API Trends

API Trends & Cases Studies
Know-how Sharing Session
#ESSR
Salons eCom | Swiss IT Business | SMARC | Retail-Expo
24 & 25 Avril 2018 - Palexpo Genève

|
Your speakers
Wout Geldhof
Digital Account Executive
wgeldhof@axway.com
Emmanuel Dupouy
Sales Director
edupouy@smartwavesa.com
April 2018API Trends & Cases Studies 2

|
API

|
Application Program Interface

|
Accelerated Product Innovation

| 8
API Economy – API-Consumer view
Composition for a single Service / Experience
CRM
M2M Backend
Internal
Location
Customers
Opportunities
Contracts
StatusMaintenance
Partner
Google Maps
Twillo
POI
…
Call
…

|
The digital challenge
API Trends & Cases Studies
To be innovative
here
Innovate here!!
April 2018 9

|
From browser to ubiquity
Smartphone
Tablet
Web Application
Internet TV
Social Media
Strategic
Partner
Integration
Connected
car
Innovation
Connected
house
API
API
API
API

|
Main project drivers
April 2018API Trends & Cases Studies
Cloud Integration
B2B Integration Modernization internal services
Omni channel Integration
11

|
• A software intermediary that allows two
applications to talk to each other
• Treated more like products than code:
designed for consumption for specific
audiences, documented, versioned
• Adhere to standards (typically HTTP and REST),
that are developer-friendly, easily accessible
and understood broadly
• Stronger discipline for security and
governance, as well as monitored and
managed for performance and scale
What is an API / waiter?

|
Systems of Record
Systems of
Engagement
CRM
ERP
Data
Warehouse
Channels, Apps,
and Devices
What’s needed?
Multispeed IT for efficiency, innovation, and agility
Full Lifecyle API
Management

|
Case studies
From theory to practice

|
API exposition
Outside in / Inside out

|
Gateway
• Link external apps to internal apps, with security, using SOA and APIs
Solution
Challenges
Identity Management
Authentication
Authorization
Audit
API Gateway
Services
Applications
Data
Backend Services
Messaging
Partners
17

|
Service Broker
• An “outbound Gateway”
• Connects to services, partners, and the Cloud
Solution
Challenges
Applies
Security
Services
Applications
Data
Backend Services
Messaging
API Gateway
Cloud and on
premise
Partners
Com Agency
18

|
• Convention center managing
100+ shows per year
• Information system composed
of on premises and cloud
applications
• Limited IT budget and team (7)
• Share volatile information with
partners: price list, exhibitor
list
Context
• Automate information sharing:
remove manual actions
• Complex information access:
located in an ERP not designed
to expose data
• Many integration cases: cash
register, web site, mobile
• Sensitive information: Need to
limit access
Challenges
Case study 1: digitalize partners’ relationship

|
On premise
Apps
Web Site
App A
Case study 1: solution architecture
API Gateway
ERP
Database
Enterprise
Service Bus
Cloud
Apps
Cash Register
DMZ INTERNAL
On premise
Apps
Internet
Data access
services
API Manager IDP
Firewall
INTERNET
ERP
Mobile

|
• Simplified and accelerated partner data exchange: 7 API to
automate information sharing
• Improved data quality: no risk of human error by full
automation
• Low investment: less than 20 days
• Easy integration: no change in the existing applications
• Foundation for the future: Easy to add new services in the
platform and support current and future integrations
• Fresh data and internal systems protected: cache and
throttling functions to secure application exposition
Results
Case study 1: API Management for everyone

|
Governance
Typical use cases

|
Solution
Challenge
API Governance
• Expose existing applications as APIs, securely.
• Onboard developers who want to use your APIs
API Gateway
Retailers
Communication employeesProducts designers
23

|
• MSC Mediterranean Shipping
Company
• Large, complex and distributed
information system
• Database architecture oriented
• Heterogeneous IT landscape
(due to acquisitions)
• Inter-office messaging via EDI
(300-700 messages/sec)
Context
• Distributed development
team: difficult to manage (120
people, 3 countries)
• Phased migration: to ensure
the continuous running of
legacy processes during
transition
• No global vision of services
• Multiple user authentication /
authorisation solutions
Challenges
Case study 2: Custom ERP overhaul

|
External Apps
Case study 2: solution architecture
API Gateway
API Manager
Subsidiary
Web
Application
DMZ HEADQUARTERInternet
Firewall
INTERNET
IDP
On premise
Apps
Back-end
Services
SUBSIDIARY
Cloud
Application
API Gateway
API Manager
API Portal

|
• Reduce application development time: Standardisation
promotes faster, more effective team communication
• Improved security: Alignment to standards and best
practices
• Simplified data access: Homogeneous APIs present data to
applications in a unified way
• API consumer comfort: API hides implementation specifics
to application developers
• Smooth application migration path: API consumers adopt
new API versions at their own pace
• Improved application quality: Audit functionality indicates
which legacy API versions are still in use
Results
Case study 2: One governance to rule them all !

|
Token Mediation
Simplify complexity

|
Token Mediation
Identities TokensRepositories Authorization
Security Infrastructure
Extensive set of connectors to Security Infrastructure
Service Request
Service/User Credential
Validated Access
Throttled Request
External App
Identity Management
Authentication
Authorization
Audit
Transformed Response Standard Response
API Gateway
• Manage heterogeneous security infrastructure
Solution
Challenges

|
• Luxury industry
• 200+ retailers to manage
• Large and complex information
system
• Share sensitive information
with retailers : stocks, prices,
product information
Context
• Identify each retailer: share
only the relevant information
based on its profile
• Existing security solution: need
to keep the existing products
based on SAML
• Give access to internal micro
services : need to support
OAUTH
Challenges
Case study 3: Secure sensible information access

|
Case study 3: Solution architecture
Active
Directory
Retailer
Application
USER BROWSER
Retailer Application
Backend
IDP
Micro Services
Reverse proxy
F5
Internet
API gateway
INTERNALDMZ
SAML
OAUTH
Token Mediation
Service provider

|
• No change in the existing solutions: reuse of existing IDP
already in place
• Information segregation: end to end authentication
guarantees that each retailer access its own information
• No information leak: best practices and standards
enforcement guarantee highest security level even if
connected application are not designed for it
• Futureproof: support for the future identity standards
• Single point of information for retailers: fresh information
because of direct access to the IS
Results
Case study 3: Agile security!

|
API Modernization / Integration
Typical use cases

|
API Modernization / Integration
Solution
Challenges
• Integrate with heterogeneous back end platforms
• Protocol and message mediation
• Service Modernization
Services
Applications
Data
Backend Services
Messaging
Services
Applications
Data
Backend Services
Messaging
HTTP
REST/SOAP
JSON/XML
FTP
JMS JMS
HTTP
REST/SOAP
JSON/XML
FTP
API Gateway
For Backend Service

|
• Luxury industry
• 20+ subsidiaries
• Large and complex information
system
• Heterogeneous systems: SAP,
Dynamic, Custom
• Share sensitive information
with subsidiaries : stocks, price
list, product information
Context
• Distributed information
system: integrate remote ERPs
• Secure information transfer:
guarantee information will not
be corrupted and not
intercepted
• Manage remote sites:
distribute integration code
Challenges
Case study 4: Integrate subsidiaries information system

|
Headquarter
Application
Headquarter
Application
Case study 4: Solution architecture
Headquarter
ERP
Headquarter
Subsidiary A
ERP
Internet
Subsidiary A
Subsidiary A
Application
Headquarter
Application
API gateway
Firewall Firewall
API gateway
Subsidiary N…
ESB

|
• No change in the existing solutions : Integration capabilities
of API gateway are enough for light integration cases in the
subsidiaries
• Worldwide solution managed in one place: DevOps
practices to automate integration code distribution
• Simple secured solution: All security matter (encryption,
transport…) located in one place, the API Gateway
• Reduced maintenance and support workload: End-to-end
traceability facilitates problem investigation and resolution
Results
Case study 4: Simple integration, secured transactions

|
Conclusion

|
Better ROI on
existing IS resources
Open enterprise to
the world in a
secure way
Reduce cost to
onboard new
partners and
customers
Innovation on the
user experience by
combining own and
3th party assets
Enabling /
improving work
between different
technical teams
Improved control /
visibility on the
information system
No lock on
deployment model
(Cloud / On
Premises)
API Management benefits

API Trends

More Related Content

What's hot

Similar to API Trends

More from SmartWave

Recently uploaded

API Trends