SlideShare a Scribd company logo
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 1
Cologne, 2023-10-25
Fabian Hardt
Sven Bernhardt
WITH APIS IN THE FAST LANE TO A
PRODUCT-ORIENTED ORGANIZATION
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 2
INTRODUCTION
© OPITZ CONSULTING 2023 / Öffentlich
IT ARCHITECTURES HAVE NEED TO ENSURE EVOLVABILITY AND FLEXIBILITY
With APIs in the fast lane towards a product-oriented organization 3
© OPITZ CONSULTING 2023 / Öffentlich
„STRUKTURELLE ZUKUNFTSUNFÄHIGKEIT“
STRUCTURAL INABILITY TO STAY
4
 End of Support
 Lack of maintainability
 Declining benefits
 Dying knowledge
 Lack of agility / Implementation backlog
 Declining data quality
 Rising costs
 …
„Despite its benefits for companies, old
software is structurally unsustainable.
This is due to their characteristics and the
resulting risks for the actual business. “
(Lünendonk 2015)
With APIs in the fast lane towards a product-oriented organization
© OPITZ CONSULTING 2023 / Öffentlich Seite 5
This is what it looks like sometimes/often/always in application
landscapes...
https://www.youtube.com/watch?v=iXaw70X7wb4&t=2s
With APIs in the fast lane towards a product-oriented organization
© OPITZ CONSULTING 2023 / Öffentlich 6
PRODUCT-CENTRIC APPLICATION WORLD DIGITAL
PRODUCT
With APIs in the fast lane towards a product-oriented organization
Digital
Product
Monolith
Digital
Product
Business Domain
Shared Application Platform
Shared Services (Foundation) incl. integration platform
Hybrid, flexible infrastructure incl. Cloud Services
Standard
(On-Prem)
Business Domain
Business Domain
Digital Product
Standard
(On-Prem)
SaaS-Cloud
Standard
SaaS
Follows Gartner‘s Composable Enterprise idea
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 7
API VISION & STRATEGY
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 8
 Strategy to develop APIs efficiently
 API development approach (e.g. API-first)
 Developers as first-class citizen - motivated developers
 Ensure collaboration
 API Platform that operationalizes the strategy
 Embraces Design4Change
 Provides great Developer experience
 Furthers Developer productivity
 Supports collaborative approach
 Goals:
 Reducing complexity
 Reducing costs
 Increasing DX and productivity – faster time-to-market
TRANSITION TO API-DRIVEN WORLD
NEEDS CLEAR VISION
© OPITZ CONSULTING 2023 / Öffentlich
QUESTIONS TO ANSWER
BEFORE DEFINING AN API
STRATEGY
With APIs in the fast lane towards a product-oriented organization 9
 Does the API strategy align with the general IT
strategy?
 What are your business drivers for going in the
direction of APIs?
 How to deal with available APIs?
 What kind of visibility do my APIs need?
(Internal, Partner, Public)
 The target audience of my APIs?
 Which protection needs does the data exposed
by APIs have?
 …
Security needs
Data
Existing IT landscape
Organization
C-level attention
People
© OPITZ CONSULTING 2023 / Öffentlich
REALIZE THAT APIS ARE
SUBJECT TO A LIFECYCLE
With APIs in the fast lane towards a product-oriented organization 10
 A stable API lifecycle is an essential part of an
effective API governance strategy
 API lifecycle
 Reaches from idea to „ready to use API“
 Supports fast innovation lifecycles
 Helps to implement API-first strategy
 There are different lifecycles for producers &
consumers – but related
 Benefits
 Increased productivity
 Greater visibility
 Organizational alignment
Design
Review & build
Deploy
Promote,
deprecate, retire
Operate &
observe
Learn & evolve
API ideation &
planning
Back to design due to
consumer feedback
during development
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 11
APIS PRODUCTS
© OPITZ CONSULTING 2023 / Öffentlich
PROJECT VS PRODUCT
With APIs in the fast lane towards a product-oriented organization 12
© OPITZ CONSULTING 2023 / Öffentlich
 Known from big hyperscalers
 Easy to use and well documented peace of
software
 Huge number of customers, who can use and rent
this services
PRODUCTS, PRODUCTS, PRODUCTS …
With APIs in the fast lane towards a product-oriented organization 13
 A product needs to be relevant and needs a value proposition
 Users must have an immediate use for it
 Products need clear ownership
 Different types of digital products in modern IT environments (digital economies)
Software as a Service
 Known from “Data Mesh” – in modern Data Driven
companies
 Producer offers its data as a product, via a defined
interface
 Brings the principles of microservices to analytics
departments
Data products
 Interface that offers a piece of logic as a kind of
service (product)
 Carefully designed interface with a fixed contract
 Could be exposed via an API platform
 Samples: REST, SOAP, gRPC, GraphQL
API product
© OPITZ CONSULTING 2023 / Öffentlich
PURPOSES OF API PRODUCTS
With APIs in the fast lane towards a product-oriented organization 14
Automation
By enabling software to communicate with and
manage external services or devices, APIs can
facilitate automation.
Data Access
Developers can create apps that use or show
data by using the structured access to data or
content that many API products offer.
Extensibility
By creating unique apps or integrations, third-
party developers can more easily expand a
platform's or service's capabilities with the use
of API offerings.
Integration
API products facilitate data sharing and
communication between disparate software
systems, thereby empowering enterprises to
optimize their workflows and establish more
effective procedures.
© OPITZ CONSULTING 2023 / Öffentlich
Authentication and Authorization
Security features to restrict access to
the API, usually by using tokens or
authentication keys.
6.
COMPONENTS OF API PRODUCTS
With APIs in the fast lane towards a product-oriented organization 15
Developer Tools
API products often include software
development kits (SDKs), code
samples, and other tools to facilitate
integration and development.
5.
Documentation
To aid developers in understanding how
to use the API. This documentation
covers information on available
endpoints, request parameters,
response formats, and sample usage.
4.
Rate Limits
API products frequently have rate limits
and usage plans that outline the
maximum number of requests a
developer is allowed to make in a given
amount of time in order to control usage
and stop abuse.
3.
Support and Maintenance
To guarantee that the API product stays
secure and functional, many API
providers provide frequent updates and
customer support.
2.
API Endpoints
Developers can use API endpoints,
which are particular URLs or URIs, to
submit requests to the API.
1.
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 16
API PLATFORM
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 17
CHARACTERISTICS OF A MODERN
API PLATFORM
Modern Tooling: Use modern engineering tools and
techniques, infrastructure as code and automation
Easy Onboarding: Low ramp for new internal teams to
onboard to the platform
Minimize cognitive load: Empower developers to foucs on
delivering core business value
Continually evolve: The Platform should be flexible
enough to support new use cases (Desing4Change)
01
02
03
04
© OPITZ CONSULTING 2023 / Öffentlich
Integration / Plugins
Different API Types
BASIC CAPABILITIES OF A MODERN API PLATFORM
With APIs in the fast lane towards a product-oriented organization 18
AuthN & AuthZ
API Mgmt Tools
Analytics
Developer Portal
API Gateway
Lifecycle Mgmt
Scalibility
Developer Mgmt
Security Features
Compliance
Extensibility
Multi-Cloud and
Hybrid Deployment
Container Support
Modern API Platform
Monitoring
© OPITZ CONSULTING 2023 / Öffentlich
BUILDING BLOCKS API PLATFORM
With APIs in the fast lane towards a product-oriented organization 19
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 20
 Establish API Platform team responsible for:
 Providing API platform
 Providing automation scripts
 Enabling Dev teams
 Constantly improves the platform
 Responsibility of the teams:
 Ownership of the APIs
 Ownership of the Gateways (depending on
the size)
PLATFORM SHOULD PROVIDE
INTUITIVE SELF-SERVICE CAPABILITIES
© OPITZ CONSULTING 2023 / Öffentlich
SILOED MODEL
With APIs in the fast lane towards a product-oriented organization 21
 Central IT team creates a deployment
blueprint and IaC
 Decentralized teams use this code to setup a
platform
 Full responsibility for decentralized teams
 Maintenance, Updating / Patching
 Security, Hardening
 Decentralized teams are not bounded to
central governance processes
 Reusage and sharing between teams is
limited
 Single API catalog is missing
 Central IT team is responsible for the API
platform
 Maintenance, Updating / Patching
 Security, Hardening
 Scaling
 Deployed API gateways are shared between
teams
 Shared platform team can become a
bottleneck
 Limited ability to implement strict isolation
between different business units
CENTRALIZED MODEL
© OPITZ CONSULTING 2023 / Öffentlich
FEDERATED API MANAGEMENT
With APIs in the fast lane towards a product-oriented organization 22
 One centralized control plane
 Used by all teams within organization
 Multi tenancy
 Multiple API gateways (data planes)
 Managed by different, decentralized teams
 Helps teams to get more independent
 Configuration managed by APIOps within the
teams
 Provisioned with IaC
 Updates / Security (Hardening) managed
centrally
Source: https://konghq.com/blog/enterprise/federated-api-management
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 23
API DELIVERY
© OPITZ CONSULTING 2023 / Öffentlich
API-FIRST MINDSET TO FOCUS ON HOW AND FOR WHAT APIS ARE
USED
With APIs in the fast lane towards a product-oriented organization 24
 Everything is build around and with APIs
 Major outcomes:
 Digital experience (best service customers,
wherever they are)
 Developer Experience
 Increased Develper Productivity (Velocity of releases,
etc.)
 API-first makes Developer experience measurable
 Benefits of being an API-first company:
 Faster time-2-market
 Fewer failures
 Faster recovery times in case of failure
Source: https://www.postman.com/state-of-api/api-first-strategies/#it-pays-to-be-api-
firstmdashespecially-if-youre-scaling-up
© OPITZ CONSULTING 2023 / Öffentlich
APIS MUST BE CONSUMABLE
With APIs in the fast lane towards a product-oriented organization 25
 APIs should deliver business value
 Focus on potential consumers
 How will a consumer use my API?
 What kind of resources and operations are
needed by the consumers?
 …
 APIs should be consumer-centric and thus be
consumable
 Well-designed, secured and compliant
 Documented, discoverable and accessible
 Performant, reliable and scalable
Source: https://konghq.com/blog/what-is-apiops/
Compliant
Functional Findable
The intersection of the three
characteristics defines
consumable APIs!
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 26
CHALLENGE: BALANCE BETWEEN SPEED AND CONSISTENCE
https://opitzcloud.canto.global/b/I3FO4
© OPITZ CONSULTING 2023 / Öffentlich
DECENTRALIZED API MANAGEMENT: FOCUS ON SPEED
With APIs in the fast lane towards a product-oriented organization 27
API Platform
Dev
Team 1
Dev
Team 2
Dev
Team n
API Standard 1
API Standard 2
API Standard n
Decreasing
consistency
© OPITZ CONSULTING 2023 / Öffentlich
CENTRALIZED API MANAGEMENT: FOCUS ON CONSISTENCE
With APIs in the fast lane towards a product-oriented organization 28
API Platform
Dev
Team 1
Dev
Team 2
Dev
Team n
API
Platform
Team
Review loop
Review loop
Review loop
API
Guidelines
API
Guidelines
API
Guidelines
Decreased
speed
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 29
AUTOMATION TO BALANCE SPEED AND CONSISTENCE
https://opitzcloud.canto.global/b/OQR0O
© OPITZ CONSULTING 2023 / Öffentlich
APIOPS APPROACH: FOCUS ON SPEED AND CONSISTENCE
With APIs in the fast lane towards a product-oriented organization 30
API Platform
Dev
Team 1
Dev
Team 2
Dev
Team n
API
Platform
Team
API
Guidelines
API
Guidelines
API
Guidelines
Automated deployment
Governance layer
Defines Guidelines,
Rules &
Restrictions
Automated, direct
feedback
Automated, direct
feedback
Automated, direct
feedback
© OPITZ CONSULTING 2023 / Öffentlich
APIOPS IS BUILT UPON THE PILLARS DEVOPS AND GITOPS
With APIs in the fast lane towards a product-oriented organization 31
 Principles:
 Fast flow of work in the value stream
 Fast feedback to remediate problems quickly
 Culture of continuous learning, sharing, and
experimentation
 Principles:
 Declarative description
 Versioned and immutable
 Pulled automatically
 Continuously reconciled
© OPITZ CONSULTING 2023 / Öffentlich
APIOPS = GITOPS WITH FOCUS ON APIS
With APIs in the fast lane towards a product-oriented organization 32
 Principles:
 API-first design
 API spec as a single source of truth
Commit API
spec to Git
API design
guidelines
Validate
Build
Test
Merge
User story
GitOps
Agent
API Platform
watch
observe &
sync
push
check &
generate
© OPITZ CONSULTING 2023 / Öffentlich
Design
Review & build
Deploy
Promote,
deprecate, retire
Operate & observe
Learn & evolve
CONSISTENTLY MANAGE THE API LIFECYCLE USING GIT
With APIs in the fast lane towards a product-oriented organization 33
Outcome: Validated spec & SDKs
Outcome: Validated implementation
Outcome: API endpoints,
declarative config
Outcome: Managed API
endpoints
Outcome: Shared spec in Git
© OPITZ CONSULTING 2023 / Öffentlich
BUSINESS BENEFITS OF APIOPS
With APIs in the fast lane towards a product-oriented organization 34
 Increased speed as everything is automated in the
delivery pipeline, which allows for rapidly onboarding,
operating and scaling
 Improved consistency through automated / self-
service governance throughout the delivery pipeline
 Lower cost because automation relieves the QA
teams
 Adopting APIOps increases
 Flexibility
 Agility and
 Ability to innovate
© OPITZ CONSULTING 2023 / Öffentlich
IT BENEFITS OF APIOPS
Developers
 Increased Developers
productivity
 Fewer push backs and less
frustation
 Centralized discovery and
documentation
Operators
 Automated configurations with
Git as Single-Source-of-Truth
 Automated QA
 Consistent, automated rollback
mechanism
Architects
 Faster time-2-market
 Improved consistency
 Increased security and
resiliency
With APIs in the fast lane towards a product-oriented organization 35
 Increased confidence while releasing changes
 Solid foundation to extend delivery pipeline to further use cases
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 36
WHAT’S NEXT?
© OPITZ CONSULTING 2023 / Öffentlich
USING GENERATIVE AI TO
FURTHER DX
With APIs in the fast lane towards a product-oriented organization 37
 Increase developer productivity
 Decrease tedious and repetitive work
 Improve the quality of the code, and free up
developers to concentrate on more intricate
and creative aspects of their work.
 Remember: Generative AI can be useful, but it
should only be applied sparingly
 Results should be carefully examined and tested
 Necessary security
 Quality standards
Data Generation
Documentation
Natural Language
Processing
Bug Detection
Code Generation /
Completion
Personalized Development
Environment
© OPITZ CONSULTING 2023 / Öffentlich
USING AI TO FURTHER UX FOR
API CONSUMPTION
With APIs in the fast lane towards a product-oriented organization 38
 Today API portals are used to discover APIs
 Challenges:
 How to deal with undocumented APIs?
 How do we enable non-technical users to
discover current APIs?
 Leverage the power of AI to overcome
challenges and provide comprehensible UX
 Example: PolyAPI
 Provides Conversational UI to browse APIs
 Learns while using APIs
 Creates Client SDK and provides Code Snippets
how to invoke API
Source: https://ployapi.io
© OPITZ CONSULTING 2023 / Öffentlich
BUILT-IN SECURITY – EVOLVING FROM APIOPS TO APISECOPS
With APIs in the fast lane towards a product-oriented organization 39
 Security throughout the complete API Lifecycle
 Design-Time
 Run static AppSec testing (mind false positives)
 Run dynamic AppSec testing (Check for OWASP
API Security Top 10)
 Run API conformance tests
 Runtime
 Find unknown and unused APIs
 Detect anomalies in API usage (DDoS attacks,
etc.)
 Automating as much as possible and aim at early
feedback
 Use respective tooling (e.g. Crunch42)
 Create attack playbooks
Source: https://www.postman.com/state-of-api/executing-on-apis/#greatest-security-risks
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 40
CONCLUSION
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 41
 Introducing new technologies is usually not a
big deal
 Difficult things are:
 Change mindset
 Change cultural aspects
 Restructure teams
 Modify responsibilities
IT’S ALL ABOUT THE PEOPLE WORKING
IN AN ORGANIZATION
Change Management Support is an
important part and necessary from the
beginning to bring all people along on
the API journey!
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 42
 API vision/strategy is essential
 Think in API products
 API-first development approach
 Collaboration is a key to creating valuable API
products
 Requires a good data basis  cross-
sectional qualification
 API platform
 Not only API gateway
 Extensibility, security, APM, developer portal,
…
KEY TAKEAWAYS
SUMMARY
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 43
Q & A
© OPITZ CONSULTING 2023 / Öffentlich
With APIs in the fast lane towards a product-oriented organization 44
www.opitz-consulting.com
KONTAKT
Sven Bernhardt
Chief Architect
Sven.Bernhardt@opitz-consulting.com
+49 172 2193529
https://www.xing.com/profile/Sven_Bernhardt/
https://www.linkedin.com/in/sven-bernhardt-0570b823/
Fabian Hardt
Solution Architect
Fabian.Hardt@opitz-consulting.com
https://twitter.com/fabian_hardt
https://www.xing.com/profile/Fabian_Hardt
https://www.linkedin.com/in/fabian-hardt

More Related Content

Similar to Mit APIs auf der Überholspur zur produktorientierten Organisation

Red Hat: Three Pillars of Integration
Red Hat:  Three Pillars of IntegrationRed Hat:  Three Pillars of Integration
Red Hat: Three Pillars of Integration
Judy Breedlove
 
MuleSoft London Community - API Marketing, Culture Change and Tooling
MuleSoft London Community - API Marketing, Culture Change and ToolingMuleSoft London Community - API Marketing, Culture Change and Tooling
MuleSoft London Community - API Marketing, Culture Change and Tooling
Pace Integration
 
Enforcing Your Organization's API Design Standards with SwaggerHub
Enforcing Your Organization's API Design Standards with SwaggerHubEnforcing Your Organization's API Design Standards with SwaggerHub
Enforcing Your Organization's API Design Standards with SwaggerHub
SmartBear
 
Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...
Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...
Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...
CA Technologies
 
Why APIs need their own development method - Open and Lean method to develop ...
Why APIs need their own development method - Open and Lean method to develop ...Why APIs need their own development method - Open and Lean method to develop ...
Why APIs need their own development method - Open and Lean method to develop ...
Marjukka Niinioja
 
TEC-Roundtable-API
TEC-Roundtable-APITEC-Roundtable-API
TEC-Roundtable-API
Patrick Emmons
 
One Gateway to Rule them All: Building a Federated API Management Platform
One Gateway to Rule them All: Building a Federated API Management PlatformOne Gateway to Rule them All: Building a Federated API Management Platform
One Gateway to Rule them All: Building a Federated API Management Platform
Sven Bernhardt
 
apidays New York 2023 - Enabling unified API Catalogs in a multi-vendor/cross...
apidays New York 2023 - Enabling unified API Catalogs in a multi-vendor/cross...apidays New York 2023 - Enabling unified API Catalogs in a multi-vendor/cross...
apidays New York 2023 - Enabling unified API Catalogs in a multi-vendor/cross...
apidays
 
Lessons in Transforming the Enterprise to an API Platform
Lessons in Transforming the Enterprise to an API PlatformLessons in Transforming the Enterprise to an API Platform
Lessons in Transforming the Enterprise to an API Platform
LaunchAny
 
Cloud Customer Architecture for API Management
Cloud Customer Architecture for API ManagementCloud Customer Architecture for API Management
Cloud Customer Architecture for API Management
Cloud Standards Customer Council
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edge
team-WIBU
 
Apigee Products Overview
Apigee Products OverviewApigee Products Overview
Apigee Products Overview
Apigee | Google Cloud
 
apidays LIVE India 2022_Breaking boundaries of the Old Giant.pptx
apidays LIVE India 2022_Breaking boundaries of the Old Giant.pptxapidays LIVE India 2022_Breaking boundaries of the Old Giant.pptx
apidays LIVE India 2022_Breaking boundaries of the Old Giant.pptx
apidays
 
API First - Best Practices for consistent API management
API First - Best Practices for consistent API managementAPI First - Best Practices for consistent API management
API First - Best Practices for consistent API management
Sven Bernhardt
 
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
Profesia Srl, Lynx Group
 
The Three Pillars of Agile Integration: Connector, Container & API
The Three Pillars of Agile Integration: Connector, Container & APIThe Three Pillars of Agile Integration: Connector, Container & API
The Three Pillars of Agile Integration: Connector, Container & API
Judy Breedlove
 
API-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & IntegrationAPI-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & Integration
Apigee | Google Cloud
 
Mule version-crowd highlights
Mule version-crowd highlightsMule version-crowd highlights
Mule version-crowd highlights
D.Rajesh Kumar
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?
Apigee | Google Cloud
 
apidays New York 2022 - From API Catalogs to API Marketplaces into the Metave...
apidays New York 2022 - From API Catalogs to API Marketplaces into the Metave...apidays New York 2022 - From API Catalogs to API Marketplaces into the Metave...
apidays New York 2022 - From API Catalogs to API Marketplaces into the Metave...
apidays
 

Similar to Mit APIs auf der Überholspur zur produktorientierten Organisation (20)

Red Hat: Three Pillars of Integration
Red Hat:  Three Pillars of IntegrationRed Hat:  Three Pillars of Integration
Red Hat: Three Pillars of Integration
 
MuleSoft London Community - API Marketing, Culture Change and Tooling
MuleSoft London Community - API Marketing, Culture Change and ToolingMuleSoft London Community - API Marketing, Culture Change and Tooling
MuleSoft London Community - API Marketing, Culture Change and Tooling
 
Enforcing Your Organization's API Design Standards with SwaggerHub
Enforcing Your Organization's API Design Standards with SwaggerHubEnforcing Your Organization's API Design Standards with SwaggerHub
Enforcing Your Organization's API Design Standards with SwaggerHub
 
Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...
Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...
Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...
 
Why APIs need their own development method - Open and Lean method to develop ...
Why APIs need their own development method - Open and Lean method to develop ...Why APIs need their own development method - Open and Lean method to develop ...
Why APIs need their own development method - Open and Lean method to develop ...
 
TEC-Roundtable-API
TEC-Roundtable-APITEC-Roundtable-API
TEC-Roundtable-API
 
One Gateway to Rule them All: Building a Federated API Management Platform
One Gateway to Rule them All: Building a Federated API Management PlatformOne Gateway to Rule them All: Building a Federated API Management Platform
One Gateway to Rule them All: Building a Federated API Management Platform
 
apidays New York 2023 - Enabling unified API Catalogs in a multi-vendor/cross...
apidays New York 2023 - Enabling unified API Catalogs in a multi-vendor/cross...apidays New York 2023 - Enabling unified API Catalogs in a multi-vendor/cross...
apidays New York 2023 - Enabling unified API Catalogs in a multi-vendor/cross...
 
Lessons in Transforming the Enterprise to an API Platform
Lessons in Transforming the Enterprise to an API PlatformLessons in Transforming the Enterprise to an API Platform
Lessons in Transforming the Enterprise to an API Platform
 
Cloud Customer Architecture for API Management
Cloud Customer Architecture for API ManagementCloud Customer Architecture for API Management
Cloud Customer Architecture for API Management
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edge
 
Apigee Products Overview
Apigee Products OverviewApigee Products Overview
Apigee Products Overview
 
apidays LIVE India 2022_Breaking boundaries of the Old Giant.pptx
apidays LIVE India 2022_Breaking boundaries of the Old Giant.pptxapidays LIVE India 2022_Breaking boundaries of the Old Giant.pptx
apidays LIVE India 2022_Breaking boundaries of the Old Giant.pptx
 
API First - Best Practices for consistent API management
API First - Best Practices for consistent API managementAPI First - Best Practices for consistent API management
API First - Best Practices for consistent API management
 
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
wso2 masterclass italia #13 - Open Healthcare: interoperabilità e sicurezza ...
 
The Three Pillars of Agile Integration: Connector, Container & API
The Three Pillars of Agile Integration: Connector, Container & APIThe Three Pillars of Agile Integration: Connector, Container & API
The Three Pillars of Agile Integration: Connector, Container & API
 
API-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & IntegrationAPI-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & Integration
 
Mule version-crowd highlights
Mule version-crowd highlightsMule version-crowd highlights
Mule version-crowd highlights
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?
 
apidays New York 2022 - From API Catalogs to API Marketplaces into the Metave...
apidays New York 2022 - From API Catalogs to API Marketplaces into the Metave...apidays New York 2022 - From API Catalogs to API Marketplaces into the Metave...
apidays New York 2022 - From API Catalogs to API Marketplaces into the Metave...
 

More from Fabian Hardt

Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
Fabian Hardt
 
Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
Fabian Hardt
 
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Fabian Hardt
 
Analytics meets Integration – Modern Development mit Data APIs
Analytics meets Integration – Modern Development mit Data APIsAnalytics meets Integration – Modern Development mit Data APIs
Analytics meets Integration – Modern Development mit Data APIs
Fabian Hardt
 
Service Mesh Advanced Use Cases
Service Mesh Advanced Use CasesService Mesh Advanced Use Cases
Service Mesh Advanced Use Cases
Fabian Hardt
 
How Service Mesh Fits into the Modern Data Stack
How Service Mesh Fits into the Modern Data StackHow Service Mesh Fits into the Modern Data Stack
How Service Mesh Fits into the Modern Data Stack
Fabian Hardt
 
Modern Data Stack – Buzzword oder echter Game-Changer?
Modern Data Stack – Buzzword oder echter Game-Changer?Modern Data Stack – Buzzword oder echter Game-Changer?
Modern Data Stack – Buzzword oder echter Game-Changer?
Fabian Hardt
 
Persönliche Filmtipps mittels Recommender System und Chatbot
Persönliche Filmtipps mittels Recommender System und ChatbotPersönliche Filmtipps mittels Recommender System und Chatbot
Persönliche Filmtipps mittels Recommender System und Chatbot
Fabian Hardt
 
Automatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Automatisierte Provisionierung einer Data Lab Umgebung für Data ScientistsAutomatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Automatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Fabian Hardt
 
Augmented Analytics mit Amazon Alexa
Augmented Analytics mit Amazon AlexaAugmented Analytics mit Amazon Alexa
Augmented Analytics mit Amazon Alexa
Fabian Hardt
 

More from Fabian Hardt (10)

Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
 
Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
 
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
 
Analytics meets Integration – Modern Development mit Data APIs
Analytics meets Integration – Modern Development mit Data APIsAnalytics meets Integration – Modern Development mit Data APIs
Analytics meets Integration – Modern Development mit Data APIs
 
Service Mesh Advanced Use Cases
Service Mesh Advanced Use CasesService Mesh Advanced Use Cases
Service Mesh Advanced Use Cases
 
How Service Mesh Fits into the Modern Data Stack
How Service Mesh Fits into the Modern Data StackHow Service Mesh Fits into the Modern Data Stack
How Service Mesh Fits into the Modern Data Stack
 
Modern Data Stack – Buzzword oder echter Game-Changer?
Modern Data Stack – Buzzword oder echter Game-Changer?Modern Data Stack – Buzzword oder echter Game-Changer?
Modern Data Stack – Buzzword oder echter Game-Changer?
 
Persönliche Filmtipps mittels Recommender System und Chatbot
Persönliche Filmtipps mittels Recommender System und ChatbotPersönliche Filmtipps mittels Recommender System und Chatbot
Persönliche Filmtipps mittels Recommender System und Chatbot
 
Automatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Automatisierte Provisionierung einer Data Lab Umgebung für Data ScientistsAutomatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Automatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
 
Augmented Analytics mit Amazon Alexa
Augmented Analytics mit Amazon AlexaAugmented Analytics mit Amazon Alexa
Augmented Analytics mit Amazon Alexa
 

Recently uploaded

Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Zilliz
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
Claudio Di Ciccio
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfAI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
Techgropse Pvt.Ltd.
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 

Recently uploaded (20)

Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfAI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 

Mit APIs auf der Überholspur zur produktorientierten Organisation

  • 1. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 1 Cologne, 2023-10-25 Fabian Hardt Sven Bernhardt WITH APIS IN THE FAST LANE TO A PRODUCT-ORIENTED ORGANIZATION
  • 2. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 2 INTRODUCTION
  • 3. © OPITZ CONSULTING 2023 / Öffentlich IT ARCHITECTURES HAVE NEED TO ENSURE EVOLVABILITY AND FLEXIBILITY With APIs in the fast lane towards a product-oriented organization 3
  • 4. © OPITZ CONSULTING 2023 / Öffentlich „STRUKTURELLE ZUKUNFTSUNFÄHIGKEIT“ STRUCTURAL INABILITY TO STAY 4  End of Support  Lack of maintainability  Declining benefits  Dying knowledge  Lack of agility / Implementation backlog  Declining data quality  Rising costs  … „Despite its benefits for companies, old software is structurally unsustainable. This is due to their characteristics and the resulting risks for the actual business. “ (Lünendonk 2015) With APIs in the fast lane towards a product-oriented organization
  • 5. © OPITZ CONSULTING 2023 / Öffentlich Seite 5 This is what it looks like sometimes/often/always in application landscapes... https://www.youtube.com/watch?v=iXaw70X7wb4&t=2s With APIs in the fast lane towards a product-oriented organization
  • 6. © OPITZ CONSULTING 2023 / Öffentlich 6 PRODUCT-CENTRIC APPLICATION WORLD DIGITAL PRODUCT With APIs in the fast lane towards a product-oriented organization Digital Product Monolith Digital Product Business Domain Shared Application Platform Shared Services (Foundation) incl. integration platform Hybrid, flexible infrastructure incl. Cloud Services Standard (On-Prem) Business Domain Business Domain Digital Product Standard (On-Prem) SaaS-Cloud Standard SaaS Follows Gartner‘s Composable Enterprise idea
  • 7. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 7 API VISION & STRATEGY
  • 8. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 8  Strategy to develop APIs efficiently  API development approach (e.g. API-first)  Developers as first-class citizen - motivated developers  Ensure collaboration  API Platform that operationalizes the strategy  Embraces Design4Change  Provides great Developer experience  Furthers Developer productivity  Supports collaborative approach  Goals:  Reducing complexity  Reducing costs  Increasing DX and productivity – faster time-to-market TRANSITION TO API-DRIVEN WORLD NEEDS CLEAR VISION
  • 9. © OPITZ CONSULTING 2023 / Öffentlich QUESTIONS TO ANSWER BEFORE DEFINING AN API STRATEGY With APIs in the fast lane towards a product-oriented organization 9  Does the API strategy align with the general IT strategy?  What are your business drivers for going in the direction of APIs?  How to deal with available APIs?  What kind of visibility do my APIs need? (Internal, Partner, Public)  The target audience of my APIs?  Which protection needs does the data exposed by APIs have?  … Security needs Data Existing IT landscape Organization C-level attention People
  • 10. © OPITZ CONSULTING 2023 / Öffentlich REALIZE THAT APIS ARE SUBJECT TO A LIFECYCLE With APIs in the fast lane towards a product-oriented organization 10  A stable API lifecycle is an essential part of an effective API governance strategy  API lifecycle  Reaches from idea to „ready to use API“  Supports fast innovation lifecycles  Helps to implement API-first strategy  There are different lifecycles for producers & consumers – but related  Benefits  Increased productivity  Greater visibility  Organizational alignment Design Review & build Deploy Promote, deprecate, retire Operate & observe Learn & evolve API ideation & planning Back to design due to consumer feedback during development
  • 11. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 11 APIS PRODUCTS
  • 12. © OPITZ CONSULTING 2023 / Öffentlich PROJECT VS PRODUCT With APIs in the fast lane towards a product-oriented organization 12
  • 13. © OPITZ CONSULTING 2023 / Öffentlich  Known from big hyperscalers  Easy to use and well documented peace of software  Huge number of customers, who can use and rent this services PRODUCTS, PRODUCTS, PRODUCTS … With APIs in the fast lane towards a product-oriented organization 13  A product needs to be relevant and needs a value proposition  Users must have an immediate use for it  Products need clear ownership  Different types of digital products in modern IT environments (digital economies) Software as a Service  Known from “Data Mesh” – in modern Data Driven companies  Producer offers its data as a product, via a defined interface  Brings the principles of microservices to analytics departments Data products  Interface that offers a piece of logic as a kind of service (product)  Carefully designed interface with a fixed contract  Could be exposed via an API platform  Samples: REST, SOAP, gRPC, GraphQL API product
  • 14. © OPITZ CONSULTING 2023 / Öffentlich PURPOSES OF API PRODUCTS With APIs in the fast lane towards a product-oriented organization 14 Automation By enabling software to communicate with and manage external services or devices, APIs can facilitate automation. Data Access Developers can create apps that use or show data by using the structured access to data or content that many API products offer. Extensibility By creating unique apps or integrations, third- party developers can more easily expand a platform's or service's capabilities with the use of API offerings. Integration API products facilitate data sharing and communication between disparate software systems, thereby empowering enterprises to optimize their workflows and establish more effective procedures.
  • 15. © OPITZ CONSULTING 2023 / Öffentlich Authentication and Authorization Security features to restrict access to the API, usually by using tokens or authentication keys. 6. COMPONENTS OF API PRODUCTS With APIs in the fast lane towards a product-oriented organization 15 Developer Tools API products often include software development kits (SDKs), code samples, and other tools to facilitate integration and development. 5. Documentation To aid developers in understanding how to use the API. This documentation covers information on available endpoints, request parameters, response formats, and sample usage. 4. Rate Limits API products frequently have rate limits and usage plans that outline the maximum number of requests a developer is allowed to make in a given amount of time in order to control usage and stop abuse. 3. Support and Maintenance To guarantee that the API product stays secure and functional, many API providers provide frequent updates and customer support. 2. API Endpoints Developers can use API endpoints, which are particular URLs or URIs, to submit requests to the API. 1.
  • 16. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 16 API PLATFORM
  • 17. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 17 CHARACTERISTICS OF A MODERN API PLATFORM Modern Tooling: Use modern engineering tools and techniques, infrastructure as code and automation Easy Onboarding: Low ramp for new internal teams to onboard to the platform Minimize cognitive load: Empower developers to foucs on delivering core business value Continually evolve: The Platform should be flexible enough to support new use cases (Desing4Change) 01 02 03 04
  • 18. © OPITZ CONSULTING 2023 / Öffentlich Integration / Plugins Different API Types BASIC CAPABILITIES OF A MODERN API PLATFORM With APIs in the fast lane towards a product-oriented organization 18 AuthN & AuthZ API Mgmt Tools Analytics Developer Portal API Gateway Lifecycle Mgmt Scalibility Developer Mgmt Security Features Compliance Extensibility Multi-Cloud and Hybrid Deployment Container Support Modern API Platform Monitoring
  • 19. © OPITZ CONSULTING 2023 / Öffentlich BUILDING BLOCKS API PLATFORM With APIs in the fast lane towards a product-oriented organization 19
  • 20. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 20  Establish API Platform team responsible for:  Providing API platform  Providing automation scripts  Enabling Dev teams  Constantly improves the platform  Responsibility of the teams:  Ownership of the APIs  Ownership of the Gateways (depending on the size) PLATFORM SHOULD PROVIDE INTUITIVE SELF-SERVICE CAPABILITIES
  • 21. © OPITZ CONSULTING 2023 / Öffentlich SILOED MODEL With APIs in the fast lane towards a product-oriented organization 21  Central IT team creates a deployment blueprint and IaC  Decentralized teams use this code to setup a platform  Full responsibility for decentralized teams  Maintenance, Updating / Patching  Security, Hardening  Decentralized teams are not bounded to central governance processes  Reusage and sharing between teams is limited  Single API catalog is missing  Central IT team is responsible for the API platform  Maintenance, Updating / Patching  Security, Hardening  Scaling  Deployed API gateways are shared between teams  Shared platform team can become a bottleneck  Limited ability to implement strict isolation between different business units CENTRALIZED MODEL
  • 22. © OPITZ CONSULTING 2023 / Öffentlich FEDERATED API MANAGEMENT With APIs in the fast lane towards a product-oriented organization 22  One centralized control plane  Used by all teams within organization  Multi tenancy  Multiple API gateways (data planes)  Managed by different, decentralized teams  Helps teams to get more independent  Configuration managed by APIOps within the teams  Provisioned with IaC  Updates / Security (Hardening) managed centrally Source: https://konghq.com/blog/enterprise/federated-api-management
  • 23. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 23 API DELIVERY
  • 24. © OPITZ CONSULTING 2023 / Öffentlich API-FIRST MINDSET TO FOCUS ON HOW AND FOR WHAT APIS ARE USED With APIs in the fast lane towards a product-oriented organization 24  Everything is build around and with APIs  Major outcomes:  Digital experience (best service customers, wherever they are)  Developer Experience  Increased Develper Productivity (Velocity of releases, etc.)  API-first makes Developer experience measurable  Benefits of being an API-first company:  Faster time-2-market  Fewer failures  Faster recovery times in case of failure Source: https://www.postman.com/state-of-api/api-first-strategies/#it-pays-to-be-api- firstmdashespecially-if-youre-scaling-up
  • 25. © OPITZ CONSULTING 2023 / Öffentlich APIS MUST BE CONSUMABLE With APIs in the fast lane towards a product-oriented organization 25  APIs should deliver business value  Focus on potential consumers  How will a consumer use my API?  What kind of resources and operations are needed by the consumers?  …  APIs should be consumer-centric and thus be consumable  Well-designed, secured and compliant  Documented, discoverable and accessible  Performant, reliable and scalable Source: https://konghq.com/blog/what-is-apiops/ Compliant Functional Findable The intersection of the three characteristics defines consumable APIs!
  • 26. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 26 CHALLENGE: BALANCE BETWEEN SPEED AND CONSISTENCE https://opitzcloud.canto.global/b/I3FO4
  • 27. © OPITZ CONSULTING 2023 / Öffentlich DECENTRALIZED API MANAGEMENT: FOCUS ON SPEED With APIs in the fast lane towards a product-oriented organization 27 API Platform Dev Team 1 Dev Team 2 Dev Team n API Standard 1 API Standard 2 API Standard n Decreasing consistency
  • 28. © OPITZ CONSULTING 2023 / Öffentlich CENTRALIZED API MANAGEMENT: FOCUS ON CONSISTENCE With APIs in the fast lane towards a product-oriented organization 28 API Platform Dev Team 1 Dev Team 2 Dev Team n API Platform Team Review loop Review loop Review loop API Guidelines API Guidelines API Guidelines Decreased speed
  • 29. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 29 AUTOMATION TO BALANCE SPEED AND CONSISTENCE https://opitzcloud.canto.global/b/OQR0O
  • 30. © OPITZ CONSULTING 2023 / Öffentlich APIOPS APPROACH: FOCUS ON SPEED AND CONSISTENCE With APIs in the fast lane towards a product-oriented organization 30 API Platform Dev Team 1 Dev Team 2 Dev Team n API Platform Team API Guidelines API Guidelines API Guidelines Automated deployment Governance layer Defines Guidelines, Rules & Restrictions Automated, direct feedback Automated, direct feedback Automated, direct feedback
  • 31. © OPITZ CONSULTING 2023 / Öffentlich APIOPS IS BUILT UPON THE PILLARS DEVOPS AND GITOPS With APIs in the fast lane towards a product-oriented organization 31  Principles:  Fast flow of work in the value stream  Fast feedback to remediate problems quickly  Culture of continuous learning, sharing, and experimentation  Principles:  Declarative description  Versioned and immutable  Pulled automatically  Continuously reconciled
  • 32. © OPITZ CONSULTING 2023 / Öffentlich APIOPS = GITOPS WITH FOCUS ON APIS With APIs in the fast lane towards a product-oriented organization 32  Principles:  API-first design  API spec as a single source of truth Commit API spec to Git API design guidelines Validate Build Test Merge User story GitOps Agent API Platform watch observe & sync push check & generate
  • 33. © OPITZ CONSULTING 2023 / Öffentlich Design Review & build Deploy Promote, deprecate, retire Operate & observe Learn & evolve CONSISTENTLY MANAGE THE API LIFECYCLE USING GIT With APIs in the fast lane towards a product-oriented organization 33 Outcome: Validated spec & SDKs Outcome: Validated implementation Outcome: API endpoints, declarative config Outcome: Managed API endpoints Outcome: Shared spec in Git
  • 34. © OPITZ CONSULTING 2023 / Öffentlich BUSINESS BENEFITS OF APIOPS With APIs in the fast lane towards a product-oriented organization 34  Increased speed as everything is automated in the delivery pipeline, which allows for rapidly onboarding, operating and scaling  Improved consistency through automated / self- service governance throughout the delivery pipeline  Lower cost because automation relieves the QA teams  Adopting APIOps increases  Flexibility  Agility and  Ability to innovate
  • 35. © OPITZ CONSULTING 2023 / Öffentlich IT BENEFITS OF APIOPS Developers  Increased Developers productivity  Fewer push backs and less frustation  Centralized discovery and documentation Operators  Automated configurations with Git as Single-Source-of-Truth  Automated QA  Consistent, automated rollback mechanism Architects  Faster time-2-market  Improved consistency  Increased security and resiliency With APIs in the fast lane towards a product-oriented organization 35  Increased confidence while releasing changes  Solid foundation to extend delivery pipeline to further use cases
  • 36. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 36 WHAT’S NEXT?
  • 37. © OPITZ CONSULTING 2023 / Öffentlich USING GENERATIVE AI TO FURTHER DX With APIs in the fast lane towards a product-oriented organization 37  Increase developer productivity  Decrease tedious and repetitive work  Improve the quality of the code, and free up developers to concentrate on more intricate and creative aspects of their work.  Remember: Generative AI can be useful, but it should only be applied sparingly  Results should be carefully examined and tested  Necessary security  Quality standards Data Generation Documentation Natural Language Processing Bug Detection Code Generation / Completion Personalized Development Environment
  • 38. © OPITZ CONSULTING 2023 / Öffentlich USING AI TO FURTHER UX FOR API CONSUMPTION With APIs in the fast lane towards a product-oriented organization 38  Today API portals are used to discover APIs  Challenges:  How to deal with undocumented APIs?  How do we enable non-technical users to discover current APIs?  Leverage the power of AI to overcome challenges and provide comprehensible UX  Example: PolyAPI  Provides Conversational UI to browse APIs  Learns while using APIs  Creates Client SDK and provides Code Snippets how to invoke API Source: https://ployapi.io
  • 39. © OPITZ CONSULTING 2023 / Öffentlich BUILT-IN SECURITY – EVOLVING FROM APIOPS TO APISECOPS With APIs in the fast lane towards a product-oriented organization 39  Security throughout the complete API Lifecycle  Design-Time  Run static AppSec testing (mind false positives)  Run dynamic AppSec testing (Check for OWASP API Security Top 10)  Run API conformance tests  Runtime  Find unknown and unused APIs  Detect anomalies in API usage (DDoS attacks, etc.)  Automating as much as possible and aim at early feedback  Use respective tooling (e.g. Crunch42)  Create attack playbooks Source: https://www.postman.com/state-of-api/executing-on-apis/#greatest-security-risks
  • 40. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 40 CONCLUSION
  • 41. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 41  Introducing new technologies is usually not a big deal  Difficult things are:  Change mindset  Change cultural aspects  Restructure teams  Modify responsibilities IT’S ALL ABOUT THE PEOPLE WORKING IN AN ORGANIZATION Change Management Support is an important part and necessary from the beginning to bring all people along on the API journey!
  • 42. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 42  API vision/strategy is essential  Think in API products  API-first development approach  Collaboration is a key to creating valuable API products  Requires a good data basis  cross- sectional qualification  API platform  Not only API gateway  Extensibility, security, APM, developer portal, … KEY TAKEAWAYS SUMMARY
  • 43. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 43 Q & A
  • 44. © OPITZ CONSULTING 2023 / Öffentlich With APIs in the fast lane towards a product-oriented organization 44 www.opitz-consulting.com KONTAKT Sven Bernhardt Chief Architect Sven.Bernhardt@opitz-consulting.com +49 172 2193529 https://www.xing.com/profile/Sven_Bernhardt/ https://www.linkedin.com/in/sven-bernhardt-0570b823/ Fabian Hardt Solution Architect Fabian.Hardt@opitz-consulting.com https://twitter.com/fabian_hardt https://www.xing.com/profile/Fabian_Hardt https://www.linkedin.com/in/fabian-hardt

Editor's Notes

  1. With APIs in the fast lane towards a product-oriented organization
  2. Need to modernize: Increased API volume Scaling API skills Cost control Compliance
  3. Centralized CP Works as Single Pane of glass for Configuration Observability Discoverability Reducing complexity on different levels to run the platform (gloabally distributed infrastructure) To design APIs To deliver APIs efficiently
  4. Produkt  Unternehmenserfolg!
  5. A product needs to be relevant and needs a value proposition If products are no longer of use, they need to be retired
  6. Compliance: Industry Standards - GDPR, HIPAA, or PCI-DSS API Mgmt Tools: Manage API through lifecycle – enforce API policies, Rate Limits, etc. Lifecycle Mgmt: Develop, Test, Run API Different API Types: REST, Soap, GraphQL, … Developer Mgmt: Access Control, User Management, …
  7. Platform: - Git - CI/CD-Pipelines - API GW (CP/DPs) - Monitoring
  8. https://konghq.com/blog/enterprise/federated-api-management https://wso2.com/library/blogs/new-insights-about-federated-api-gateways-in-gartner-hype-cycle-for-apis-2023/ https://medium.com/@nabtechblog/building-a-federated-api-platform-cb090aaaea9
  9. Consumer-centric An API-first strategy means adopting a product-centric approach to building APIs, one in which everything you build is developed based on how your APIs will be consumed. What characterizes an API-first approach? It prioritizes APIs at the beginning of the development process, positioning APIs as the building blocks of software. This involves developing APIs before writing other code, instead of treating them as afterthoughts.
  10. Compliant: Standards & Security Functional: Performant, Reliable, Scalable Findable: Documented, Discoverable, Accessible Well-designed, secured and compliant, following the industry and your organization’s usage and security best practices If you couldn’t lock your iPhone, would you still use it? Documented, discoverable and accessible for your consumers to find and (re)use If it were too hard to buy an iPhone, how long would you keep searching for one before buying something else? Performant, reliable and scalable so consumers receive a high-quality service from you and have confidence to continue reusing your services How long would your loyalty to Apple last if their phones were consistently unreliable?
  11. DevOps: CI / CD Version control Infrastructure as Code (IaC) Configuration as Code (CaC) Monitoring / Observability (o11y)
  12. API spec is published to an API portal Additional documentation may be provided by the API provider (not necessarily) API Portal provides an overview of APIs available Portal may provide example calls for different languages (CURL, Httpie, Java, Perl, JavaScript, etc.)
  13. https://owasp.org/www-project-api-security/
  14. https://economictimes.indiatimes.com/definition/product
  15. https://owasp.org/www-project-api-security/