API management plays an important role in many large enterprises as it sets up the foundation for accelerating the integration of applications, databases, and key processes to derive business value from your APIs. How do you know if your organization is getting the most value out of your API management platform? Ian Goldsmith from Rogue Wave for an in-depth discussion of the importance of an enterprise-class API architecture and key considerations to ensure you are getting the most from your API management platform. As well as a case study that demonstrates how one organization uses the Akana API Platform to create a secure, integrated system to mitigate the risks of business on a public cloud network.

1. 1© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Getting the most out of
your API management
platform

2. 2© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Ian Goldsmith
Vice president product management – Akana
ian.goldsmith@roguewave.com
Presenter

3. 3© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Overview
• API management platform capabilities
– API development
– Security
– Monitoring and analytics
• Cloud vs on-premises
• Enterprise API stories
– Internal, external, and both
• Q & A

4. 4© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
API management platform
capabilities

5. 5© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Click to watch the webinar on-demand

6. 6© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
API management platform capabilities
API Design*
Design your APIs how you want to
API Security *
Leverage the latest in security standards
API Traffic Management
Establish, Monitor, Alert, and Enforce
Multiple Service Level Agreements
API Portal
Socialize and manage your
communities through targeted
developer portals
API Analytics *
Generate deep business insights
from your API traffic through
configurable analytic reports
Lifecycle Management
Build APIs leveraging DevOps
with auditable control
Mediation & Integration
Create modern well-structured APIs
from legacy assets and multiple
backend sources
Deployment Options *
Choose fully hosted cloud,
hybrid, or on-premises

7. 7© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
API management platform capabilities
Platform
Licensing
Quota Mgmt.
Partner Mgmt.
PCI Compliance
Provisioning
Policy Mgmt.
Monitoring
OAuth
Federation
Analytics
API Portal
Search
Documentation
Groups
Social
Gateway
Security
Authentication
Protection
IAM Integration
Encryption
Mediation
Quality of Service
Paging/Caching
Orchestration
Scripting
Lifecycle
API/Services
Application
User
Compliance
Analytics
Operational
Business
API
Policy Based
Embeddable Charts
OOTB Reports
Cust. Visualizations
Import
Export

8. 8© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
API Development – Interface design
• Authoring
– Graphical or text edit
• Import/Export
• Model management
• Collaboration

9. 9© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
API Development – Proxy
implementation
• Endpoint definition
– Routing, GTM,
Distribution
• Policy enforcement
• Orchestration, mediation,
transformation

10. 10© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
API Security
1 Authentication &
authorization
2 App key validation/
Licensing
3 Message security
4 Threat protection
5 Content filtering
6 Rate limiting
Developers

11. 11© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Common security policies
 OpenID Provider/Relying Party
 OAuth 1.0a & 2.0 (all grant-types)
 Developer/Partner Key Auth & Az
 CORS Management
 HTTP Basic-Auth
 Mutual SSL based Authentication
 SAML 1.1 & 2.0 (STS included)
 WS-Trust 1.2 & 1.3
 WS-Security Transport Binding
 WS-Security Username Token
 WS-Security Message Encryption/Signature
 Integration with AD, SiteMinder, OAM, RSA,
 Cookie-based Authentication
 Denial of Service attack Prevention
 SQL Injection Prevention
 Virus Scanning
 XML Schema Validation
 Malicious Pattern Detection
 SLA/Throttling by a Developer/Partner
 Certificate (PKI) Management (CA Included)

12. 12© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Types of analytics
Business analytics
• Track product, customer
and monetization trends
• Identify new
opportunities.
Operational analytics
• Ensure operation
excellence of your
infrastructure
• Analyze errors and
response codes
API analytics
• Identity top APIs by
usage, monetization,
app type etc.
• Analyze API Licensing,
monetization and fine-
tune developer
onboarding

13. 13© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Business analytics

14. 14© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
API analytics

15. 15© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Operational analytics

16. 16© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Custom analytics

17. 17© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Cloud vs on-premises

18. 18© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Cloud, on-premises, or hybrid

19. 19© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Enterprise API stories

20. 20© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Enterprise API stories
Internal External
• IT driven
• Application modernization
• Provider centric
• Business driven
• Digital transformation
• Consumer centric
It’s a spectrum, few companies are one or the other

21. 21© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Retail modernization
Internal API
The APIs are for
consumption by
applications owned by
the business
Design
Foundation of a
click-to-mortar strategy
Extensive DevOps automation
• APIs are published directly
from Jenkins into the platform
through continuous integration
Critical success factors: Rapid evolution to meet internal client needs
Results
Rapid traffic growth
> 2000% in a year

22. 22© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Digital agriculture
Internal API
APIs published for external
developers to consume
More than 1000 external
apps consuming APIs
Design
Stable APIs
In production for more than
5 years
Critical success factors: Minimal developer support required
(good documentation)
Results
Steady traffic growth
(more than 100% pa)

23. 23© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Q & A

24. 24© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.
Click to watch the webinar on-demand

25. 25© 2017 Rogue Wave Software, Inc. All Rights Reserved.© 2018 Rogue Wave Software, Inc. All Rights Reserved.