wso2con eu 2015: implementing an open api for smart thermostats with wso2′s api manager

 Open  API  implementa.on  for  Quby’s  

Smart  Thermostat  

Michiel  Fokke  IT  Architect  

Quby    

                                     smart  thermostat  

Smart  hub  integra.on  

Mobile  app  

Tablet  app  

Tablet  app  

Current  architecture  

Backend Applications

Access Layer

Asset Management Internet

Internet

Energy Displays

Mobile devices

VPN concentrator

Utility Backend

Mobile Backend

Selfcare Authenticatio

n Service

Current  Architecture  

•  Unmanaged  à  No  visibility  on  alterna.ve  use  of  API  

•  Proprietary  login  à  need  for  (encrypted)  storage  of  selfcare  password  on  device  

•  Undocumented  &  unsupported  API  

“Guerrilla”  innova.on  

Business  Objec.ves  

•  S.mulate  innova.on  by  offering  Open  API  •  Build  ecosystem  with  3rd  par.es  •  Enhance  control  on  access  •  Enhance  security  

Solu.on  Selec.on  Criteria  

•  Off  the  shelf  product  •  Support  for  OAUTH2  •  Developer  selfcare  •  Extensibility  •  Open  source  •  Affordable  support  •  Nice  to  have:  documenta.on  portal  

Solu.on  candidates  considered  

•  MuleSoV  •  WSO2  

•  Pro’s  for  WSO2:  •  Fully  Open  Source  •  Clear  pricing  model  for  support  and  

development  

Open  API  solu.on  design  

Backend Applications

Access Layer

Asset Management Internet

Internet

Energy Displays

Mobile devices

VPN concentrator

Utility Backend

WSO2 API Manager

Self care Authenticatio

n Service

Mobile Backend

Customiza.ons  

•  Custom  Authen.cator  Plugin  to  interface  with  proprietary  authen.ca.on  web  service  

•  User  claims  pass-­‐through  using  JWT  

Implementa.on  Experiences  

•  Stable  soVware  and  easy  to  deploy  •  Bundling  of  components  into  product  confusing  at  first  

•  Elaborate  documenta.on,  but  s.ll  insufficient  to  develop  plugin  successfully  (dev  support  solved  that)  

•   Solu.on  quite  complete,  but  lacks  portal  func.onality  to  withdraw  access  tokens  by  end-­‐users  

Pilot  Implementa.on  

Eneco  Toon  Hackathon  2015  

Eneco  Toon  Hackathon  2015  

60+  par.cipants  

14  working  apps  

Windows  Apps  

Windows  Apps  

DEMO

Apple  watch  app  

Winner:  Who  pays  Wae?  

Winner:  Who  pays  Wae?  

•  Cost  sharing  app  for  students  •  Using  smart  plug  usage  data  

heps://youtu.be/HjufeirKJiI  

Next  steps  

•  HA  Setup  for  produc.on  •  Migrate  own  apps  to  new  API  •  Start  using  API  manager  for  internal  API  usage  too  

Thank  You