SlideShare a Scribd company logo

Lessons from the Trenches: Building an API-Centric Architecture

WSO2
WSO2

To view recording of this webinar please use the below URL: http://wso2.com/library/webinars/2015/05/lessons-from-the-trenches-building-an-api-centric-architecture/ APIs are the tip of the iceberg of enterprise integration. In this webinar, we will look at some of our customers’ enterprise deployments and share best practices/recommendations to take into account when you build an API-centric architecture, especially for security, monitoring, and performance.

Technology
1 of 32
Download to read offline
Last Updated: May 2015 VP  Products,  WSO2 Isabelle  Mauny Lessons  from  the  trenches API  Management Friday, May 22, 15
2 ๏ French  na)ve ๏ Living  in  Madrid ๏ Working  mostly  in  Sri  Lanka  and   Europe ๏ 17  years  @  IBM,  5  years  in  startups ๏ Managing  the  overall  WSO2  porEolio ๏ Worked  in  services  ,  presales,   product  marke)ng  ,  product   management ๏ Java,  SOA,  APIs,  Integra)on About  the  speaker... Friday, May 22, 15
3 280 customers 66 partners >60% average  yearly  growth 1 480 employees 10 locaBons 10 years  old PLATFORM 100% OPEN  SOURCE APACHE  2 COMPANYRESULTSPLATFORM Friday, May 22, 15
4 APIs Friday, May 22, 15
Architecture  Roadmap 5 Decompose  your  exis7ng   business  processes,  data   and  capabili7es  into  services Make  all  services   accessible  via  APIs,   externally  and   internally Put  services  and   APIs  under  control  ! Build  an   ecosystem  around   your  APIs Collect  data  on  your   new  products  and  APIs 1 2 3 4 5 Friday, May 22, 15
6 Crea.ng  and  Managing   Services Friday, May 22, 15
7 ๏ Service  deals  with  implementa)on ๏ API  deals  with  subscrip)on  (consumer) ๏ Two  very  dis)nct  life  cycles  ! ๏ You  don’t  need  the  service  to  create  the  API... Services  and  APIs Friday, May 22, 15
8 API  Lifecycle ๏ An  API  can  pass  through  mul)ple  states ๏ For  example: ๏ CREATED ๏ PUBLISHED ๏ DEPRECATED ๏ RETIRED ๏ BLOCKED ๏ Should  integrate  with  complete  governance  lifecycle Friday, May 22, 15
9 Building  a  Managed  API ๏ Crea)ng  APIs  (interface,  docs,  samples,etc.) ๏ Adver)sing  APIs ๏ Making  APIs  subscribe-­‐able  by  consumers ๏ Associa)ng  SLAs ๏ Securing  APIs ๏ Mone)za)on  and  Analy)cs Friday, May 22, 15
10 API  Security Friday, May 22, 15
11 API  Security   ๏ Security  is  not  an  a]er  thought  !   ๏ APIs  are  part  of  a  much  larger  enterprise  picture ๏ How  will  consumers  request  an  access  token  ?   ๏ Using  a  SAML  2.0  asser)on  ?   ๏ Using  an  implicit  grant  ?   ๏ Using  userid/password  ?   ๏ Make  sure  you  document  thoroughly  how  developers   need  to  manage  tokens: ๏ Tokens  are  like  passwords! ๏ Always  use  SSL  for  token  transporta)on  ! ๏ Use  Domain  restric)ons  (WSO2  API  Manager) Friday, May 22, 15
12 Fine-­‐grained  access  to  APIs ๏ Leverage  OAuth  scopes  to  manage  fine-­‐grained  access  control  to   APIs. ๏ All  users  can  call  GET  /catalog/{id} ๏ Only  specific  users  can  call  PUT  /catalog ๏ Addi)onally,  can  leverage  XACML  (en)tlements)  to  manage  more   authoriza)on  which  must  take  in  account  mul)ple  agributes ๏ Verb  is  GET  and  Resource  is  Catalog  and  role  is  partner  and   partnershipLevel  is  Gold. Friday, May 22, 15
13 Passing  Auth  InformaBon  to  back-­‐end  services ๏ Using  JSON  Web  Tokens  (JWT)   ๏ Lightweight ๏ Can  be  signed ๏ Easy  to  parse  and  consume ๏ Standard Friday, May 22, 15
14 Token  Format ๏ JWT  Structure   {token  info}.{claims  list}.{signature}   ๏ Base-­‐64  Encoded   Friday, May 22, 15
15 What  are  Claims  ?   ๏ Claims  are  a  set  of   agributes  about  a   user,  mapped  to  the   underlying  user   store. ๏ A  set  of  claims  is   called  a  dialect Friday, May 22, 15
16 Deployment Friday, May 22, 15
17 Gateway  vs.  ESB ๏ Oh,  but  I  already  have  an  ESB  !  Why  do  I  need  a   gateway  ? ๏ Think  ESB  as  an  architecture  pagern,  not  a  product! ๏ “NoESB:  Don't  Ride  the  Bus  If  You  Don't  Know  Where  It  Goes”  by  Gartner  in   “Choosing  an  API  and  SOA  Governance  Architecture” ๏ Use  a  gateway  for  lightweight  interac)ons  and  basic   integra)on  capabili)es ๏ Use  an  ESB  for  complex  integra)on  requirements   (needing  adapters,  messaging,  etc.) Friday, May 22, 15
18 Facade/Gateway  Paern ๏ Pros ๏ No  addi)onal  hop  in  the  network ๏ Single  Server  to  be  managed ๏ More  suited  for  internal  deployments ๏ Cons ๏ Complexity  of  integra)on  at  edge  of  network ๏ API  Management  layer  can’t  really  scale  independently   ๏ Not  appropriate  for  DMZ  deployments  (direct  access  to  backend  services) Friday, May 22, 15
19 Separated  Facade  &  MediaBon ๏ API  Gateway  Layer  acts  as  simple  reverse  proxy,  enforcing  basic  policies ๏ Clear  separa)on  of  concern  between  layers ๏ Media)on  layer  and  API  management  layer  scale  independently ๏ Specific  security  checks/protec)on  at  edge  of  the  network ๏ Provides  protocol  transforma)on  to  the  edge  of  the  network Friday, May 22, 15
20 Specific  WSO2  SoluBon ๏ Our  API  gateway  is  actually  a  full-­‐blown  ESB  under  the   hood,  constrained  at  UI  level.   ๏ You  can  install  the  missing  ESB  features  on  top  of  API   manager  and  combine  both  architecture  layers  into  a   single  run)me! ๏ Makes  the  choice  a  deployment  one. Friday, May 22, 15
21 Typical  Deployment Friday, May 22, 15
22 Users  Store ๏ Separate  admins  /  corporate  users  from  the  developers   users’s  store  (created  via  self-­‐sign  up) Friday, May 22, 15
23 You  can’t  manage   what  you  can’t  measure. Friday, May 22, 15
24 Why  AnalyBcs  and  API  Management  are  important  together? ๏ Build  confidence  in  the  API  model ๏ Understand  your  customer   ๏ Not  just  the  developer  but  also  the  end-­‐user ๏ Help  manage  services  and  versions ๏ Understand  when  deprecated  services  can  be  re)red ๏ Plan  beger ๏ Monitor  the  growth  of  aggregated  API  traffic ๏ Monitor  the  growth  of  specific  apps ๏ Even  if  you’re  not  going  to  put  analy)cs  in  place,  make  sure   you  capture  all  events  right  from  beginning  of  project. Friday, May 22, 15
25 AnalyBcs  101:  AggregaBon • How  to  collect  data   efficiently • How  to  store  data   effec)vely • Choose  which  data  to   capture Friday, May 22, 15
26 AnalyBcs  101  :  Analysis • Data  opera)ons • Defining  KPIs  and  analy)cs • Opera)ng  on  large  amounts   of  historical  or  current  data • Crea)ng  intelligence   Friday, May 22, 15
27 AnalyBcs  101  :  PresentaBon • Visualiza)on • Dashboards • Reports Friday, May 22, 15
28 Monitor  And  Analyze ๏ Take  decisions  in  real  )me  through  Complex  Event  Processing ๏ Create  dashboards  for  both  technical  and  business  monitoring Friday, May 22, 15
29 DetecBng  Usage  Paerns ๏ My  API  customer  is  trying  to  steal  my  business  :  let’s   block  them. ๏ A  customer  is  at  80%  of  API  plan  :  let’s  warn  them   ๏ A  customer  is  systema)cally  at  120%  of  the  plan  :   propose  an  upgrade  to  the  premium  plan Friday, May 22, 15
30 References ๏ Building  an  ecosystem  for  API  Security  (White  Paper) ๏ hgp://wso2.com/whitepapers/wso2-­‐whitepaper-­‐building-­‐an-­‐ecosystem-­‐for-­‐api-­‐ security/ ๏ API  Facade  Pagern  (Webinar) ๏ hgp://wso2.com/library/webinars/2014/01/implemen)ng-­‐api-­‐facade-­‐using-­‐ wso2-­‐api-­‐management-­‐plaEorm/ ๏ API  Management:  missing  link  for  SOA   ๏ hgp://sanjiva.weerawarana.org/2012/08/api-­‐management-­‐missing-­‐link-­‐for-­‐ soa.html ๏ Promo)ng  Service  Reuse   ๏ hgp://wso2.com/whitepapers/promo)ng-­‐service-­‐reuse-­‐within-­‐your-­‐enterprise-­‐ and-­‐maximizing-­‐soa-­‐success/ Friday, May 22, 15
31 Download  API  Manager  today! ๏ hgp://wso2.com/products/api-­‐manager/ Friday, May 22, 15
Contact  us  ! Friday, May 22, 15

Recommended

WSO2 API Manager : Going beyond the just API Management
WSO2 API Manager : Going beyond the just API ManagementWSO2 API Manager : Going beyond the just API Management
WSO2 API Manager : Going beyond the just API Management
Edgar Silva
 
API designing with WSO2 API Manager
API designing with WSO2 API ManagerAPI designing with WSO2 API Manager
API designing with WSO2 API Manager
WSO2
 
An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager WSO2
 
Managing your Business APIs is using WSO2 API Manager
Managing your Business APIs is using WSO2 API Manager Managing your Business APIs is using WSO2 API Manager
Managing your Business APIs is using WSO2 API Manager WSO2
 
WSO2 - Forrester Guest Webinar: API Management is not Enough: You Need an API...
WSO2 - Forrester Guest Webinar: API Management is not Enough: You Need an API...WSO2 - Forrester Guest Webinar: API Management is not Enough: You Need an API...
WSO2 - Forrester Guest Webinar: API Management is not Enough: You Need an API...
WSO2
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerWSO2
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager
WSO2
 
Customizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API ManagerCustomizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API Manager
WSO2
 

Recommended

WSO2 API Manager : Going beyond the just API Management
WSO2 API Manager : Going beyond the just API ManagementWSO2 API Manager : Going beyond the just API Management
WSO2 API Manager : Going beyond the just API Management
Edgar Silva
 
API designing with WSO2 API Manager
API designing with WSO2 API ManagerAPI designing with WSO2 API Manager
API designing with WSO2 API Manager
WSO2
 
An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager An Introduction to the WSO2 API Manager
An Introduction to the WSO2 API Manager WSO2
 
Managing your Business APIs is using WSO2 API Manager
Managing your Business APIs is using WSO2 API Manager Managing your Business APIs is using WSO2 API Manager
Managing your Business APIs is using WSO2 API Manager WSO2
 
WSO2 - Forrester Guest Webinar: API Management is not Enough: You Need an API...
WSO2 - Forrester Guest Webinar: API Management is not Enough: You Need an API...WSO2 - Forrester Guest Webinar: API Management is not Enough: You Need an API...
WSO2 - Forrester Guest Webinar: API Management is not Enough: You Need an API...
WSO2
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerWSO2
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager
WSO2
 
Customizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API ManagerCustomizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API Manager
WSO2
 
Wso2 API Manager Fundamentals
Wso2 API Manager FundamentalsWso2 API Manager Fundamentals
Wso2 API Manager Fundamentals
Rajith Siriwardana
 
Secure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseSecure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterprise
MuleSoft
 
Designing and building Mule applications
Designing and building Mule applicationsDesigning and building Mule applications
Designing and building Mule applications
MuleSoft
 
Six Steps To Build A Successful API
Six Steps To Build A Successful APISix Steps To Build A Successful API
Six Steps To Build A Successful API
Chris Haddad
 
[WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs [WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs
WSO2
 
Anypoint new features_coimbatore_mule_meetup
Anypoint new features_coimbatore_mule_meetupAnypoint new features_coimbatore_mule_meetup
Anypoint new features_coimbatore_mule_meetup
MergeStack
 
CloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsCloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment Options
MuleSoft
 
Getting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerGetting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerWSO2
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0
WSO2
 
Presentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab SummitPresentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab Summit
Open API Initiative (OAI)
 
WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview
Edgar Silva
 
Introduction to WSO2 Integration Platform
Introduction to WSO2 Integration PlatformIntroduction to WSO2 Integration Platform
Introduction to WSO2 Integration PlatformWSO2
 
Api gateway
Api gatewayApi gateway
Api gateway
enyert
 
Create and Manage APIs with API Connect, Swagger and Bluemix
Create and Manage APIs with API Connect, Swagger and BluemixCreate and Manage APIs with API Connect, Swagger and Bluemix
Create and Manage APIs with API Connect, Swagger and Bluemix
Dev_Events
 
[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...
[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...
[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...
WSO2
 
Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...
Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...
Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...
Ricardo Rodríguez
 
WSO2 Product Release Webinar - WSO2 App Factory 2.1
WSO2 Product Release Webinar - WSO2 App Factory 2.1WSO2 Product Release Webinar - WSO2 App Factory 2.1
WSO2 Product Release Webinar - WSO2 App Factory 2.1
WSO2
 
Creating an OData-Enabled API
Creating an OData-Enabled APICreating an OData-Enabled API
Creating an OData-Enabled API
Royston Lobo
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJDeploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
NGINX, Inc.
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs
WSO2
 
Empleabilidad e Identidad digital
Empleabilidad e Identidad digitalEmpleabilidad e Identidad digital
Empleabilidad e Identidad digital
Laura Rosillo Cascante
 
Exposing Business Functionalities with SOA, Integration and API Management
Exposing Business Functionalities with SOA, Integration and API ManagementExposing Business Functionalities with SOA, Integration and API Management
Exposing Business Functionalities with SOA, Integration and API Management
WSO2
 

More Related Content

What's hot

Wso2 API Manager Fundamentals
Wso2 API Manager FundamentalsWso2 API Manager Fundamentals
Wso2 API Manager Fundamentals
Rajith Siriwardana
 
Secure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseSecure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterprise
MuleSoft
 
Designing and building Mule applications
Designing and building Mule applicationsDesigning and building Mule applications
Designing and building Mule applications
MuleSoft
 
Six Steps To Build A Successful API
Six Steps To Build A Successful APISix Steps To Build A Successful API
Six Steps To Build A Successful API
Chris Haddad
 
[WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs [WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs
WSO2
 
Anypoint new features_coimbatore_mule_meetup
Anypoint new features_coimbatore_mule_meetupAnypoint new features_coimbatore_mule_meetup
Anypoint new features_coimbatore_mule_meetup
MergeStack
 
CloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsCloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment Options
MuleSoft
 
Getting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerGetting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerWSO2
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0
WSO2
 
Presentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab SummitPresentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab Summit
Open API Initiative (OAI)
 
WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview
Edgar Silva
 
Introduction to WSO2 Integration Platform
Introduction to WSO2 Integration PlatformIntroduction to WSO2 Integration Platform
Introduction to WSO2 Integration PlatformWSO2
 
Api gateway
Api gatewayApi gateway
Api gateway
enyert
 
Create and Manage APIs with API Connect, Swagger and Bluemix
Create and Manage APIs with API Connect, Swagger and BluemixCreate and Manage APIs with API Connect, Swagger and Bluemix
Create and Manage APIs with API Connect, Swagger and Bluemix
Dev_Events
 
[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...
[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...
[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...
WSO2
 
Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...
Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...
Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...
Ricardo Rodríguez
 
WSO2 Product Release Webinar - WSO2 App Factory 2.1
WSO2 Product Release Webinar - WSO2 App Factory 2.1WSO2 Product Release Webinar - WSO2 App Factory 2.1
WSO2 Product Release Webinar - WSO2 App Factory 2.1
WSO2
 
Creating an OData-Enabled API
Creating an OData-Enabled APICreating an OData-Enabled API
Creating an OData-Enabled API
Royston Lobo
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJDeploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
NGINX, Inc.
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs
WSO2
 

What's hot (20)

Wso2 API Manager Fundamentals
Wso2 API Manager FundamentalsWso2 API Manager Fundamentals
Wso2 API Manager Fundamentals
 
Secure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseSecure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterprise
 
Designing and building Mule applications
Designing and building Mule applicationsDesigning and building Mule applications
Designing and building Mule applications
 
Six Steps To Build A Successful API
Six Steps To Build A Successful APISix Steps To Build A Successful API
Six Steps To Build A Successful API
 
[WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs [WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs
 
Anypoint new features_coimbatore_mule_meetup
Anypoint new features_coimbatore_mule_meetupAnypoint new features_coimbatore_mule_meetup
Anypoint new features_coimbatore_mule_meetup
 
CloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsCloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment Options
 
Getting Started with the WSO2 API Manager
Getting Started with the WSO2 API ManagerGetting Started with the WSO2 API Manager
Getting Started with the WSO2 API Manager
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0
 
Presentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab SummitPresentation at the 2016 Linux Foundation Collab Summit
Presentation at the 2016 Linux Foundation Collab Summit
 
WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview
 
Introduction to WSO2 Integration Platform
Introduction to WSO2 Integration PlatformIntroduction to WSO2 Integration Platform
Introduction to WSO2 Integration Platform
 
Api gateway
Api gatewayApi gateway
Api gateway
 
Create and Manage APIs with API Connect, Swagger and Bluemix
Create and Manage APIs with API Connect, Swagger and BluemixCreate and Manage APIs with API Connect, Swagger and Bluemix
Create and Manage APIs with API Connect, Swagger and Bluemix
 
[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...
[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...
[WSO2 Integration Summit London 2019] An API-enabled Journey Towards Empoweri...
 
Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...
Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...
Mulesoft Meetups - Salesforce & Mulesoft Integrations, Anypoint Security Poli...
 
WSO2 Product Release Webinar - WSO2 App Factory 2.1
WSO2 Product Release Webinar - WSO2 App Factory 2.1WSO2 Product Release Webinar - WSO2 App Factory 2.1
WSO2 Product Release Webinar - WSO2 App Factory 2.1
 
Creating an OData-Enabled API
Creating an OData-Enabled APICreating an OData-Enabled API
Creating an OData-Enabled API
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJDeploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs
 

Viewers also liked

Empleabilidad e Identidad digital
Empleabilidad e Identidad digitalEmpleabilidad e Identidad digital
Empleabilidad e Identidad digital
Laura Rosillo Cascante
 
Exposing Business Functionalities with SOA, Integration and API Management
Exposing Business Functionalities with SOA, Integration and API ManagementExposing Business Functionalities with SOA, Integration and API Management
Exposing Business Functionalities with SOA, Integration and API Management
WSO2
 
API Centric Development in PHP
API Centric Development in PHPAPI Centric Development in PHP
API Centric Development in PHPJoe Stagner
 
Data Entitlement in an API-Centric Architecture
Data Entitlement in an API-Centric ArchitectureData Entitlement in an API-Centric Architecture
Data Entitlement in an API-Centric Architecture
WSO2
 
The Future of Application integration
The Future of Application integrationThe Future of Application integration
The Future of Application integration
Richard Seroter
 
Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management
WSO2
 
Architecture for the API-enterprise
Architecture for the API-enterpriseArchitecture for the API-enterprise
Architecture for the API-enterprise
Apigee | Google Cloud
 

Viewers also liked (7)

Empleabilidad e Identidad digital
Empleabilidad e Identidad digitalEmpleabilidad e Identidad digital
Empleabilidad e Identidad digital
 
Exposing Business Functionalities with SOA, Integration and API Management
Exposing Business Functionalities with SOA, Integration and API ManagementExposing Business Functionalities with SOA, Integration and API Management
Exposing Business Functionalities with SOA, Integration and API Management
 
API Centric Development in PHP
API Centric Development in PHPAPI Centric Development in PHP
API Centric Development in PHP
 
Data Entitlement in an API-Centric Architecture
Data Entitlement in an API-Centric ArchitectureData Entitlement in an API-Centric Architecture
Data Entitlement in an API-Centric Architecture
 
The Future of Application integration
The Future of Application integrationThe Future of Application integration
The Future of Application integration
 
Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management
 
Architecture for the API-enterprise
Architecture for the API-enterpriseArchitecture for the API-enterprise
Architecture for the API-enterprise
 

Similar to Lessons from the Trenches: Building an API-Centric Architecture

Sharing Best Practices and Recommendations from the Integration Battlefield
Sharing Best Practices and Recommendations from the Integration BattlefieldSharing Best Practices and Recommendations from the Integration Battlefield
Sharing Best Practices and Recommendations from the Integration Battlefield
WSO2
 
Six Steps to Build Successful APIs
Six Steps to Build Successful APIsSix Steps to Build Successful APIs
Six Steps to Build Successful APIs
WSO2
 
APIStrat Conference Workshop: WSO2 - Best Practices for API Management
APIStrat Conference Workshop: WSO2 - Best Practices for API ManagementAPIStrat Conference Workshop: WSO2 - Best Practices for API Management
APIStrat Conference Workshop: WSO2 - Best Practices for API Management
Isabelle Mauny
 
Reshape Integration - Think Beyond the ESB
Reshape Integration - Think Beyond the ESBReshape Integration - Think Beyond the ESB
Reshape Integration - Think Beyond the ESBWSO2
 
Sustainability Challenge, Postman, Rest sheet and Anypoint provider : MuleSof...
Sustainability Challenge, Postman, Rest sheet and Anypoint provider : MuleSof...Sustainability Challenge, Postman, Rest sheet and Anypoint provider : MuleSof...
Sustainability Challenge, Postman, Rest sheet and Anypoint provider : MuleSof...
Angel Alberici
 
Mule soft meetup_indonesia_june2020
Mule soft meetup_indonesia_june2020Mule soft meetup_indonesia_june2020
Mule soft meetup_indonesia_june2020
WendyTey4
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
Ieva Navickaite
 
WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2
 
MuleSoft_meetup | Integralzone
MuleSoft_meetup | IntegralzoneMuleSoft_meetup | Integralzone
MuleSoft_meetup | Integralzone
IntegralZone
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
WSO2
 
MuleSoft Meetup Singapore March 2019
MuleSoft Meetup Singapore March 2019MuleSoft Meetup Singapore March 2019
MuleSoft Meetup Singapore March 2019
Julian Douch
 
Microservices & anypoint service mesh calgary mule soft meetup
Microservices & anypoint service mesh calgary mule soft meetupMicroservices & anypoint service mesh calgary mule soft meetup
Microservices & anypoint service mesh calgary mule soft meetup
Jimmy Attia
 
Manchester MuleSoft Meetup #7
Manchester MuleSoft Meetup #7 Manchester MuleSoft Meetup #7
Manchester MuleSoft Meetup #7
Akshata Sawant
 
How to monitor business processes with WSO2 BAM and WSO2 ESB
How to monitor business processes with WSO2 BAM and WSO2 ESBHow to monitor business processes with WSO2 BAM and WSO2 ESB
How to monitor business processes with WSO2 BAM and WSO2 ESBWSO2
 
Melbourne Virtual MuleSoft Meetup June 2022
Melbourne Virtual MuleSoft Meetup June 2022Melbourne Virtual MuleSoft Meetup June 2022
Melbourne Virtual MuleSoft Meetup June 2022
Daniel Soffner
 
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industryCombining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industryWSO2
 
Building APIs in a Cloud Native Era
Building APIs in a Cloud Native EraBuilding APIs in a Cloud Native Era
Building APIs in a Cloud Native Era
Nuwan Dias
 
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Diasapidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays
 
MuleSoft Meetup Adelaide 7th April 2021
MuleSoft Meetup Adelaide 7th April 2021MuleSoft Meetup Adelaide 7th April 2021
MuleSoft Meetup Adelaide 7th April 2021
Nicholas Bowman
 
Unleash MuleSoft Platform for Enterprise Healthcare Solutions
Unleash MuleSoft Platform for Enterprise Healthcare SolutionsUnleash MuleSoft Platform for Enterprise Healthcare Solutions
Unleash MuleSoft Platform for Enterprise Healthcare Solutions
Eva Mave Ng
 

Similar to Lessons from the Trenches: Building an API-Centric Architecture (20)

Sharing Best Practices and Recommendations from the Integration Battlefield
Sharing Best Practices and Recommendations from the Integration BattlefieldSharing Best Practices and Recommendations from the Integration Battlefield
Sharing Best Practices and Recommendations from the Integration Battlefield
 
Six Steps to Build Successful APIs
Six Steps to Build Successful APIsSix Steps to Build Successful APIs
Six Steps to Build Successful APIs
 
APIStrat Conference Workshop: WSO2 - Best Practices for API Management
APIStrat Conference Workshop: WSO2 - Best Practices for API ManagementAPIStrat Conference Workshop: WSO2 - Best Practices for API Management
APIStrat Conference Workshop: WSO2 - Best Practices for API Management
 
Reshape Integration - Think Beyond the ESB
Reshape Integration - Think Beyond the ESBReshape Integration - Think Beyond the ESB
Reshape Integration - Think Beyond the ESB
 
Sustainability Challenge, Postman, Rest sheet and Anypoint provider : MuleSof...
Sustainability Challenge, Postman, Rest sheet and Anypoint provider : MuleSof...Sustainability Challenge, Postman, Rest sheet and Anypoint provider : MuleSof...
Sustainability Challenge, Postman, Rest sheet and Anypoint provider : MuleSof...
 
Mule soft meetup_indonesia_june2020
Mule soft meetup_indonesia_june2020Mule soft meetup_indonesia_june2020
Mule soft meetup_indonesia_june2020
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
 
WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5
 
MuleSoft_meetup | Integralzone
MuleSoft_meetup | IntegralzoneMuleSoft_meetup | Integralzone
MuleSoft_meetup | Integralzone
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
 
MuleSoft Meetup Singapore March 2019
MuleSoft Meetup Singapore March 2019MuleSoft Meetup Singapore March 2019
MuleSoft Meetup Singapore March 2019
 
Microservices & anypoint service mesh calgary mule soft meetup
Microservices & anypoint service mesh calgary mule soft meetupMicroservices & anypoint service mesh calgary mule soft meetup
Microservices & anypoint service mesh calgary mule soft meetup
 
Manchester MuleSoft Meetup #7
Manchester MuleSoft Meetup #7 Manchester MuleSoft Meetup #7
Manchester MuleSoft Meetup #7
 
How to monitor business processes with WSO2 BAM and WSO2 ESB
How to monitor business processes with WSO2 BAM and WSO2 ESBHow to monitor business processes with WSO2 BAM and WSO2 ESB
How to monitor business processes with WSO2 BAM and WSO2 ESB
 
Melbourne Virtual MuleSoft Meetup June 2022
Melbourne Virtual MuleSoft Meetup June 2022Melbourne Virtual MuleSoft Meetup June 2022
Melbourne Virtual MuleSoft Meetup June 2022
 
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industryCombining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industry
 
Building APIs in a Cloud Native Era
Building APIs in a Cloud Native EraBuilding APIs in a Cloud Native Era
Building APIs in a Cloud Native Era
 
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Diasapidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
 
MuleSoft Meetup Adelaide 7th April 2021
MuleSoft Meetup Adelaide 7th April 2021MuleSoft Meetup Adelaide 7th April 2021
MuleSoft Meetup Adelaide 7th April 2021
 
Unleash MuleSoft Platform for Enterprise Healthcare Solutions
Unleash MuleSoft Platform for Enterprise Healthcare SolutionsUnleash MuleSoft Platform for Enterprise Healthcare Solutions
Unleash MuleSoft Platform for Enterprise Healthcare Solutions
 

More from WSO2

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
WSO2
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
WSO2
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
WSO2
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
WSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
WSO2
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2
 

More from WSO2 (20)

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 

Recently uploaded

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
Jen Stirrup
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 

Recently uploaded (20)

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 

Lessons from the Trenches: Building an API-Centric Architecture

  • 1. Last Updated: May 2015 VP  Products,  WSO2 Isabelle  Mauny Lessons  from  the  trenches API  Management Friday, May 22, 15
  • 2. 2 ๏ French  na)ve ๏ Living  in  Madrid ๏ Working  mostly  in  Sri  Lanka  and   Europe ๏ 17  years  @  IBM,  5  years  in  startups ๏ Managing  the  overall  WSO2  porEolio ๏ Worked  in  services  ,  presales,   product  marke)ng  ,  product   management ๏ Java,  SOA,  APIs,  Integra)on About  the  speaker... Friday, May 22, 15
  • 3. 3 280 customers 66 partners >60% average  yearly  growth 1 480 employees 10 locaBons 10 years  old PLATFORM 100% OPEN  SOURCE APACHE  2 COMPANYRESULTSPLATFORM Friday, May 22, 15
  • 5. Architecture  Roadmap 5 Decompose  your  exis7ng   business  processes,  data   and  capabili7es  into  services Make  all  services   accessible  via  APIs,   externally  and   internally Put  services  and   APIs  under  control  ! Build  an   ecosystem  around   your  APIs Collect  data  on  your   new  products  and  APIs 1 2 3 4 5 Friday, May 22, 15
  • 6. 6 Crea.ng  and  Managing   Services Friday, May 22, 15
  • 7. 7 ๏ Service  deals  with  implementa)on ๏ API  deals  with  subscrip)on  (consumer) ๏ Two  very  dis)nct  life  cycles  ! ๏ You  don’t  need  the  service  to  create  the  API... Services  and  APIs Friday, May 22, 15
  • 8. 8 API  Lifecycle ๏ An  API  can  pass  through  mul)ple  states ๏ For  example: ๏ CREATED ๏ PUBLISHED ๏ DEPRECATED ๏ RETIRED ๏ BLOCKED ๏ Should  integrate  with  complete  governance  lifecycle Friday, May 22, 15
  • 9. 9 Building  a  Managed  API ๏ Crea)ng  APIs  (interface,  docs,  samples,etc.) ๏ Adver)sing  APIs ๏ Making  APIs  subscribe-­‐able  by  consumers ๏ Associa)ng  SLAs ๏ Securing  APIs ๏ Mone)za)on  and  Analy)cs Friday, May 22, 15
  • 11. 11 API  Security   ๏ Security  is  not  an  a]er  thought  !   ๏ APIs  are  part  of  a  much  larger  enterprise  picture ๏ How  will  consumers  request  an  access  token  ?   ๏ Using  a  SAML  2.0  asser)on  ?   ๏ Using  an  implicit  grant  ?   ๏ Using  userid/password  ?   ๏ Make  sure  you  document  thoroughly  how  developers   need  to  manage  tokens: ๏ Tokens  are  like  passwords! ๏ Always  use  SSL  for  token  transporta)on  ! ๏ Use  Domain  restric)ons  (WSO2  API  Manager) Friday, May 22, 15
  • 12. 12 Fine-­‐grained  access  to  APIs ๏ Leverage  OAuth  scopes  to  manage  fine-­‐grained  access  control  to   APIs. ๏ All  users  can  call  GET  /catalog/{id} ๏ Only  specific  users  can  call  PUT  /catalog ๏ Addi)onally,  can  leverage  XACML  (en)tlements)  to  manage  more   authoriza)on  which  must  take  in  account  mul)ple  agributes ๏ Verb  is  GET  and  Resource  is  Catalog  and  role  is  partner  and   partnershipLevel  is  Gold. Friday, May 22, 15
  • 13. 13 Passing  Auth  InformaBon  to  back-­‐end  services ๏ Using  JSON  Web  Tokens  (JWT)   ๏ Lightweight ๏ Can  be  signed ๏ Easy  to  parse  and  consume ๏ Standard Friday, May 22, 15
  • 14. 14 Token  Format ๏ JWT  Structure   {token  info}.{claims  list}.{signature}   ๏ Base-­‐64  Encoded   Friday, May 22, 15
  • 15. 15 What  are  Claims  ?   ๏ Claims  are  a  set  of   agributes  about  a   user,  mapped  to  the   underlying  user   store. ๏ A  set  of  claims  is   called  a  dialect Friday, May 22, 15
  • 17. 17 Gateway  vs.  ESB ๏ Oh,  but  I  already  have  an  ESB  !  Why  do  I  need  a   gateway  ? ๏ Think  ESB  as  an  architecture  pagern,  not  a  product! ๏ “NoESB:  Don't  Ride  the  Bus  If  You  Don't  Know  Where  It  Goes”  by  Gartner  in   “Choosing  an  API  and  SOA  Governance  Architecture” ๏ Use  a  gateway  for  lightweight  interac)ons  and  basic   integra)on  capabili)es ๏ Use  an  ESB  for  complex  integra)on  requirements   (needing  adapters,  messaging,  etc.) Friday, May 22, 15
  • 18. 18 Facade/Gateway  Paern ๏ Pros ๏ No  addi)onal  hop  in  the  network ๏ Single  Server  to  be  managed ๏ More  suited  for  internal  deployments ๏ Cons ๏ Complexity  of  integra)on  at  edge  of  network ๏ API  Management  layer  can’t  really  scale  independently   ๏ Not  appropriate  for  DMZ  deployments  (direct  access  to  backend  services) Friday, May 22, 15
  • 19. 19 Separated  Facade  &  MediaBon ๏ API  Gateway  Layer  acts  as  simple  reverse  proxy,  enforcing  basic  policies ๏ Clear  separa)on  of  concern  between  layers ๏ Media)on  layer  and  API  management  layer  scale  independently ๏ Specific  security  checks/protec)on  at  edge  of  the  network ๏ Provides  protocol  transforma)on  to  the  edge  of  the  network Friday, May 22, 15
  • 20. 20 Specific  WSO2  SoluBon ๏ Our  API  gateway  is  actually  a  full-­‐blown  ESB  under  the   hood,  constrained  at  UI  level.   ๏ You  can  install  the  missing  ESB  features  on  top  of  API   manager  and  combine  both  architecture  layers  into  a   single  run)me! ๏ Makes  the  choice  a  deployment  one. Friday, May 22, 15
  • 22. 22 Users  Store ๏ Separate  admins  /  corporate  users  from  the  developers   users’s  store  (created  via  self-­‐sign  up) Friday, May 22, 15
  • 23. 23 You  can’t  manage   what  you  can’t  measure. Friday, May 22, 15
  • 24. 24 Why  AnalyBcs  and  API  Management  are  important  together? ๏ Build  confidence  in  the  API  model ๏ Understand  your  customer   ๏ Not  just  the  developer  but  also  the  end-­‐user ๏ Help  manage  services  and  versions ๏ Understand  when  deprecated  services  can  be  re)red ๏ Plan  beger ๏ Monitor  the  growth  of  aggregated  API  traffic ๏ Monitor  the  growth  of  specific  apps ๏ Even  if  you’re  not  going  to  put  analy)cs  in  place,  make  sure   you  capture  all  events  right  from  beginning  of  project. Friday, May 22, 15
  • 25. 25 AnalyBcs  101:  AggregaBon • How  to  collect  data   efficiently • How  to  store  data   effec)vely • Choose  which  data  to   capture Friday, May 22, 15
  • 26. 26 AnalyBcs  101  :  Analysis • Data  opera)ons • Defining  KPIs  and  analy)cs • Opera)ng  on  large  amounts   of  historical  or  current  data • Crea)ng  intelligence   Friday, May 22, 15
  • 27. 27 AnalyBcs  101  :  PresentaBon • Visualiza)on • Dashboards • Reports Friday, May 22, 15
  • 28. 28 Monitor  And  Analyze ๏ Take  decisions  in  real  )me  through  Complex  Event  Processing ๏ Create  dashboards  for  both  technical  and  business  monitoring Friday, May 22, 15
  • 29. 29 DetecBng  Usage  Paerns ๏ My  API  customer  is  trying  to  steal  my  business  :  let’s   block  them. ๏ A  customer  is  at  80%  of  API  plan  :  let’s  warn  them   ๏ A  customer  is  systema)cally  at  120%  of  the  plan  :   propose  an  upgrade  to  the  premium  plan Friday, May 22, 15
  • 30. 30 References ๏ Building  an  ecosystem  for  API  Security  (White  Paper) ๏ hgp://wso2.com/whitepapers/wso2-­‐whitepaper-­‐building-­‐an-­‐ecosystem-­‐for-­‐api-­‐ security/ ๏ API  Facade  Pagern  (Webinar) ๏ hgp://wso2.com/library/webinars/2014/01/implemen)ng-­‐api-­‐facade-­‐using-­‐ wso2-­‐api-­‐management-­‐plaEorm/ ๏ API  Management:  missing  link  for  SOA   ๏ hgp://sanjiva.weerawarana.org/2012/08/api-­‐management-­‐missing-­‐link-­‐for-­‐ soa.html ๏ Promo)ng  Service  Reuse   ๏ hgp://wso2.com/whitepapers/promo)ng-­‐service-­‐reuse-­‐within-­‐your-­‐enterprise-­‐ and-­‐maximizing-­‐soa-­‐success/ Friday, May 22, 15
  • 31. 31 Download  API  Manager  today! ๏ hgp://wso2.com/products/api-­‐manager/ Friday, May 22, 15