendly Delivers High Quality of Service and Performance Easily Deployed in Your Run-time Environment Pluggable, Extensible, and Themable Platform APIs Platform multi-tenancy support Efficient Pricing and Excellent Support
- 11.
- 12. Enterprise SOA andAPI Integration Platform: API-centric View
- 13.
- 14. API Design andImplementation Category Adoption Score API Design Foundation API Documentation Foundation API Façade Development Foundation API Mediation and Orchestration Optimizing Service Level Definition Optimizing API Test Optimizing
- 15. o ??? Safely andsecurely deliver mission critical APIs
- 16. Secure Category Score Access Control,Authentication, and Key Management Governance and Compliance Attack Prevention Confidentiality, integrity, and privacy Identity and Credential Management Infrastructure Integration and Deployment Topology Trust and Policy User Management
- 17. 1 7 Passing Auth Informationto back-end services o Using JSON Web Tokens (JWT) o Lightweight o Can be signed o Easy to parse and consume o Standard
- 18. Foster API TeamCollaboration Image: © Rawpixel - Fotolia.com
- 19. Publish and Engage CategoryScore API Consumption API Economy API Publication Community Management
- 20. Boost the APIEconomy o Fully customizable look and feel o Multiple Storefronts for diverse communities o Multiple publisher groups o Flexible Service Level Tiers o Flexible monetization engine
- 21. Monitor and Manage CategoryScore Configuration Management Release Management Patch Management Policy Management Service Level Management High Availability and Reliability Performance Disaster Recovery Monitoring and Alerts Compliance Reporting and Governance
- 22. Operate at theSpeed of Business Govern the API
- 23. Govern the API CategoryScore Dashboard Lifecycle Management Meta-data Management Portfolio Management Service Level Management Usage Management Version Management
- 24. API Product Governance oManage Dependencies o Track adoption o Usage and Subscription Tracking o Manage Compatibility o Backwards or Forwards o Versioning o Communicate Migration Strategies o Deprecation, Retirement
- 25. End to EndGovernance o An API can pass through multiple states o CREATED o PUBLISHED o DEPRECATED o RETIRED o BLOCKED o Service Alignment
- 26. Compass and Gearing Youcan’t manage what you can’t measure.
- 27. Analyze API Interactions CategoryScore API Economy Architecture Compliance Developer Experience Monitoring and Management Portfolio Management Security Usage
- 28. 2 8 Why Analytics andAPI Management are important together? o Build confidence in the API model o Understand your customer o Not just the developer but also the end-user o Help manage services and versions o Understand when deprecated services can be retired o Plan better o Monitor the growth of aggregated API traffic o Monitor the growth of specific apps o Even if you’re not going to put analytics in place, make sure you capture all events right from beginning of project.
- 29.
- 30.
- 31.
- 32.
Editor's Notes
- #2 Overcome DevOps Adoption Barriers to Accelerate Software Delivery Many organizations want to create systems delivered in a DevOps framework with diverse services implemented via API building blocks. Chris Haddad says that people, processes, and tools often hinder a team's ability to comply with security policies, streamline collaboration, and rapidly deliver business value. Chris recommends moving design, development, and continuous delivery into a cloud Platform as a Service (PaaS) environment. PaaS helps organizations and teams more readily adopt DevOps practices, integrate governance compliance frameworks, and follow agile methodologies with distributed teams. Find out how to change your software culture by employing an environment and tooling that promote collaboration, rapid iterations, and painless compliance. Chris describes the tools you need and a step-by-step approach for developing robust and secure software within a DevOps framework. Discover how merging DevOps activities, polyglot PaaS capabilities, and governance practices overcome organizational barriers, create better software, and accelerate software delivery. Recommended Reading DevOps Meets ALM in the Cloud WSO2 App Factory Product Page
- #4 Wrap up….
- #5 Difficult developer on-ramp Invisible business capabilities, poor documentation Process to request access key s takes days Delivery Concerns Potential consumers do not trust service stability, reliability, availability, or performance Providers have scalability concerns and lack an ability to manage consumption Security risks prevent publishing and offering open access Poor Re-use Difficult to manage requirements from multiple consumers and coordinate release schedule Few consumers adopting service Inability to configure service per consumer Business return requires service metering usage rates, and billing
- #10 Iterative Incremental Continuous Automated Self-service Collaborative Holistic
- #12 Open APIs are empowering developers by delivering business building blocks. Teams can rapidly compose solutions to meet shifting business demand by re-using Open Data and Open APIs. Teams are embracing long tail development communities that enable innovative business ecosystem strategies to emerge, with Open Data and Open API foundations. In a New IT operations model, instead of being a single-purpose delivery team, IT serves as a broker and validator of solution building blocks. Manage APIs for external value chain and customer use in mobile Apps. Establish tiers of service, track usage of APIs, social data collection, social data analytics, versioning. Also use internally to track internal re-use, ease of re-use, control access
- #13 Which platform components are in your architecture?
- #14 PaaS helps organizations and teams more readily adopt: - DevOps practices - integrate governance compliance frameworks follow agile methodologies with distributed teams Accelerate software delivery and increase developer productivity Reduce the time to provision development projects, workspaces, and environments Deliver ready to use shared infrastructure and platform services Automate and streamline development processes Foster team collaboration - social collaboration tools Develop in the cloud Securely and safely deliver mission critical projects Containerize applications and services Guide teams towards governance best practices Automate policy enforcement and compliance
- #16 Securely and safely deliver mission critical projects Containerize applications and services Guide teams towards governance best practices Automate policy enforcement and compliance
- #19 Foster Team Collaboration Offer Social Tools for DevOps Develop in the Cloud --- What is the DevOps Mindset? - Change Your Software Culture - promote collaboration - rapid iterations - painless compliance Image © Rawpixel - Fotolia.com
- #21 Open APIs are empowering developers by delivering business building blocks. Teams can rapidly compose solutions to meet shifting business demand by re-using Open Data and Open APIs. Teams are embracing long tail development communities that enable innovative business ecosystem strategies to emerge, with Open Data and Open API foundations. In a New IT operations model, instead of being a single-purpose delivery team, IT serves as a broker and validator of solution building blocks. Manage APIs for external value chain and customer use in mobile Apps. Establish tiers of service, track usage of APIs, social data collection, social data analytics, versioning. Also use internally to track internal re-use, ease of re-use, control access
- #30 Integrate with Business Activity Monitor to provide analytics, monitoring and business intelligence including custom KPIs Service performance metrics Usage, billing, and monetization metrics Track Cloud service expense against business value
- #32 Gate to Future