Architecting an Enterprise API Management Strategy

Download Architecting an Enterprise API Management Strategy

Post on 15-Jul-2015




0 download

Embed Size (px)


<ul><li><p>Architec(ng an enterprise API management strategy </p><p>Mifan Careem Director, Solu0ons Architecture </p><p>WSO2 Mifan AT </p><p>APIdays Sydney February 2015 </p></li><li><p>Agenda </p><p> Introduc0on and case studies API Economy and factors API Management Overview API Management within a plaJorm API Management demo Reference Architectures APIs at the edge and IoT APIs Everywhere Applica0on Governance </p><p>Source: </p></li><li><p>WSO2 Who we are </p></li><li><p>We help customers become a Connected Business with enterprise middleware </p></li><li><p>Source: </p></li><li><p>Managed APIs and Enterprises </p><p>o An API is a business capability delivered over the Internet to internal or external consumers </p><p>o Network accessible function o Available using standard web protocols </p><p>o With well-defined interfaces o Designed for access by third-parties </p><p>o A Managed API is: o Actively advertised and subscribe-able o Available with SLAs o Secured, authenticated, authorized and </p><p>protected o Monitored and monetized with analytics </p></li><li><p>Strategy factors </p><p> API as a product vs API based products = API as a strategy vs API as a tactic </p><p> External API management vs internal API management </p><p>Developer ecosytem API ecosystem vs cloud-devops </p><p> API management and the enterprise </p><p> Business model Pay as you go, revshare, freemium,.. </p></li><li><p>Characteristics of Business APIs Protocols &amp; Styles API as the main product API as the brand Business Model - </p><p>Mone0za0on API Sta0s0cs Authen0ca0on &amp; </p><p>Authoriza0on ThroTling Caching Deployment Models </p></li><li><p>Architectural factors Deployment model </p><p> Distributed deployment, access token caching, </p><p> On-premise vs cloud vs hybrid, Cloud to enterprise access </p><p> Federated architecture </p><p> Large scale APIs Edge API management </p></li><li><p>API Centric SOA </p><p>12 </p><p>BU-1 BU-2 BU-3 </p><p>Services Services Services </p><p>APIs </p><p>API Faade </p></li><li><p>API Centric Capabili0es </p></li><li><p>WSO2 API Manager Components </p><p>o Create APIs o Find and </p><p>subscribe/buy APIs o API Store and </p><p>Governance </p><p>o Manage, secure and protect APIs o API Management and </p><p>Gateway </p><p>o Monitor and Mone0ze APIs o API Monitoring and </p><p>Analy0cs </p></li><li><p> Publish APIs to external consumers and partners, as well as internal users; SOAP and REST services are supported </p><p> Manage API versions (several versions can be deployed in parallel) </p><p> Govern the API lifecycle (publish, deprecate, re0re) </p><p> ATach documenta0on (les, external URLs) to APIs </p><p> Apply Security policies to APIs (authen0ca0on, authoriza0on) </p><p> ATach SLAs Provision and Manage API keys Track consumers per API Monitor API usage and </p><p>performance, SLA compliance Gather consumers requirements </p><p>WSO2 API Manager : API Publisher </p></li><li><p> Find useful APIs by browsing or searching through the API Store: </p><p>view top rated, top used and </p><p>featured APIs </p><p> Explore API documenta0on and ask ques0ons to publisher </p><p> Register applica0ons and obtain API keys </p><p> Subscribe to API changes and receive news </p><p> Evaluate APIs, rate APIs, and share comments </p><p> Request features and improvements from publishers </p><p> Par0cipate in online forums OAuth2 support for API access </p><p>WSO2 API Manager : API Consumers via API Store </p></li><li><p>Personalized Experience </p></li><li><p>API Gateway Processing Flow </p></li><li><p>API Access Tokens o OAuth2 standard compliant o Supports mul0ple grant types </p><p>o SAML, IWA/NTLM o Client creden0al, Implicit, Password </p><p>o Pre-generated Access Token: can be used from an applica0on, to iden0fy the applica0on itself </p><p>o On-demand Access Token: generated via API call, using Consumer Key and Consumer Secret - Iden0es the end user of an applica0on (web applica0ons, mobile applica0ons) </p><p>19 </p></li><li><p>The big picture </p><p>Source: hTps:// </p></li><li><p>The Open Enterprise is much more than just APIs Credit: KuppingerCole </p></li><li><p>API Management within an orthogonal toolset </p></li><li><p>API Manager Product and PlaJorm </p><p>24 </p></li><li><p>Analy0cs means business models </p><p>o API Manager supports out of the box: o Google Analy0cs o WSO2 Business Ac0vity Monitor Analy0cs </p><p>25 </p><p> Build condence in the API model </p><p> Understand your customer </p><p> Not just the developer but also the end-user </p><p> Help manage services and versions </p><p> Understand when deprecated services can be re0red </p><p> Plan beTer Monitor the </p><p>growth of aggregated API trac </p><p> Monitor the growth of specic apps </p></li><li><p>Scalable Deployment </p></li><li><p>Distributed Deployment </p></li><li><p>From edge API management to large scale distributed API management </p></li><li><p>Reference Architecture </p><p> API as a strategic product </p><p> Collabora0ve business model </p><p> Scalable horizontal deployment </p><p> Orthogonal toolset for ver0cal use cases </p><p> Federated architecture </p><p>Source: </p></li><li><p>Developer Eco-system for Telco </p><p>API Management </p><p>Payment Messaging Iden0ty Loca0on WebRTC NFC M2M, </p><p>Enterprise Developers Applica0ons Subscribers </p><p> U0lize partners to sell APIs </p><p> Newer business models revenue share from customer </p><p> Empower eco-system for RAD </p><p>OTT Customers </p></li><li><p>Telco API Management </p><p>API Gateway API Store Operator Portal </p><p>Transforma0on Adapters </p><p>Backend Systems (CRM) </p><p>Backend Systems </p><p>(Diameter) </p><p>Iden0ty </p><p>API Publisher </p><p>Workows </p><p>Audi0ng and Repor0ng </p><p>Developer Ecosystem </p><p>Event Processing </p></li><li><p>Federated Architecture and the Telco ecosystem </p><p>Telco API Mgmt </p><p>API Gateway API Store Developer Portal </p><p>Iden0ty </p><p>API Publisher </p><p>Workows </p><p>Audi0ng and Repor0ng </p><p>Event Processing Discovery and Rou0ng </p><p> Standard API </p><p>NFC Payment Messaging Iden0ty </p><p>Telco API Mgmt </p><p>Enterprise </p><p>Developers </p><p>Applica0ons Subscribers OTT Customers </p></li><li><p>API Management at the Edge </p><p> Raw devices can expose functionality as APIs </p><p> Functional capabilities (actuators) Function APIs </p><p> Administration capabilities (management) Management APIs </p><p> Monitoring capabilities (sensor data) Sensor APIs E.g: GET hTp://{ip}/{loca0onid}/sensors/temperature </p><p> Augment device capability ThroTling Caching Request rou0ng Stats collec0on and monitoring Decision making Security </p><p> Authoriza0on based on token (Oauth) </p></li><li><p>* * </p><p>API Management and IoT </p><p>Device Queue </p><p>Media(on/ Rou(ng </p><p>Device Gateway </p><p>App </p><p>End User </p><p>Authoriza(on Manager </p><p>Sta(s(cs Processing </p><p>Device </p><p>Device Hub Device </p><p>Device </p><p>Device </p><p>Device Management </p><p>Iden(ty Management </p></li><li><p>* * </p><p>WSO2- Reference Architecture for IoT </p></li><li><p>Application Services Governance and APIs Everywhere </p><p> One click API capability </p><p> Governance of API, Services, resources within an enterprise with Unified Governance </p><p> Life cycle automation with WSO2 Appfactory </p></li><li><p>WSO2 Appfactory, WSO2 Private PaaS and WSO2 App Manager </p><p>* </p><p>IdP (WSO2 Iden(ty </p><p>Server) </p><p>(WSO2 Business Ac(vity Monitor) </p></li><li><p>Summary </p><p> Introduc0on and case studies API Economy and factors API Management Overview API Management within a plaJorm API Management demo Reference Architectures APIs at the edge and IoT APIs Everywhere Applica0on Governance </p></li><li><p>Contact Us </p></li></ul>