The document summarizes an agenda for an API development roundtable discussion. It introduces the speakers and establishes discussion rules. It then provides an overview of APIs, including their evolution, growth, use cases, security considerations, and adoption across industries. A quick poll is taken on companies' API maturity. Key concerns around API development like security, performance, and ownership models are discussed. Current tools and strategies used are reviewed. The document recaps the discussion and thanks participants.
Enterprise API : Best practice for World class API ecosystem is an attempt on my part to explain the best practice in deploying API infrastructure in the organization.
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
API Automation For DevOps at Scale: How to Go From Code to API Product While Ensuring Compliance
Rod Cope, Chief Technology Officer at Akana by Perforce
Are APIs really that different from SOA? Join Alistair Farquharson, CTO, SOA Software and Sachin Agarwal, VP Product Marketing, SOA Software to learn more about how to build out a combined API and SOA strategy for your business, and understand the real differences between APIs and SOA, and lay down a common long-term unified infrastructure for all your services – past, present and future.
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API data sharing legal practices for public sector: The case of the National licensing initiative
Hanna Niemi-Hugaerts, Executive Director at TIEKE, Finnish Information Society Development Centre
Enterprise API : Best practice for World class API ecosystem is an attempt on my part to explain the best practice in deploying API infrastructure in the organization.
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
API Automation For DevOps at Scale: How to Go From Code to API Product While Ensuring Compliance
Rod Cope, Chief Technology Officer at Akana by Perforce
Are APIs really that different from SOA? Join Alistair Farquharson, CTO, SOA Software and Sachin Agarwal, VP Product Marketing, SOA Software to learn more about how to build out a combined API and SOA strategy for your business, and understand the real differences between APIs and SOA, and lay down a common long-term unified infrastructure for all your services – past, present and future.
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API data sharing legal practices for public sector: The case of the National licensing initiative
Hanna Niemi-Hugaerts, Executive Director at TIEKE, Finnish Information Society Development Centre
Learn about how to protect your digital assets from known external threats at the API layer. Secure your assets against threats like SQL injection, JSON threat protection and application DoS. Protect your apps from cyber threats and bad bots with data-driven enterprise grade API security and Adaptive Threat Protection.
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2
Most of the current enterprise integration architecture involves applications communicating each other through SOA services. APIs allow the services offered outside enterprise to devices, web apps, messaging and file based consumers, partners integrated seamlessly with enterprise, additionally featuring analytics, billing, location transparency, threat protection etc. In essence, we have to maintain and manage such services and APIs, especially when they grow in number and are critical for business expansion by being easily accessible to consumers.
In this scenario, it is essential to have a system for governance. It should meet demands such as;
Ease of discovery and access to the enterprise data for rapidly cropping app culture through APIs
Security of the interfaces, dependency charts including services and APIs & notification for changes
SDLC management capability, Search and tag, reporting, versioning and integration capability with enterprise apps
Share in social media, logging and auditing, custom processes implementations
Build an api eco-system you can be proud ofCisco DevNet
What do you think of when you hear “Lets build an API for that”? The typical thought process is “Its easy to expose my data/application”. Everyone in the company probably thinks the same– which is great! What happens when we build these API’s though, is that they don’t all follow the same methodology and we don’t think through how to manage their lifecycle.
This presentation presents our perspective and guidance on full life-cycle management and governance of API’s – from defining with the customer in mind, building, publishing on a single platform, supporting and retiring API’s for the business outcomes you’re driving!
Top Three Take-Aways For Participants:
1. Its easy to manage API’s as long as we think through the life-cycle and have a process.
2. The RAML “Design-First” methodology works great for API adoption by application builders.
3. Managing API’s allows easy policy enforcement, security, analytics and monetization opportunities – with benefits across business, technology and operations aspects.
Consultant Robert Broeckelmann shares his experience of implementing API management in a large enterprise and will share how to:
- define API governance
- explore the goals, requirements, implementation of API governance
- look at lessons learned from implementing one enterprise customer's API governance process
In this presentation, Mike Amundsen, Francois Lascelles and Devon Winkworth of Layer 7 Technologies provide information on:
The latest trends in the API economy and best practices and tips for securely exposing enterprise APIs
Key issues around API Management, including access control, data security/privacy, developer management and API performance management
Learn about security architecture, security patterns for app and API access control, and best practices for threat management, data security, identity and compliance including:
- how to approach API security for your API program?
- the API security pillars - threat protection, data security and identity
- best practices for integrating identity services into API management
- how to meet compliance requirements for API products
apidays LIVE Australia 2021 - Overcoming the 3 Largest Obstacles to Digital T...apidays
apidays LIVE Australia 2021 - Accelerating Digital
September 15 & 16, 2021
Overcoming the 3 Largest Obstacles to Digital Transformation
Alan Glickenhouse, Digital Transformation Business Strategist at IBM
Webcast: AWS Sticker Shock? How can containers and automation help?Applatix
Slides that accompany our YouTube video of a webcast on AWS and cloud cost management best practices - along with a discussion of how containers can help you change the game on cloud cost efficiency.
Managing Sensitive Information in an API and Microservices WorldApigee | Google Cloud
Managing Sensitive Information in an API and Microservices World. A presentation by Peter Miron (Apcera) and Joshua Norrid (Apigee) at Apigee's Adapt or Die, San Francisco 2016. See events.apigee.com
Over the past 15+ years, the Enterprise API has been the backbone of the App Cloud. Over the last three releases, we have been focused on delivering APIs that focus on optimizations and functionality in our API landscape. Join us to learn about the new features we have released in the last year, new features announced at Dreamforce, and what features are on our roadmap for the next year.
apidays LIVE New York 2021 - Design-First: How to champion an API culture shi...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Design-First: How to champion an API culture shift
Anna Daugherty, Product Marketing Manager at Stoplight
ITANA 2016: API Architecture and ImplementationColin Bell
Presentation w/ Zachary Seguin, Kartik Talwar, and Nate Vexler for ITANA (https://spaces.internet2.edu/display/itana/Home) API Group. Covers the University of Waterloo's development of API capabilities starting with a student led Open Data initiative.
Learn about how to protect your digital assets from known external threats at the API layer. Secure your assets against threats like SQL injection, JSON threat protection and application DoS. Protect your apps from cyber threats and bad bots with data-driven enterprise grade API security and Adaptive Threat Protection.
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2
Most of the current enterprise integration architecture involves applications communicating each other through SOA services. APIs allow the services offered outside enterprise to devices, web apps, messaging and file based consumers, partners integrated seamlessly with enterprise, additionally featuring analytics, billing, location transparency, threat protection etc. In essence, we have to maintain and manage such services and APIs, especially when they grow in number and are critical for business expansion by being easily accessible to consumers.
In this scenario, it is essential to have a system for governance. It should meet demands such as;
Ease of discovery and access to the enterprise data for rapidly cropping app culture through APIs
Security of the interfaces, dependency charts including services and APIs & notification for changes
SDLC management capability, Search and tag, reporting, versioning and integration capability with enterprise apps
Share in social media, logging and auditing, custom processes implementations
Build an api eco-system you can be proud ofCisco DevNet
What do you think of when you hear “Lets build an API for that”? The typical thought process is “Its easy to expose my data/application”. Everyone in the company probably thinks the same– which is great! What happens when we build these API’s though, is that they don’t all follow the same methodology and we don’t think through how to manage their lifecycle.
This presentation presents our perspective and guidance on full life-cycle management and governance of API’s – from defining with the customer in mind, building, publishing on a single platform, supporting and retiring API’s for the business outcomes you’re driving!
Top Three Take-Aways For Participants:
1. Its easy to manage API’s as long as we think through the life-cycle and have a process.
2. The RAML “Design-First” methodology works great for API adoption by application builders.
3. Managing API’s allows easy policy enforcement, security, analytics and monetization opportunities – with benefits across business, technology and operations aspects.
Consultant Robert Broeckelmann shares his experience of implementing API management in a large enterprise and will share how to:
- define API governance
- explore the goals, requirements, implementation of API governance
- look at lessons learned from implementing one enterprise customer's API governance process
In this presentation, Mike Amundsen, Francois Lascelles and Devon Winkworth of Layer 7 Technologies provide information on:
The latest trends in the API economy and best practices and tips for securely exposing enterprise APIs
Key issues around API Management, including access control, data security/privacy, developer management and API performance management
Learn about security architecture, security patterns for app and API access control, and best practices for threat management, data security, identity and compliance including:
- how to approach API security for your API program?
- the API security pillars - threat protection, data security and identity
- best practices for integrating identity services into API management
- how to meet compliance requirements for API products
apidays LIVE Australia 2021 - Overcoming the 3 Largest Obstacles to Digital T...apidays
apidays LIVE Australia 2021 - Accelerating Digital
September 15 & 16, 2021
Overcoming the 3 Largest Obstacles to Digital Transformation
Alan Glickenhouse, Digital Transformation Business Strategist at IBM
Webcast: AWS Sticker Shock? How can containers and automation help?Applatix
Slides that accompany our YouTube video of a webcast on AWS and cloud cost management best practices - along with a discussion of how containers can help you change the game on cloud cost efficiency.
Managing Sensitive Information in an API and Microservices WorldApigee | Google Cloud
Managing Sensitive Information in an API and Microservices World. A presentation by Peter Miron (Apcera) and Joshua Norrid (Apigee) at Apigee's Adapt or Die, San Francisco 2016. See events.apigee.com
Over the past 15+ years, the Enterprise API has been the backbone of the App Cloud. Over the last three releases, we have been focused on delivering APIs that focus on optimizations and functionality in our API landscape. Join us to learn about the new features we have released in the last year, new features announced at Dreamforce, and what features are on our roadmap for the next year.
apidays LIVE New York 2021 - Design-First: How to champion an API culture shi...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Design-First: How to champion an API culture shift
Anna Daugherty, Product Marketing Manager at Stoplight
ITANA 2016: API Architecture and ImplementationColin Bell
Presentation w/ Zachary Seguin, Kartik Talwar, and Nate Vexler for ITANA (https://spaces.internet2.edu/display/itana/Home) API Group. Covers the University of Waterloo's development of API capabilities starting with a student led Open Data initiative.
Hypermedia-Driven Orchestration in MicroservicesCA Technologies
The notion of "affordances" has played seminal role in transforming our understanding of usable service design. It is key in hypermedia architectural style and enables us to build resilient systems “at the scale of decades”. With the microservice architectural style, we can build systems that have higher degrees of freedom than those having monolith architectures. In such systems, effective orchestration and choreography are crucial. During this presentation, Irakli Nadareishvili, Director of API Strategy, API Academy, explores hypermedia-enabled approach that leads to loosely-coupled, evolvable service design. Seating is limited and available first come-first served. For more information, please visit http://cainc.to/Nv2VOe
Ramesh Elaiyavalli presented this material at All about the API conference. The presentation covers design considerations for API design, pros, and cons of SDK and tools needed to enhancing API adoption.
Realizzare una buona UI aiuta a migliorare UX (oppure è il contrario)?
Applicare la grafica non si riduce ad un insieme di forme e colori: progettare correttamente permette di creare interfacce funzionanti per vivere un’esperienza memorabile.
Le 5 aree di lavoro su cui concentrarsi nel 2016 Coppa+Landini
Anche quest'anno - durante il consueto appuntamento di fine anno con il nostro Company Day - sono state condivise le 5 aree di lavoro su cui concentrarsi il nuovo anno
This pitch deck is principally suited to be used by business leaders that need to be able to communicate the API advantage internally and to build support for an API strategy.
It can also be used by API providers as a resource they share with new customers who need to be able to communicate the benefits of APIs with their colleagues so as to make organizational-wide use of third party APIs.
Sachin Agarwal, SOA Software VP of Product Marketing, explains the frenzy around the mass development and adoption of APIs. In this presentation, he describes the business and technology implications of developing an API stratgy.
APIs have become essential to success in the app economy. How does your use of APIs compare with other companies? According to a recent survey of 1,442 IT and business leaders by Freeform Dynamics, commissioned by CA Technologies, the most successful digital businesses are 2x more likely to leverage APIs for internal development and 2.8x more likely to use APIs to enable third party apps.
Download the report “APIs and the Digital Enterprise” here: http://cainc.to/M85rD1
API management solutions help enterprises manage, secure, and mediate API traffic, ensure that developers and partners are productive, and grow their API programs to meet the increasing demands of a digital world. APIU management capabilities including Backend as a Service (BaaS) solutions, analytics engines, and monetization enable developers to develop and extend apps with modern features, provide deep insights into the APIs, and allow API providers to monetize their APIs and developers to share in the revenue.
API and App Ecosystems - Build The Best: a deep diveCisco DevNet
A session in the DevNet Zone at Cisco Live, Berlin. This presentation presents our perspective and guidance on full life-cycle management and governance of API's from defining with the customer in mind, building, publishing on a single platform, supporting and retiring API's for the business outcomes you're driving!
APIGEE is today’s important source of API skills and services for developers. API Management refers to the practices and tools that enable an organization to govern and monitor its Application Programming Interfaces (APIs). This course at IQ online training gives you an introductory look at the Apigee API Platform and API Design in general.
Hewlett Packard Enterprise View on Going Big with API Management - Applicatio...CA Technologies
Companies of every size have been disrupted by new business models, new digital devices and new forms of connectivity. But it is the largest enterprises that face the greatest challenges when it comes to integrating their vast legacy architectures with new systems of engagement and innovation that consumers now demand. In this session, Terry White, Fellow and Chief Technologist, Enterprise Services Applications and Business Services at Hewlett Packard Enterprise, will bring more than 30 years of perspective to a discussion on how critical APIs are as a catalyst for legacy application transformation and migration to the cloud. Terry will also cover the importance of being able to manage and secure those APIs to avoid massive service disruptions and security breaches.
For more information, please visit http://cainc.to/Nv2VOe
Data Sheet
IBM Cloud
Accelerating digital
transformation with
IBM API Connect
Securely unlock enterprise data and services for the
digital economy with an integrated API foundation
"APIs: the Glue of Cloud Computing"
CloudExpo Europe Keynote - June 22, 2010
The second day of the CloudExpo Europe that was taking place in Prague the 21st and 22nd of June, Steven Willmott, the CEO of 3scale, made a presentation on APIs and their importance for Cloud Computing.
The key highlights of this presentation are:
1. Cloud Computing pushes to the “hyper integration” of the Web and the enabling of key platform to emerge (e.g. the new SkypeKit)…. But not only for computing power
2. Cloud Computing and its different elements fit into an MVC “Cloud Edition” framework thanks to APIs
3. APIs enable Cloud Scale MVC
4. You need to become indispensable in the Value Chain otherwise someone may eat your lunch
5. APIs are key to become indispensable but need to be managed
Apigee is a leading provider of API management and predictive analytics software. APIs or application programming interfaces are the drivers behind modern digital transformations. They connect various systems, applications, and data sources allowing them to work seamlessly together. With Apigee, organizations can manage their APIs more effectively and securely while gaining insights into how their services are being used by customers.
Digital is disrupting the physical world with new business models. In this presentation from SOA Software VP of Product Marketing, Sachin Agarwal, learn how APIs are used to drive new digital channels securely and safely.
1. Developing an API Strategy:
Increasing Efficiency and Engagement
Agile Development & Business Process
Management Roundtable
2. Agenda
• Introductions
• Rules of the Road
• API Overview
• Quick Poll
• Concerns and questions that must be addressed
• Current tools and strategies
• Recap
• Wrap Up
3. Introductions
Scott Wissel, Manager of Emerging Technologies, TTX Company
Scott prides himself on capitalizing on the smartest technology decisions to advance TTX’s business goals.
TTX Company is a leading provider of railcars and related freight car management services to the North
American rail industry. For the past six years, Scott has focused on aligning technology and business to
achieve success. Prior to TTX, Scott held roles in consulting and application architecture for organizations like
Coventry Health Care and Risetime.
Patrick Emmons, Founder and CEO of DragonSpears, Inc.
Patrick's focus on taking the best of software development methodologies and applying them to building
applications that support business goals, has created a solid foundation for the success of DragonSpears. He
is a Microsoft Certified Solutions Developer (MCSD) and his past has also included work as a developer /
consultant for Ameritech, Motorola, and Baker Robbins.
4. RULES OF THE ROAD
Rule #1 – No Free Rides
Rule #2 – No Pitching
5. API Overview - What is an API
An application programming interface (API) is a set of subroutine definitions, protocols,
and tools for building software and applications. A good API makes it easier to develop
a program by providing all the building blocks, which are then put together by the
programmer. An API may be for a web-based system, operating system, database
system, computer hardware, or software library
6. API Overview – Evolution of APIs
1960 - 1980
Basic interoperability
enables the first
programmatic exchanges
of information. Simple
interconnect between
network protocols.
Sessions established to
exchange information.
TECHNIQUES
ARPANET, ATTP, and TCP
sessions
1980 - 1990
Creation of interfaces with
function and logic.
Information is shared in
meaningful ways. Object
brokers, procedure calls,
and program calls allow
remote interaction across a
network.
TECHNIQUES
Point-to-point interfaces,
screenscraping, RFCs, and
EDI
1990 - 2000
New platforms enhance
exchanges through
middleware. Interfaces
begin to be defined as
services. Tools manage the
sophistications and
reliability of messaging.
TECHNIQUES
Message-oriented
middleware, enterprise
service bus, and service
oriented architecture.
2000 - Today
Businesses build APIs to
enable and accelerate new
service development and
offerings. API layers
manage the OSS/BSS of
integration.
TECHNIQUES
Integration as a service,
RESTful services, API
management, and cloud
orchestration.
Source: ProgrammableWeb, http://www.programmableweb.com, accessed January 7, 2015
7. API Overview: Growing Rapidly
MonthlyTraffic(Billion)
The increased pace of digital transformation in
enterprises is evidenced by a large increase in API
traffic, which has grown 2.8 times year-over-year.
Media, retail, and information services industries
account for 73% of API traffic. Annual peaks are
observed in API traffic around Thanksgiving, when
retailers experience significant spikes in traffic
volume.
Salesforce.com generates 50% of its
revenues through APIs.
eBay generates 60%.
Expedia.com generates 90%.
Source: The Strategic Value of APIs, HBR, Jan. 2015
Source: Apigee State of APIs Report 2016
8. API Overview: B2B
Source: Apigee State of APIs Report 2016
Internal operations
initiatives are mostly on
empowering sales and
support teams to deliver
superior customer value.
Customer experience initiatives
are focused on delivering superior
digital experience through mobile
and other channels.
Enterprises are using APIs to
extend their business capabilities
through partner channels and
ecosystem engagement initiatives.
Partner/Channel Engagement (B2B)
Customer Experience (B2C)
Internal Operations
9. API Overview: Who’s Leading the Charge
Source: Apigee State of APIs Report 2016
65%
32%
3%
Number of APIs Hosted By Region
Americas Europe Asisa
Digital transformation is very active in North America and Europe, as seen
by the number of APIs hosted and consumed by app developers.
We believe that North American enterprises are typically 6-12 months ahead
of their European counterparts in digital transformation initiatives and 18-24
months ahead of Asian enterprises.
Percentage of App Developers Using APIs Hosted in Region
Americas Europe Asia
10. API Overview: API Digital Maturity
Source: Apigee State of APIs Report 2016
66%
27%
7%
Distribution of customers by number of api-driven apps
Project (1-10 apps) Program (11-50 apps) Platform (50+ apps)
The Project to Program to Platform Journey
Successful API run enterprises use the project-to-
program-to-platform approach to achieve their
digital transformation.
Enterprises typically start with couple of discreet
digital projects, and, as the number of developer
teams and projects grow, they create an API
program.
Over time, as enterprises build more digital
experiences powered by APIs, they grow an
ecosystem of developers & partners that leverage
their core assets and drive the innovation and
network effect of a digital platform.
11. API Overview: Use Cases
Source: Apigee State of APIs Report 2016
85%
Business Logic
To accelerate digital initiatives without disrupting their
back-ends, companies are adding business logic at the
API Tier.
API PLATFORM USE
% of companies using API platform capability
57%
Data Transformations
38%
Data Persistence
Increasingly, enterprises are storing persistent
data in the API Tier to improve app
performance and accelerate app development.
Majority of enterprises are using the API tier for data
transformations to tie disparate backend systems
and formats seamlessly.
12. API Overview: Security
Source: Apigee State of APIs Report 2016
85%
Threat Protection
57%
OAuth
78%
Spike Arrest
Percentage of companies using security capability in the API Tier
Enterprises are looking to APIs for three key security advantages:
Built-in privacy: It is critical to have security built into the technology and operating environment. APIs inherently have authentication,
authorization, auditing, and traceability built into them with OAuth, TLS/SSL, and traceability.
Threat protection: API-based policy management enables an enterprise to automate detection and protection from OWASP’s top 10
threats (such as SQL injection and XSS), and adaptive threats such as bad bots.
Visibility and governance: APIs provide visibility into which enterprise data is accessed, by which apps and which users. Role-based
access control (RBAC) at the API tier ensures the right level of protection, while giving visibility and transparency.
13. API Overview: Adoption By Vertical
Source: Apigee State of APIs Report 2016
Most popular API platform capabilities being used in key industries
Retail Information Services Media
Business Logic Business Logic Business Logic
Data Transformation Data Transformations Data Transformations
Security – OAuth V2
Security – API Key Security – API Key
Quota Management Quota Management
Caching
The focus is to deliver content like product
catalog quickly, hence high use of caching
and access without authentication
Extensive use of security policies, including
OAuth and API keys to ensure core digital
assets are protected
Protect digital assets with API keys and quota
policies to protect backend systems from abuse
15. API Overview: API versus SOA
SOA is about…
XML and SOAP
Architectural best practices
Decoupling application
Usually solve a technical problem
API is about…
REST/JSON
Consumable Services (internally or externally)
Treated like a product
Usually solve a business problem
Both need…
Designed for different audiences
Supported as stand alone applications
https://blog.akana.com/api-vs-soa-different/
16. QUICK POLL
1. Looking to get started
2. Used them with a project or two
3. Have an established program
4. Part of every application
What is your company’s
level of maturity in APIs?
17. Concerns and Questions
Security
How are we going to secure the data?
Performance & Scalability
How do we make sure that we are not letting our users degrade
the performance of the applications?
Monitoring & Analytics
How do we make sure that we are monitoring who is using the
API
Ownership
This is a product instead of a architectural solution, who is going
to own this?
https://blog.akana.com/api-vs-soa-different/
18. Current Tools & Strategies
https://blog.akana.com/api-vs-soa-different/
19. RECAP POLL
1. A better understanding of APIs
2. Some ideas about how to get started
3. Answers to some nagging questions
4. A good idea of how to use APIs as a
platform
What did you get out of
today’s roundtable?
20. Thank you!
Thanks to Scott for taking the time to lead
this discussion. And thanks to everyone for
joining us today and sharing their
experiences!
Editor's Notes
In Slide Show mode, click the arrow to enter the PowerPoint Getting Started Center.
In Slide Show mode, click the arrow to enter the PowerPoint Getting Started Center.
In Slide Show mode, click the arrow to enter the PowerPoint Getting Started Center.
In Slide Show mode, click the arrow to enter the PowerPoint Getting Started Center.