WSO2 API Platform: Vision and Roadmap

Last Updated: August. 2015
WSO2 API Management
Vision and Roadmap
Vice President, Platform Evangelism, WSO2
Chris Haddad
Solutions Architect, WSO2
Shiroshica Kulatilake

Agenda
o Key goals and challenges driving API platform adoption
o WSO2 API Platform capabilities and advantages
o Visionary platform use cases
o Innovative customer success stories

Applications
Platform
Business Process,
Rules & Workflows
Platform-as-a-Service
Identity Admin
Services
Monitoring
Business APIs
Device Cloud
Realtime Events
Processing
Devices OEMs Enterprises
Integration
Common Business Architecture

REST Easy with API 101
An API is a business capability delivered over the Internet
to internal or external consumers
• Network accessible function
• Available using standard web protocols
• With well-defined interfaces
• Designed for access by third-parties
http://wso2.com/whitepapers/rest-easy-api-design-evolution-and-connection/

API Adoption Barriers
Inability to configure
service per consumer
Limited Scale
Difficult to manage
requirements and
coordinate schedules
Difficult On-Ramp
Invisible business capabilities
Poor documentation
Lengthy access process
Delivery concerns
trust in stability, reliability,
availability, performance
Security Risks

To Solve Adoption Barriers:
Evolve beyond Naked APIs
A Managed API is:
✓ Actively advertised and subscribe-able
✓ Exhibits high Quality of Service (QoS)
✓ Available with Service Level Agreements (SLAs)
✓ Secured, authenticated, authorized and protected
✓ Monitored and monetized with analytics
http://wso2.com/whitepapers/wso2-whitepaper-soa-and-api-convergence-strategy-and-tactics/

Why use an API Management Platform
o Easily build and deploy a managed API
o Rapidly re-factor legacy services as consumable
RESTful APIs
o Increase API adoption
o Solve difficult Quality of Service, lifecycle, and
governance challenges
o Demonstrate API business value
http://wso2.com/whitepapers/api-management-platform-technical-evaluation-
framework/

What API Management Platform Offers
o Increase API adoption
o Enhance API visibility by offering developer portal
o Offer self-service access
o Engage the community
o Easily build and deploy a managed API
o Apply RESTful API design notations
o Assign service level tiers and access controls
o One button publication into production

o Rapidly re-factor legacy services as consumable
RESTful APIs
o Mediation primitives
o Align developer experience with RESTful design

o Solve difficult Quality of Service, lifecycle, and
governance challenges
o Service level tiers, monitoring
o Approval workflow
o API versioning and lifecycle states
o Demonstrate API business value
o Subscription, usage, performance, monetization

API Platform
Evaluation Vectors
o Solutions Architecture
o Design and Implement
o Secure
o Publish and Engage
o Monitor and Manage
o Analyze API Interactions

Solutions Architecture
Category Score
Intuitive Development Experience
DevOps Friendly
Delivers High Quality of Service and Performance
Easily Deployed in Your Run-time Environment
Pluggable, Extensible, and Themable
Platform APIs
Platform multi-tenancy support
Efficient Pricing and Excellent Support

Enterprise SOA and API Integration
Platform: API-centric View

API Design and Implementation
Category Score
API Design
API Documentation
API Façade Development
API Mediation and Orchestration
Service Level Definition
API Test

o ???
Safely and securely deliver mission critical APIs

Secure
Category Score
Access Control, Authentication, and Key
Management
Governance and Compliance
Attack Prevention
Confidentiality, integrity, and privacy
Identity and Credential Management
Infrastructure Integration and Deployment
Topology
Trust and Policy
User Management

Passing Auth Information to back-end services
o Using JSON Web Tokens (JWT)
o Lightweight
o Can be signed
o Easy to parse and consume
o Standard

Foster API Team Collaboration
Image: © Rawpixel - Fotolia.
com

Publish and Engage
Category Score
API Consumption
API Economy
API Publication
Community Management

Boost the API Economy
o Fully customizable look and feel
o Multiple Storefronts for diverse communities
o Multiple publisher groups
o Flexible Service Level Tiers
o Flexible monetization engine

Monitor and Manage
Category Score
Configuration Management
Release Management
Patch Management
Policy Management
Service Level Management
High Availability and Reliability
Performance
Disaster Recovery
Monitoring and Alerts
Compliance Reporting and Governance

Operate at the Speed of Business
Govern the API

Govern the API
Category Score
Dashboard
Lifecycle Management
Meta-data Management
Portfolio Management
Service Level Management
Usage Management
Version Management

API Product Governance
o Manage Dependencies
o Track adoption
o Usage and Subscription Tracking
o Manage Compatibility
o Backwards or Forwards
o Versioning
o Communicate Migration Strategies
o Deprecation, Retirement

End to End Governance
o An API can pass through multiple states
o CREATED
o PUBLISHED
o DEPRECATED
o RETIRED
o BLOCKED
o Service Alignment

Compass and Gearing
You can’t manage
what you can’t measure.

Analyze API Interactions
Category Score
API Economy
Architecture
Compliance
Developer Experience
Monitoring and Management
Portfolio Management
Security
Usage

3
0
Why Analytics and API Management are important together?
o Build confidence in the API model
o Understand your customer
o Not just the developer but also the end-user
o Help manage services and versions
o Understand when deprecated services can be retired
o Plan better
o Monitor the growth of aggregated API traffic
o Monitor the growth of specific apps
o Even if you’re not going to put analytics in place, make sure you
capture all events right from beginning of project.

WSO2 API Management 1.9
• Sharing capabilities for Applications (subscriptions)
• Pluggable Versioning Pattern
• Support for OAuth 2.0 back-ends.
• Support for third party Identity Systems for Key
Management.

WSO2 API Management Roadmap
• Improved Developer Experience
• Data Model support for response (JSON Schema)
• API Explorer
• Web based test execution
• Enhanced Community Collaboration
• Notification Support

WSO2 API Management Roadmap
• Security and Scalability
• Security Access Control Tool
• Social Media Login
• Complex Throttling Rules
• DevOps Advantage
• Improved Import/Export capabilities
• DevOps Configuration Screens
• API Monitoring dashboard
• Provisioning Improvement

Future Gate
http://wso2.com/api-management/try-
it/
http://wso2.com/cloud/api-cloud/
Access the WSO2 API Platform

WSO2 API Management
Case Studies

Case Study: StubHub
– Managing high volumes of data for viral
businesses
StubHub needed an API centric
architecture to become the
worldwide destination for an end-
to-end experience for fans
ProductProduct
Challenge
• StubHub was missing out on potential channel of new business
revenue with a looming competitive threat from industry peers and
newcomers
• The solution demanded the development of an API economy strategy,
and re-architecting a running business
• There was a need for a scalable system, which while handling high
volumes of data, also has the ability to constantly evolve as an agile
system
• It had to not only be a product, but a platform that can leverage broad
third-party developers and businesses to thrive
Solution
• A high performance and scalable API management solutions system
that can handle high volumes of traffic
• A simple lifecycle model that can be customized and extended to align
with the company’s API strategies
• WSO2’s integration suite not only exposes existing capabilities, but
helps to deploy new systems to maximize value, analyze, results, etc.

Case Study: Axiata-MIFE
– A Platform for Telcos to expose Services
Axiata needed a horizontal
platform to integrate with rapidly
evolving OTT providers
Products
Challenge
• Create a collaborative web-centric layer to which plugging in partner
services is seamless and easily accepted
• The solution had to be scalable, flexible in deployment, interoperable,
robust and most importantly low on cost
• The ability to constantly evolve as an agile system was a must since
service consumers had to be provided with fast time to market and
service providers had to be able to churn out the needed services and
integrate these rapidly
• Reusable components had to be introduced which would take care of
the main integration aspects
Solution
• A Platform which provided API and Identity federation in an easily
pluggable and extendable manner
• Created “Gateway” and “Hub” reusable components for integration
points
• A deployment which is hybrid with a suite of products which are both
cloud and on-premise friendly
• Linked to GSMA hub, Axiata hub and many Mobile Network Operators
as pure “Gateways”

Case Study: State of Arizona
- PaaS based API centric solution
A Private PaaS solution to
onboard all state agencies to a
single platform.
Challenge
• Build an API centric DevOps PaaS with on demand scaling of
middleware
• Create APIs which could be used across different state departments
with different policy levels being applied when consumed through a
state department application
• Provide federated identity with a Statewide unified security
architecture enabling internal and external login with Policy based
Authentication & Authorization
• A Statewide governance model spanning across design, development
through production
Solution
• A platform that facilitates onboarding of State Agencies, DevOps,
Citizen and Employee profiles
• A solution based on Open architecture and modular design
• Reusable app services and a platform to leverage analytics to improve
operations
• Highly extensible, Scalable architecture capable of driving processes
Products

Case Study: Fidelity
- An Enterprise Solution which spans multiple
environments
An API Management platform
with artefacts catalogued and
governed across multiple
environments
Challenge
• Need to support Artefacts (Services and API’s) through an elaborate
lifecycle process
• Maintain a separate set of environments for Development, Testing and
Productions which had to be integrated with each of the products
dealing with those artifacts
• Govern the lifecycle of Artefacts across all environments to thrive
Solution
• An API Solution that provides a re-usable service catalogue that can
be utilized by developers
• A Governance solution that governs artefacts across multiple
environments from development and testing through production using
the extension points in the middleware products
• High Availability setup through Active/Active Deployments plus data
center replication and cross site failover setup
Products

WSO2 API Management
Effective Usage

4
4
API-M - Distributed Deployment

4
5
API-M - Multi Datacenter Deployment

Integrating within the Platform

Integrating outside the Platform

User Experience
• Design
- API console, Documentation, Import swagger definitions
• Testing
- Console, ReadyAPI integration
• Subscription
- Search, try it, community features
• Automation
- Import/export, Mulitple gateways, REST APIs

Connect the WorldConnect the World

WSO2 API Platform: Vision and Roadmap

More Related Content

What's hot

Viewers also liked

Similar to WSO2 API Platform: Vision and Roadmap

More from WSO2

Recently uploaded

WSO2 API Platform: Vision and Roadmap