The document outlines the role of API management and governance within enterprises, highlighting challenges such as silos, lifecycle management, and the need for collaborative platforms. It introduces the WSO2 API Manager as a solution that addresses these governance issues by providing a single platform for managing APIs, ensuring security, and analyzing usage data. Additionally, it promotes the importance of a governance registry to foster trust, share resources, and accelerate time to market.

1. API Management &
Governance in an
Enterprise
30 March 2015
Principal Architect – Aditi + STC (a Harman company)
13 years of experience.
Architecting Enterprise solutions across retail, healthcare,
finance, e-commerce.
-Leveraging open source stack - Middleware, NoSQL over AWS
-Speaker @ WSo2 conferences, contribute to Java.net projects

2. Agenda
2
• ABOUT ADITI_STC
• APIs/SERVICES IN AN ENTERPRISE
• CHALLENGES FACED BY MANY
• GOVERNANCE ASPECTS ACROSS LIFECYCLE
• API MANAGER - what does it address
• GOVERNANCE REGISTRY – what does it address
• DEMO

3. STC + ADITI Overview
3

4. We Provide Innovative Software Solutions
4
CLOUDDESIGN MOBILITY ANALYTICS
Member of Open
Handset Alliance
Android Device
Certification
Partner
Only Services
Company in the
OAA
Best IoT
partner
Windows
Azure Partner
of the Year

5. SYMPHONY TELECA IS YOUR GLOBAL INNOVATION
AND DEVELOPMENT PARTNER
REPRESENTATIVE CLIENT
LIST
Over 600 clients globally
$400M+ in revenue
7,500 employees in 40 offices
Delivery centers in Argentina, China,
India, Poland, Russia, US
AWARDS
GROWING
AT 25% YOY




… at a Global scale
5

6. APIs in an Enterprise
6

7. APIs – Integral part of Enterprise
7
They are everywhere…
• Shared/Utility services
• Mediation/ Broker
services
• Identity services
• Data services
• Business as a Service
• Mobile strategy
• … and many more
Within
Application
Across
applications
(within
enterprise)
Outside
Enterprise
(across
partners)
Maturity
Complexity

8. APIs – Silos & Un Managed?
8
Silos? Un Managed?
• Each LOB re-inventing the wheel?
• Cost savings?
• Time to market?
• Maintenance overhead?
• Catalog of services against functionality?
• Dependencies & associations within
services
• Who are the consumers of my service?
• Versioning? Sharing of assets?

9. Governance challenges
9

10. APIs – Lifecycle & Governance aspects
10
Governance across stages… | Design Time & Run Time Governance
Planning
• Searchable -Catalog, De-
duplication
• Capture - Consumers &
Providers
• Capturing requirements
• NFR (perf., security)
• Policies & Metadata
Build - Develop
• Capture Lifecycle
• Notifications on events
• Capture dependency &
• association
• Re-use & Collaboration
• Environment Mapping
& deployment across
Run
• Analyze usage pattern
Of APIs
• SLA & Performance -
Response times
• Subscription statistics
• Monitoring & Metering
• Security
Share
• Communication &
Collaboration
• Artefacts repository
• Forum & Feedback
• Documentation
• Versioning

11. Solution Aspects
11
Governance Registry
BAM
Monitoring
API Manager

12. API Manager – what challenges does it address?
12
A single platform to publish APIs, subscribe to them.
Also handles security, documentation & collaboration.
• Browse/Search for APIs
• Subscribe to APIs
• Forum, Feedback & Rating
• Production & Sandbox
• API Keys - OAuth
• Create APIs
• Publish APIs & Documentation
• Manage Throttling, Versioning
• Lifecycle – Prototype/ Publish
• Contact Info. & Statistics
Publisher
Store
• Gateway serves all API
invocations
• Takes care of throttling
• Key Mgr. handles security
Gateway
&
Key Mgr.

13. API Manager + BAM – runtime Governance
13
Platform to aggregate, analyze & report on API usage
data. – Who uses my APIs? How & When?
• Predefined OOTB reports
• Ability to write custom Hive
queries
• Create custom visualizations
using Toolbox.
• Connect API Manager to BAM
• Push Log data to BAM
• JSON format
• API to push data
Collect
data
Inbuilt &
custom
queries
• Use in Dev for debugging
purposes
• Single place to analyze logs
• Prod to measure subscription,
response time, usage pattern
• End consumer personalization
Dev &
Prod
usage

14. Governance Registry – what challenges does it address?
14
• A single platform across the Enterprise to manage
the APIs, Services, Policies and other artefacts.
• Foster trust, share & re-use, cost savings &
accelerate time to market.
• Create APIs, Services, WSDLs
• Policies & Sequences
• Share across multiple apps by
mounting Governance
registry
• Registry extension – model
types & their meta data
• Create consumers, providers
• Applications & Services
• Contact Info. & Statistics
Enterprise
Map
(rxt &
metadata)
Artefacts
(upload &
share)
• Lifecycle – Prototype/ Publish
• Handlers for media types
Lifecycle
&
Handlers
Provider
(External)
Seq/URL
Consumer
(Department)
Applicatio
n(s)
Service/
WSDL/ API

15. Governance Registry across Environments
15
Use keys instead of actual URLShared Governance Registry across Env.
Different Mount points.

16. WSO2 API Management Platform
16

17. WSO2 API Manager 1.9.0 released !!
17
• External Key Manager support
• Pluggable Version Strategy
• Applications/Subscription sharing
• Swagger 2.0 support
• Improved API Analytics toolbox (separate download)
• API Fraud Detection sample (separate download)

18. Q&A
18

19. 40
GLOBAL OFFICES
7500
EMPLOYEES
23
COUNTRIES
Top 10
Mobile Companies
Top 5
Outsourced Product Development Companies
2012 Partner of the year
Windows Azure, Finalist
Excellence Award
Technology Agency of the Year 2015