SlideShare a Scribd company logo

Sharing Best Practices and Recommendations from the Integration Battlefield

WSO2
WSO2

APIs are the tip of the iceberg of enterprise integration. In this workshop Isabelle Mauny vp, product management at WSO2 discussed how WSO2’s customers engaged in successful enterprise deployments. She shared best practices and recommendations from the "integration battlefield" around security, monitoring and performance. Isabelle hosted this workshop at API Days Paris.

Technology
1 of 34
Download to read offline
Isabelle Mauny VP, Product, WSO2 Last Updated: Nov 2014 Lessons from the ba.lefield Tuesday, December 9, 14
2 About the speaker... ๏ French na)ve ๏ Living in Madrid ๏ Working mostly in Sri Lanka and Europe ๏ 17 years @ IBM, 5 years in startups ๏ Managing the overall WSO2 porEolio ๏ Linux command line user... Tuesday, December 9, 14
3 Who is WSO2 ? ๏ Open Source Middleware Pla2orm Provider ๏ Apache 2.0 License ๏ Provides Integra?on, API Management, Security and Mobile enterprise management products ๏ Main contributor to Apache Stratos PaaS ๏ Creators of DevOps “AppFactory” cloud solu?on Tuesday, December 9, 14
4 Tuesday, December 9, 14
Architecture Roadmap 5 Decompose your exis7ng business processes, data and capabili7es into services Make all services accessible via APIs, externally and internally Put services and APIs under control ! Build an ecosystem around your APIs Collect data on your new products and APIs 1 2 3 4 5 Tuesday, December 9, 14
6 Crea%ng and Managing Services Tuesday, December 9, 14
7 Services and APIs ๏ Service deals with implementa)on ๏ API deals with subscrip)on (consumer) ๏ Two very dis)nct life cycles ! ๏ You don’t need the service to create the API... Tuesday, December 9, 14
8 API Lifecycle ๏ An API can pass through mul)ple states ๏ For example: ๏ CREATED ๏ PUBLISHED ๏ DEPRECATED ๏ RETIRED ๏ BLOCKED ๏ Should integrate with complete governance lifecycle Tuesday, December 9, 14
9 Building a Managed API ๏ Crea)ng APIs (interface, docs, samples,etc.) ๏ Adver)sing APIs ๏ Making APIs subscribe-­‐able by consumers ๏ Associa)ng SLAs ๏ Securing APIs ๏ Mone)za)on and Analy)cs Tuesday, December 9, 14
10 API Security Tuesday, December 9, 14
11 API Security ๏ Security is not an aer thought ! ๏ APIs are part of a much larger enterprise picture ๏ How will consumers request an access token ? ๏ Using a SAML 2.0 asser)on ? ๏ Using client_creden)als ? ๏ Using userid/password ? ๏ Make sure you document thoroughly how developers need to manage tokens: ๏ Tokens are like passwords! ๏ Always use SSL for token transporta)on ! ๏ Use Domain restric)ons (WSO2 API Manager) Tuesday, December 9, 14
12 Fine-­‐grained access to APIs ๏ OAuth2 is all about access control: a token is associated to a scope. ๏ XACML (eXtensible Access Control Markup Language) is the de-­‐facto standard for fine-­‐grained access control. ๏ OAuth scope can be represented in XACML policies ๏ Provides fine grain control over what a user/applica?on can do ( i.e. you can call GET but not POST on an API) Tuesday, December 9, 14
13 Passing Auth Informa:on to back-­‐end services ๏ Using JSON Web Tokens (JWT) ๏ Lightweight ๏ Can be signed ๏ Easy to parse and consume ๏ Standard Tuesday, December 9, 14
14 Token Format ๏ JWT Structure {token info}.{claims list}.{signature} ๏ Base-­‐64 Encoded Tuesday, December 9, 14
15 What are Claims ? ๏ Claims are a set of ahributes about a user, mapped to the underlying user store. ๏ A set of claims is called a dialect Tuesday, December 9, 14
16 Deployment Tuesday, December 9, 14
17 Gateway vs. ESB ๏ Oh, but I already have an ESB ! Why do I need a gateway ? ๏ API Gateway vs. Media)on Layer (ESB) ๏ Gateway = light ESB ? ๏ Think ESB as an architecture pahern, not a product! Tuesday, December 9, 14
18 Generic Facade Pa.ern ๏ Pros ๏ No addi)onal hop in the network ๏ Single Server to be managed ๏ More suited for internal deployments ๏ Cons ๏ Complexity of integra)on at edge of network ๏ API Management layer can’t really scale independently ๏ Not appropriate for DMZ deployments (direct access to backend services) Tuesday, December 9, 14
19 Separated Facade & MediaWon ๏ API Gateway Layer acts as simple reverse proxy, enforcing basic policies ๏ Clear separa?on of concern between layers ๏ Media?on layer and API management layer scale independently ๏ Specific security checks/protec?on at edge of the network ๏ Provides protocol transforma?on to the edge of the network Tuesday, December 9, 14
20 Specific WSO2 SoluWon ๏ Our API gateway is actually a full-­‐blown ESB under the hood, constrained at UI level. ๏ You can install the missing ESB features on top of API manager and combine both architecture layers into a single run)me! ๏ Makes the choice a deployment one. Tuesday, December 9, 14
21 Typical Deployment Tuesday, December 9, 14
22 Users Store ๏ Separate admins / corporate users from the developers users’s store (created via self-­‐sign up) Tuesday, December 9, 14
23 You can’t manage what you can’t measure. Tuesday, December 9, 14
24 Why Analy:cs and API Management are important together? ๏ Build confidence in the API model ๏ Understand your customer ๏ Not just the developer but also the end-­‐user ๏ Help manage services and versions ๏ Understand when deprecated services can be re?red ๏ Plan beZer ๏ Monitor the growth of aggregated API traffic ๏ Monitor the growth of specific apps ๏ Even if you’re not going to put analy?cs in place, make sure you capture all events right from beginning of project. Tuesday, December 9, 14
25 AnalyWcs 101: AggregaWon • How to collect data efficiently • How to store data effec)vely • Choose which data to capture Tuesday, December 9, 14
26 AnalyWcs 101 : Analysis • Data opera)ons • Defining KPIs and analy)cs • Opera)ng on large amounts of historical or current data • Crea)ng intelligence Tuesday, December 9, 14
27 AnalyWcs 101 : PresentaWon • Visualiza)on • Dashboards • Reports Tuesday, December 9, 14
28 Monitor And Analyze ๏ Take decisions in real ?me through Complex Event Processing ๏ Create dashboards for both technical and business monitoring Tuesday, December 9, 14
29 DetecWng Usage Pa.erns ๏ My API customer is trying to steal my business : let’s block them. ๏ A customer is at 80% of API plan : let’s warn them ๏ A customer is systema)cally at 120% of the plan : propose an upgrade to the premium plan Tuesday, December 9, 14
30 Demo Tuesday, December 9, 14
31 Demo Setup Tuesday, December 9, 14
32 References ๏ Building an ecosystem for API Security (White Paper) ๏ hhp://wso2.com/whitepapers/wso2-­‐whitepaper-­‐building-­‐an-­‐ecosystem-­‐for-­‐api-­‐ security/ ๏ API Facade Pahern (Webinar) ๏ hhp://wso2.com/library/webinars/2014/01/implemen)ng-­‐api-­‐facade-­‐using-­‐ wso2-­‐api-­‐management-­‐plaEorm/ ๏ API Management: missing link for SOA ๏ hhp://sanjiva.weerawarana.org/2012/08/api-­‐management-­‐missing-­‐link-­‐for-­‐ soa.html ๏ Promo)ng Service Reuse ๏ hhp://wso2.com/whitepapers/promo)ng-­‐service-­‐reuse-­‐within-­‐your-­‐enterprise-­‐ and-­‐maximizing-­‐soa-­‐success/ Tuesday, December 9, 14
33 Download API Manager today! ๏ hhp://wso2.com/products/api-­‐manager/ Tuesday, December 9, 14
Contact us ! Tuesday, December 9, 14

Recommended

Service Launch - Nuage X as a SaaS platform for demos, integrations and sales
Service Launch - Nuage X as a SaaS platform for demos, integrations and salesService Launch - Nuage X as a SaaS platform for demos, integrations and sales
Service Launch - Nuage X as a SaaS platform for demos, integrations and salesHussein Khazaal
 
Glass Fish Esb Launch Feb10 2009 Part A Frank K
Glass Fish Esb Launch Feb10 2009 Part A Frank KGlass Fish Esb Launch Feb10 2009 Part A Frank K
Glass Fish Esb Launch Feb10 2009 Part A Frank KEduardo Pelegri-Llopart
 
Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8WSO2
 
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB WSO2
 
Object Store
Object StoreObject Store
Object StoreMuleSoft
 
A Day in the Life of a Cross-platform, DevOps-enabled Team
A Day in the Life of a Cross-platform, DevOps-enabled TeamA Day in the Life of a Cross-platform, DevOps-enabled Team
A Day in the Life of a Cross-platform, DevOps-enabled TeamDeborah Schalm
 
OpenStack et Windows
OpenStack et WindowsOpenStack et Windows
OpenStack et WindowsMicrosoft Technet France
 
Introduction to Weex: Mobile Apps with VueJS
Introduction to Weex: Mobile Apps with VueJSIntroduction to Weex: Mobile Apps with VueJS
Introduction to Weex: Mobile Apps with VueJSRafael Casuso Romate
 

Recommended

Service Launch - Nuage X as a SaaS platform for demos, integrations and sales
Service Launch - Nuage X as a SaaS platform for demos, integrations and salesService Launch - Nuage X as a SaaS platform for demos, integrations and sales
Service Launch - Nuage X as a SaaS platform for demos, integrations and salesHussein Khazaal
 
Glass Fish Esb Launch Feb10 2009 Part A Frank K
Glass Fish Esb Launch Feb10 2009 Part A Frank KGlass Fish Esb Launch Feb10 2009 Part A Frank K
Glass Fish Esb Launch Feb10 2009 Part A Frank KEduardo Pelegri-Llopart
 
Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8WSO2
 
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB WSO2
 
Object Store
Object StoreObject Store
Object StoreMuleSoft
 
A Day in the Life of a Cross-platform, DevOps-enabled Team
A Day in the Life of a Cross-platform, DevOps-enabled TeamA Day in the Life of a Cross-platform, DevOps-enabled Team
A Day in the Life of a Cross-platform, DevOps-enabled TeamDeborah Schalm
 
OpenStack et Windows
OpenStack et WindowsOpenStack et Windows
OpenStack et WindowsMicrosoft Technet France
 
Introduction to Weex: Mobile Apps with VueJS
Introduction to Weex: Mobile Apps with VueJSIntroduction to Weex: Mobile Apps with VueJS
Introduction to Weex: Mobile Apps with VueJSRafael Casuso Romate
 
Full-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformFull-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformHP Seitz
 
Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Hussein Khazaal
 
API Webinar November 18th 2014
API Webinar November 18th 2014API Webinar November 18th 2014
API Webinar November 18th 2014Yenlo
 
Criando sua primeira App Service no Azure
Criando sua primeira App Service no AzureCriando sua primeira App Service no Azure
Criando sua primeira App Service no AzureJaqueline Ramos
 
Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Roshani Patel
 
BootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeBootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeOPITZ CONSULTING Deutschland
 
Azure Management Basics
Azure Management BasicsAzure Management Basics
Azure Management BasicsASPEX_BE
 
Load & Performance TESTING
Load & Performance TESTINGLoad & Performance TESTING
Load & Performance TESTINGGuido Serra
 
Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07carsonsystems
 
Micro frontends with react and redux dev day
Micro frontends with react and redux dev dayMicro frontends with react and redux dev day
Micro frontends with react and redux dev dayPrasanna Venkatesan
 
WebRTC & Asterisk 11
WebRTC & Asterisk 11WebRTC & Asterisk 11
WebRTC & Asterisk 11Sanjay Willie
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Nico Meisenzahl
 
Scaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyScaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyTori Wieldt
 
Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Waldyr Felix
 
Managing Composite Application in Apache Stratos
Managing Composite Application in Apache StratosManaging Composite Application in Apache Stratos
Managing Composite Application in Apache StratosWSO2
 
"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)Tamas Bartok
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemixvvaswani
 
Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07carsonsystems
 
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Codemotion
 
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Red Hat Developers
 
Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management WSO2
 
Conociendo mule esb
Conociendo mule esbConociendo mule esb
Conociendo mule esbLarry Magallanes
 

More Related Content

What's hot

Full-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformFull-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformHP Seitz
 
Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Hussein Khazaal
 
API Webinar November 18th 2014
API Webinar November 18th 2014API Webinar November 18th 2014
API Webinar November 18th 2014Yenlo
 
Criando sua primeira App Service no Azure
Criando sua primeira App Service no AzureCriando sua primeira App Service no Azure
Criando sua primeira App Service no AzureJaqueline Ramos
 
Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Roshani Patel
 
BootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeBootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeOPITZ CONSULTING Deutschland
 
Azure Management Basics
Azure Management BasicsAzure Management Basics
Azure Management BasicsASPEX_BE
 
Load & Performance TESTING
Load & Performance TESTINGLoad & Performance TESTING
Load & Performance TESTINGGuido Serra
 
Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07carsonsystems
 
Micro frontends with react and redux dev day
Micro frontends with react and redux dev dayMicro frontends with react and redux dev day
Micro frontends with react and redux dev dayPrasanna Venkatesan
 
WebRTC & Asterisk 11
WebRTC & Asterisk 11WebRTC & Asterisk 11
WebRTC & Asterisk 11Sanjay Willie
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Nico Meisenzahl
 
Scaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyScaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyTori Wieldt
 
Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Waldyr Felix
 
Managing Composite Application in Apache Stratos
Managing Composite Application in Apache StratosManaging Composite Application in Apache Stratos
Managing Composite Application in Apache StratosWSO2
 
"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)Tamas Bartok
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemixvvaswani
 
Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07carsonsystems
 
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Codemotion
 
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Red Hat Developers
 

What's hot (20)

Full-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformFull-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA Platform
 
Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016
 
API Webinar November 18th 2014
API Webinar November 18th 2014API Webinar November 18th 2014
API Webinar November 18th 2014
 
Criando sua primeira App Service no Azure
Criando sua primeira App Service no AzureCriando sua primeira App Service no Azure
Criando sua primeira App Service no Azure
 
Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020
 
BootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeBootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die Motorhaube
 
Azure Management Basics
Azure Management BasicsAzure Management Basics
Azure Management Basics
 
Load & Performance TESTING
Load & Performance TESTINGLoad & Performance TESTING
Load & Performance TESTING
 
Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07
 
Micro frontends with react and redux dev day
Micro frontends with react and redux dev dayMicro frontends with react and redux dev day
Micro frontends with react and redux dev day
 
WebRTC & Asterisk 11
WebRTC & Asterisk 11WebRTC & Asterisk 11
WebRTC & Asterisk 11
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
 
Scaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyScaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization Journey
 
Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014
 
Managing Composite Application in Apache Stratos
Managing Composite Application in Apache StratosManaging Composite Application in Apache Stratos
Managing Composite Application in Apache Stratos
 
"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemix
 
Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07
 
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
 
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
 

Viewers also liked

Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management WSO2
 
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...WSO2
 
El mundo Big Data y las APIs
El mundo Big Data y las APIsEl mundo Big Data y las APIs
El mundo Big Data y las APIsBig Data Spain
 
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los serviciosWSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los serviciosWSO2
 
Introducción a SOA
Introducción a SOAIntroducción a SOA
Introducción a SOArdiegoc
 
API Management architect presentation
API Management architect presentationAPI Management architect presentation
API Management architect presentationsflynn073
 

Viewers also liked (9)

Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management
 
Conociendo mule esb
Conociendo mule esbConociendo mule esb
Conociendo mule esb
 
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
 
Bpel y Open Esb
Bpel y Open EsbBpel y Open Esb
Bpel y Open Esb
 
El mundo Big Data y las APIs
El mundo Big Data y las APIsEl mundo Big Data y las APIs
El mundo Big Data y las APIs
 
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los serviciosWSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
 
Introducción a SOA
Introducción a SOAIntroducción a SOA
Introducción a SOA
 
Arquitectura Orientada a Servicios (SOA)
Arquitectura Orientada a Servicios (SOA)Arquitectura Orientada a Servicios (SOA)
Arquitectura Orientada a Servicios (SOA)
 
API Management architect presentation
API Management architect presentationAPI Management architect presentation
API Management architect presentation
 

Similar to Sharing Best Practices and Recommendations from the Integration Battlefield

Lessons from the Trenches: Building an API-Centric Architecture
Lessons from the Trenches: Building an API-Centric ArchitectureLessons from the Trenches: Building an API-Centric Architecture
Lessons from the Trenches: Building an API-Centric ArchitectureWSO2
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCISven Bernhardt
 
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e... Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...VMware Tanzu
 
WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2
 
Building APIs in a Cloud Native Era
Building APIs in a Cloud Native EraBuilding APIs in a Cloud Native Era
Building APIs in a Cloud Native EraNuwan Dias
 
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Diasapidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Diasapidays
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerWSO2
 
Tampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday DockerTampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday DockerSakari Hoisko
 
Docker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationDocker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationAlex Vranceanu
 
Scaling DevSecOps Culture for Enterprise
Scaling DevSecOps Culture for EnterpriseScaling DevSecOps Culture for Enterprise
Scaling DevSecOps Culture for EnterpriseOpsta
 
Introducing The WSO2 Platform
Introducing The WSO2 Platform Introducing The WSO2 Platform
Introducing The WSO2 Platform WSO2
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCISven Bernhardt
 
Monitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to backMonitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to backIcinga
 
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Yenlo
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCISven Bernhardt
 
SplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by SplunkSplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by SplunkSplunk
 
Docker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker, Inc.
 
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industryCombining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industryWSO2
 
Big Data, Analytics and Real Time Event Processing
Big Data, Analytics and Real Time Event Processing Big Data, Analytics and Real Time Event Processing
Big Data, Analytics and Real Time Event Processing WSO2
 
Introduction to WSO2 Storage Server
Introduction to WSO2 Storage Server Introduction to WSO2 Storage Server
Introduction to WSO2 Storage Server WSO2
 

Similar to Sharing Best Practices and Recommendations from the Integration Battlefield (20)

Lessons from the Trenches: Building an API-Centric Architecture
Lessons from the Trenches: Building an API-Centric ArchitectureLessons from the Trenches: Building an API-Centric Architecture
Lessons from the Trenches: Building an API-Centric Architecture
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
 
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e... Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
 
WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5
 
Building APIs in a Cloud Native Era
Building APIs in a Cloud Native EraBuilding APIs in a Cloud Native Era
Building APIs in a Cloud Native Era
 
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Diasapidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API Manager
 
Tampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday DockerTampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday Docker
 
Docker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationDocker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - Presentation
 
Scaling DevSecOps Culture for Enterprise
Scaling DevSecOps Culture for EnterpriseScaling DevSecOps Culture for Enterprise
Scaling DevSecOps Culture for Enterprise
 
Introducing The WSO2 Platform
Introducing The WSO2 Platform Introducing The WSO2 Platform
Introducing The WSO2 Platform
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
 
Monitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to backMonitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to back
 
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
 
SplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by SplunkSplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by Splunk
 
Docker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to Docker
 
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industryCombining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industry
 
Big Data, Analytics and Real Time Event Processing
Big Data, Analytics and Real Time Event Processing Big Data, Analytics and Real Time Event Processing
Big Data, Analytics and Real Time Event Processing
 
Introduction to WSO2 Storage Server
Introduction to WSO2 Storage Server Introduction to WSO2 Storage Server
Introduction to WSO2 Storage Server
 

More from WSO2

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessWSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfWSO2
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaWSO2
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingWSO2
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2
 

More from WSO2 (20)

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 

Recently uploaded

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxAbida Shariff
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform EngineeringJemma Hussein Allen
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Thierry Lestable
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...Sri Ambati
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaRTTS
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Product School
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1DianaGray10
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsVlad Stirbu
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...Product School
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Product School
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...Product School
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 

Sharing Best Practices and Recommendations from the Integration Battlefield

  • 1. Isabelle Mauny VP, Product, WSO2 Last Updated: Nov 2014 Lessons from the ba.lefield Tuesday, December 9, 14
  • 2. 2 About the speaker... ๏ French na)ve ๏ Living in Madrid ๏ Working mostly in Sri Lanka and Europe ๏ 17 years @ IBM, 5 years in startups ๏ Managing the overall WSO2 porEolio ๏ Linux command line user... Tuesday, December 9, 14
  • 3. 3 Who is WSO2 ? ๏ Open Source Middleware Pla2orm Provider ๏ Apache 2.0 License ๏ Provides Integra?on, API Management, Security and Mobile enterprise management products ๏ Main contributor to Apache Stratos PaaS ๏ Creators of DevOps “AppFactory” cloud solu?on Tuesday, December 9, 14
  • 5. Architecture Roadmap 5 Decompose your exis7ng business processes, data and capabili7es into services Make all services accessible via APIs, externally and internally Put services and APIs under control ! Build an ecosystem around your APIs Collect data on your new products and APIs 1 2 3 4 5 Tuesday, December 9, 14
  • 6. 6 Crea%ng and Managing Services Tuesday, December 9, 14
  • 7. 7 Services and APIs ๏ Service deals with implementa)on ๏ API deals with subscrip)on (consumer) ๏ Two very dis)nct life cycles ! ๏ You don’t need the service to create the API... Tuesday, December 9, 14
  • 8. 8 API Lifecycle ๏ An API can pass through mul)ple states ๏ For example: ๏ CREATED ๏ PUBLISHED ๏ DEPRECATED ๏ RETIRED ๏ BLOCKED ๏ Should integrate with complete governance lifecycle Tuesday, December 9, 14
  • 9. 9 Building a Managed API ๏ Crea)ng APIs (interface, docs, samples,etc.) ๏ Adver)sing APIs ๏ Making APIs subscribe-­‐able by consumers ๏ Associa)ng SLAs ๏ Securing APIs ๏ Mone)za)on and Analy)cs Tuesday, December 9, 14
  • 10. 10 API Security Tuesday, December 9, 14
  • 11. 11 API Security ๏ Security is not an aer thought ! ๏ APIs are part of a much larger enterprise picture ๏ How will consumers request an access token ? ๏ Using a SAML 2.0 asser)on ? ๏ Using client_creden)als ? ๏ Using userid/password ? ๏ Make sure you document thoroughly how developers need to manage tokens: ๏ Tokens are like passwords! ๏ Always use SSL for token transporta)on ! ๏ Use Domain restric)ons (WSO2 API Manager) Tuesday, December 9, 14
  • 12. 12 Fine-­‐grained access to APIs ๏ OAuth2 is all about access control: a token is associated to a scope. ๏ XACML (eXtensible Access Control Markup Language) is the de-­‐facto standard for fine-­‐grained access control. ๏ OAuth scope can be represented in XACML policies ๏ Provides fine grain control over what a user/applica?on can do ( i.e. you can call GET but not POST on an API) Tuesday, December 9, 14
  • 13. 13 Passing Auth Informa:on to back-­‐end services ๏ Using JSON Web Tokens (JWT) ๏ Lightweight ๏ Can be signed ๏ Easy to parse and consume ๏ Standard Tuesday, December 9, 14
  • 14. 14 Token Format ๏ JWT Structure {token info}.{claims list}.{signature} ๏ Base-­‐64 Encoded Tuesday, December 9, 14
  • 15. 15 What are Claims ? ๏ Claims are a set of ahributes about a user, mapped to the underlying user store. ๏ A set of claims is called a dialect Tuesday, December 9, 14
  • 16. 16 Deployment Tuesday, December 9, 14
  • 17. 17 Gateway vs. ESB ๏ Oh, but I already have an ESB ! Why do I need a gateway ? ๏ API Gateway vs. Media)on Layer (ESB) ๏ Gateway = light ESB ? ๏ Think ESB as an architecture pahern, not a product! Tuesday, December 9, 14
  • 18. 18 Generic Facade Pa.ern ๏ Pros ๏ No addi)onal hop in the network ๏ Single Server to be managed ๏ More suited for internal deployments ๏ Cons ๏ Complexity of integra)on at edge of network ๏ API Management layer can’t really scale independently ๏ Not appropriate for DMZ deployments (direct access to backend services) Tuesday, December 9, 14
  • 19. 19 Separated Facade & MediaWon ๏ API Gateway Layer acts as simple reverse proxy, enforcing basic policies ๏ Clear separa?on of concern between layers ๏ Media?on layer and API management layer scale independently ๏ Specific security checks/protec?on at edge of the network ๏ Provides protocol transforma?on to the edge of the network Tuesday, December 9, 14
  • 20. 20 Specific WSO2 SoluWon ๏ Our API gateway is actually a full-­‐blown ESB under the hood, constrained at UI level. ๏ You can install the missing ESB features on top of API manager and combine both architecture layers into a single run)me! ๏ Makes the choice a deployment one. Tuesday, December 9, 14
  • 21. 21 Typical Deployment Tuesday, December 9, 14
  • 22. 22 Users Store ๏ Separate admins / corporate users from the developers users’s store (created via self-­‐sign up) Tuesday, December 9, 14
  • 23. 23 You can’t manage what you can’t measure. Tuesday, December 9, 14
  • 24. 24 Why Analy:cs and API Management are important together? ๏ Build confidence in the API model ๏ Understand your customer ๏ Not just the developer but also the end-­‐user ๏ Help manage services and versions ๏ Understand when deprecated services can be re?red ๏ Plan beZer ๏ Monitor the growth of aggregated API traffic ๏ Monitor the growth of specific apps ๏ Even if you’re not going to put analy?cs in place, make sure you capture all events right from beginning of project. Tuesday, December 9, 14
  • 25. 25 AnalyWcs 101: AggregaWon • How to collect data efficiently • How to store data effec)vely • Choose which data to capture Tuesday, December 9, 14
  • 26. 26 AnalyWcs 101 : Analysis • Data opera)ons • Defining KPIs and analy)cs • Opera)ng on large amounts of historical or current data • Crea)ng intelligence Tuesday, December 9, 14
  • 27. 27 AnalyWcs 101 : PresentaWon • Visualiza)on • Dashboards • Reports Tuesday, December 9, 14
  • 28. 28 Monitor And Analyze ๏ Take decisions in real ?me through Complex Event Processing ๏ Create dashboards for both technical and business monitoring Tuesday, December 9, 14
  • 29. 29 DetecWng Usage Pa.erns ๏ My API customer is trying to steal my business : let’s block them. ๏ A customer is at 80% of API plan : let’s warn them ๏ A customer is systema)cally at 120% of the plan : propose an upgrade to the premium plan Tuesday, December 9, 14
  • 30. 30 Demo Tuesday, December 9, 14
  • 31. 31 Demo Setup Tuesday, December 9, 14
  • 32. 32 References ๏ Building an ecosystem for API Security (White Paper) ๏ hhp://wso2.com/whitepapers/wso2-­‐whitepaper-­‐building-­‐an-­‐ecosystem-­‐for-­‐api-­‐ security/ ๏ API Facade Pahern (Webinar) ๏ hhp://wso2.com/library/webinars/2014/01/implemen)ng-­‐api-­‐facade-­‐using-­‐ wso2-­‐api-­‐management-­‐plaEorm/ ๏ API Management: missing link for SOA ๏ hhp://sanjiva.weerawarana.org/2012/08/api-­‐management-­‐missing-­‐link-­‐for-­‐ soa.html ๏ Promo)ng Service Reuse ๏ hhp://wso2.com/whitepapers/promo)ng-­‐service-­‐reuse-­‐within-­‐your-­‐enterprise-­‐ and-­‐maximizing-­‐soa-­‐success/ Tuesday, December 9, 14
  • 33. 33 Download API Manager today! ๏ hhp://wso2.com/products/api-­‐manager/ Tuesday, December 9, 14
  • 34. Contact us ! Tuesday, December 9, 14