api centric enterprises

49
API Centric Enterprises Sumedha Rubasinghe, WSO2 July, 2013

Upload: wso2

Post on 20-May-2015

770 views

Category:

Technology


3 download

TRANSCRIPT

Page 1: Api centric enterprises

API Centric Enterprises

Sumedha Rubasinghe, WSO2July, 2013

Page 2: Api centric enterprises

● Providing the only complete open source componentized cloud platform

● Dedicated to removing all the stumbling blocks to enterprise agility

● Enabling you to focus on business logic and business value● Recognized by leading analyst firms as visionaries and leaders● Gartner cites WSO2 as visionaries in all 3 categories of

application infrastructure● Forrester places WSO2 in top 2 for API Management● Global corporation with offices in USA, UK & Sri Lanka● 200+ employees and growing● Business model of selling comprehensive support &

maintenance for our products

About WSO2

Page 3: Api centric enterprises

150 globally positioned customers

Page 4: Api centric enterprises

API Centric Enterprises..

Page 5: Api centric enterprises

Information Systems in Enterprises..

Page 6: Api centric enterprises

Internal Integration

Page 7: Api centric enterprises

Internal Upgrades

Page 8: Api centric enterprises

Partner Integration

Page 9: Api centric enterprises

Business Expansions

Page 10: Api centric enterprises

You're not the only one ...

Page 11: Api centric enterprises

Business APIs - why?

Source : http://www.slideshare.net/jmusser/j-musser-apibizmodels2013

Page 12: Api centric enterprises

You're not alone..

Source : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/

Page 13: Api centric enterprises

You're not alone..

Source : http://blog.programmableweb.com/2011/05/25/who-belongs-to-the-api-billionaires-club/

Page 14: Api centric enterprises

Challenges

● How to create API centric business?○ Why?○ For whom?

● Authentication & Authorization○ Subscription Management○ Access Provisioning

● How to control access?○ Throttling

● Monitoring & SLA

Page 15: Api centric enterprises

Challenges

● Revenue Generation○ Stat collection○ Billing Model

● Selling your APIs○ Advertising○ Store○ Subscription Tiers

● Deployment○ Fail safe○ Scalable

● many more..

Page 16: Api centric enterprises

An API Management Solution will help to overcome/manage these challenges.

Page 17: Api centric enterprises

API Management using WSO2 Platform

Page 18: Api centric enterprises

WSO2 Platform

Page 19: Api centric enterprises

WSO2 API Manager

● Part of award winning WSO2 Carbon Platform● API Publishing, API Store, Gateway, Statistics

collection

● Apache2 Licensed● Only Open Source API Management Platform● Utilizes proven WSO2 Components

○ WSO2 Enterprise Service Bus○ WSO2 Identity Server○ WSO2 Governance Registry

Page 20: Api centric enterprises

Key ComponentsKey Components

Page 21: Api centric enterprises

API lifecycle begins ..

● Production ready backend implementation● Create API

○ API Design○ Life cycle (created,published, blocked,...)

● Documentation, Samples● Publish APIs

Page 22: Api centric enterprises

API Publisher

● Starting point of API creation● Control API Lifecycle● Manage API meta data● Documentation

○ Supporting documents○ API documentation (Swagger support)

● Versioning● Subscription Management● API Visibility Management

Page 23: Api centric enterprises

API Publisher

● Configuring Throttle settings● Resource level authorization● Extensions

○ Custom API definition

Page 24: Api centric enterprises

API Store

● Store of published APIs● Enterprise API Store

○ Visibility : internal, partner, external

● Password controlled access● Self-sign up

○ Authorization flow (coming up)

● Support for multiple user stores● Theming Support● Powered by data APIs

○ write your own store○ Ability to integrate with existing portal

Page 25: Api centric enterprises

API Store

● Single Sign On (SSO) - existing enterprise portals● http://store.apicultur.com

Page 26: Api centric enterprises

API Gateway

● API calls go through API Gateway● Runtime actions(via handlers):

○ Token validation○ Statistics collection○ Throttling checks

● API traffic routing● Extensions

○ Custom runtime actions○ Custom routing logic○ Mediation, enrichment○ API gateway = WSO2 ESB Core + handlers

Page 27: Api centric enterprises

API Centric Enterprises - How WSO2 API Manager can help?

Page 28: Api centric enterprises

Building API Centric Enterprises

● Identify the need○ Answer the why question○ Figure out

■ Audience■ Business Model

Page 29: Api centric enterprises

Building API Centric Enterprises

● Protocol Style○ REST

■ Per resource path authorization scheme● eg:

○ GET /books/1.0.0/list - application token○ POST /books/1.0.0/purchase - user token

● Same API (books), different token types

Page 30: Api centric enterprises

Building API Centric Enterprises

● Data Formats○ JSON, XML○ Message Relaying

■ Virtual any data format in message body■ Not reading message body content■ Faster message delivery

Page 31: Api centric enterprises

Building API Centric Enterprises

● Supported backends○ OOB functionality for SOAP & REST○ Through extensions:

■ eg:● Sending to a JMS endpoint● Write to a file (VFS transport)● Custom connectors

Page 32: Api centric enterprises

Building API Centric Enterprises

● API Traffic Routing○ OOB Support

■ Two endpoints : Production & Sandbox○ Through extensions:

■ Message header based routing■ Body based routing■ User Profile based routing■ Load balanced routing (default: round robin)■ Failover endpoint routing■ many more..

Page 33: Api centric enterprises

Building API Centric Enterprises

● Mediation Flow○ OOB Support

■ Request Flow● Accept the incoming message● Perform token validation, throttling checks, statistics collection● Dispatch to endpoint (Production | Sandbox)

■ Response Flow● Receive response from backend● Statistics collection● Dispatch to API invoker

■ Faulty Message Flow● If an error occurred while communicating with backend

Page 34: Api centric enterprises

Building API Centric Enterprises

● Mediation Flow○ Through extensions:

■ Supports any mediation flow supported by WSO2 Enterprise Service Bus

Page 35: Api centric enterprises

Building API Centric Enterprises

● Connecting to existing User Stores○ OOB Support

■ LDAP■ Active Directory■ Built-in RDBMS schema■ Connecting to multiple user stores simultaneously

● Internal User Store● External User Store

Page 36: Api centric enterprises

Building API Centric Enterprises

● Access Controlling the APIs○ OOB Support

■ OAuth2 based token support■ Standard endpoints for token

● obtaining/refreshing/revoking

■ Token Management capabilities■ Per API invocation statistics collection■ Token linked to user profile

○ Through extensions:■ Ability to plugin custom authentication,

authorizations through handlers

Page 37: Api centric enterprises

Building API Centric Enterprises

● Information passing to backend systems○ Backend systems tend to have their own AnA logic○ OOB Support

■ Token is linked to a user profile■ Obtain details of the user■ Send to backend using a JWT (JSON Web Token)

Page 38: Api centric enterprises

Building API Centric Enterprises

● API Statistics○ OOB support

■ Statistics collection per invocation■ Request/Response/Faulty flows■ Default support for storing in WSO2 BAM

● WSO2 BAM features an embedded Cassandra storage● Analyze/store using Apache Hive● Reporting on top of analyzed data

○ Through extensions■ Pump data into different storage■ Collect data @ different pointcuts

Page 39: Api centric enterprises

API Statistics

Page 40: Api centric enterprises

API Statistics

● Data Collection (Agents)● Data Transfer● Data Storage

○ scalable

● Post Processing○ Data Summarization○ Change of storage○ Analytics

Page 41: Api centric enterprises

Building API Centric Enterprises

● App Developer Support○ Documentation on how Application Developers should

use API Store

○ http://docs.wso2.org/wiki/dashboard.action○ http://docs.wso2.

org/wiki/display/AM140/WSO2+API+Manager+Documentation

Page 42: Api centric enterprises

Building API Centric Enterprises

● API Versioning Support○ Version - part of endpoint URI

■ eg: GET books/1.0.1/list

Page 43: Api centric enterprises

Building API Centric Enterprises

● Throttling Support○ OOB support

■ Built-in throttling policies■ Stored in Registry done using XML

○ Through extensions■ define your own throttling policies

Page 44: Api centric enterprises

Building API Centric Enterprises

● API Store - Custom Theming○ Different enterprises have their own themes○ Existing portals○ OOB Support

■ 3 built-in sample themes■ Ability to override

○ Through extensions■ Powered by backend data APIs (JSON, UT)■ Write your custom API Store

Page 45: Api centric enterprises

https://store.apicultur.com

Page 46: Api centric enterprises

Building API Centric Enterprises

● Deployment Models○ API Characteristics

■ Access Patterns■ API domain

○ Volatile access load■ Sudden spikes■ Periodic spikes

○ Scalable deployment■ Hosting Cost vs Benefit■ Cost of scaling■ IaaS

Page 47: Api centric enterprises

Summary

● Having a Business API is considered a strategic advantage

● Enterprises are moving toward API centric● WSO2 API Manager is part of WSO2’s Carbon

Middleware Platform

● WSO2 API Manager consists of many enterprise ready features to convert your enterprise into an API Centric one.

Page 48: Api centric enterprises

Engage with WSO2

•Helping you get the most out of your deployments

•From project evaluation and inception to development and

going into production, WSO2 is your partner in ensuring 100%

project success

Page 49: Api centric enterprises

Response Caching

● Time sensitivity / value of data● Frequency of access● Geographical distribution