The document outlines the importance of crafting an API strategy with a marketplace, highlighting its mandatory role in API management and the benefits of promoting its use. It details the steps for building an API marketplace, including defining the API strategy, identifying technology, engaging users, analyzing data, and monetizing opportunities. Additionally, it discusses the case of Dialog Axiata's implementation of an enterprise API marketplace to facilitate digital transformation and promote application development.

1. Crafting an API Strategy with an
API Marketplace
Shiroshica Kulatilake

2. What we will discuss
• API management and why it is a mandatory
• API marketplaces and its benefits
• Components of building an API marketplace
• Promoting the use of API marketplaces
• Some real world scenarios
• Beyond API marketplaces

3. Revisit API Management

5. Benefits of API Management
● Expose legacy services and data in a
standard, reusable format
● Leverage API usage statistics and
patterns to gain business insight
● Provide ease of consuming business
functionality in a secure manner
● Rapid creation of old and new digital
assets
● Drive digital transformation Source: Forrester Research

6. API Marketplace

7. A Platform is a Central,
Single Level Space which
can be accessed by many to
satisfy needs.

8. Emergence of Platforms
• Platforms have become proven business models
– E.g. Amazon, Uber, Youtube, etc.
• Value creation is at a flatter structure
– Platform users create and consume
• The platform itself is a technology creation
– Focused on providing value for the stakeholders
• Stakeholders can be external as well as internal
– Employees, partners, customers, and even competitors
• New revenue models are discovered

9. A Marketplace is a
Specialized Platform which
connects Producers and
Consumers

10. An enterprise API
Marketplace is a Platform to
effectively connect API
Producers with API
Consumers and create Value
through available Tools on
that platform which are
Technology and Activities

11. Benefits of an API Marketplace
● Discovery of APIs by API consumers
● Encourage reuse of APIs
● Social features encourage
participation and feedback loop
● Evangelism to encourage app dev and
API dev
● Promote participation via incentives
● Encourage governance and standards
● Cross division usage and monetization

12. Strategy - Step 1:
Define Your API Strategy

13. Defining Your API Strategy
• API first vs usage or service first
– What is the priority?
• Accessibility
– Who is going to use the APIs and what for?
– Internal reuse, external collaboration/monetization
• Deployment
– Where will this run?
– On the cloud, on-premise or hybrid
– Scaling factors
– Self managed or hosted

14. Components of Building a
Marketplace

16. Strategy - Step 2:
Identify Your API Technology
Strategy

17. Identifying Your API Technology
Strategy
• Which components are most important?
– Developer portal, security
• What type of security is needed based on accessibility?
– Ability to federate into multiple security providers
• What type of extensibility is needed?
– Is there any complex pre-processing needed?
• Who is the best technology provider?

18. Producers - Publisher: Creating APIs
● Start with an existing endpoint/contract or design and prototype a new API
● Exposing SOAP services (convert to REST or as a passthrough)
● Exposing streaming APIs (websocket endpoints)

19. Producers - Publisher: Creating APIs
● API design - Over the wizard and with swagger

20. Producers - Publisher: Creating APIs
● Point to a production backend or prototype at the gateway

21. Producers - Publisher: Governance
● Ensure that the correct lifecycle
stages exist and proper audit
prevails
● Manage API visibility
● Versioning of APIs based on
need
● Support for custom lifecycles
● Ability to modify governance
aspects based on analytics

22. Consumers - Developer Portal
● Searchable (with context): by name, tag,
description, author, etc.
● Social features: tagging, commenting, rating
● Minimalistic forum
● Themeable: change color, logo, view
● Configure alerts for application developers
● Application based API analytics
● OAuth2 application management
● API monetization

23. Security: API Protection
● Protecting for applications and users
● Controlling access and entitlement with scope
● Multi-tier subscription model

24. Consumers: Client Tips and Testing
● Encapsulate the client application
● Associates OAuth2 keys
● Support different integration
patterns for application security
through OAuth grant types
● Pre-generated access tokens for
testing

25. Access Control: Traffic Management
● Tier based simple model
○ Application developer selects the tier at
app registration which has a policy to
specify quota
○ Tiers can be applied at the application, API
or at the API resource level
● Advance rule-based models
○ Policies containing IP conditions, message
attribute based conditions, transport
header based conditions
○ Complex real-time pattern based
conditions

26. Strategy - Step 3:
Identify Activities to Promote
Usage

27. Engage and Evangelize
• Stakeholders are the key
• Ensure API developers publish more APIs
– Enable producers to create APIs and group them as
needed
– Provide social ratings and tools for documenting usage
• Ensure application developers consume more APIs
– Organize hackathons, workshops and tutorials
– Provide code snippets for consumption
– Lunch n’ Learn sessions, webinars

28. Promote Use Through Incentives
• Financial incentives and gamifications
• Leaderboards showcasing top consumers, most
consumed APIs, highest throughput APIs,
highlighted developer and more
• Identify KPIs for incentives

29. Strategy - Step 4:
Analyze Data Collected

30. Analyze API Usage
● Analytics dashboard on API stats
○ API usage / response times
/ backend latency /
geo-location, etc.
● Stats on applications for
application owners (subscribers)
● Stats on subscriptions
● Alerts on emergencies or
doubtful situations
● Pattern detection

31. Strategy - Step 5:
Identify Monetization and
Cross Business Revenue
Opportunities

32. Monetization: Actual or Virtual
• External APIs can be sold to third party application
developers
• Partner APIs will encourage new business users
from a wider base
• Internal APIs used across business units
encourages enterprise contribution
• Analytics collected can in turn be used for new
revenue models provided as APIs

33. Strategy - Step 6:
Govern, Manage, and Evolve

34. Govern and Manage
• Make use of analytics information to detect
patterns
• Identify improvements on overall governance
patterns
• Identify security improvements
• Evolve

35. Real World Scenarios

36. Requirement
● Dialog Axiata needed to unify the multiple development
teams and internal app and service development and
reuse
● Needed a digital strategy to compete with new over the
air providers and launch new digital products
● Provide the basis of the telco wide digital
transformation
Solution
● Built an internal and external enterprise API
marketplace using WSO2 API Manager and related
technologies
● A number of evangelism events and incentives that
promote application development are organized around
the APIs: hackathons, workshops, seminars, prizes, and
leaderboards
● The API marketplace is coupled with full ecosystem
management for end to end API and app development
● https://www.ideabiz.lk/store/

37. http://www.ideamart.lk/

38. 38

39. Enterprise API Marketplace

40. Beyond API Marketplaces

41. Application Marketplaces
• A successful API marketplace implies the need for an
application marketplace
• Connect application producers and consumers over an
application store
• Provide typical marketplace capabilities such as
– Discovery
– Social rating
– Try-it trials

42. Ecosystem Management
• An application marketplace requires an
ecosystem
• Security provisioning for application users
• Single sign-on (SSO) across multiple applications
• Analytics and governance over usage
• Application proxies

43. In Summary

44. Steps in Crafting a Marketplace Driven
API Strategy
1. Define the organization’s desired API strategy
2. Identify the API technology strategy to use
3. Work on activities to promote usage
4. Analyze API usage to draw insight
5. Use monetization channels identified through the
marketplace to improve
6. Govern, manage and evolve

45. THANK YOU
wso2.com