Crafting an API Strategy with an API Marketplace

Download Crafting an API Strategy with an API Marketplace

Post on 18-Mar-2018




6 download


Crafting an API Strategy with anAPI MarketplaceShiroshica KulatilakeWhat we will discuss API management and why it is a mandatory API marketplaces and its benefits Components of building an API marketplace Promoting the use of API marketplaces Some real world scenarios Beyond API marketplaces Revisit API ManagementBenefits of API Management Expose legacy services and data in a standard, reusable format Leverage API usage statistics and patterns to gain business insight Provide ease of consuming business functionality in a secure manner Rapid creation of old and new digital assets Drive digital transformation Source: Forrester ResearchAPI MarketplaceA Platform is a Central, Single Level Space which can be accessed by many to satisfy needs. Emergence of Platforms Platforms have become proven business models E.g. Amazon, Uber, Youtube, etc. Value creation is at a flatter structure Platform users create and consume The platform itself is a technology creation Focused on providing value for the stakeholders Stakeholders can be external as well as internal Employees, partners, customers, and even competitors New revenue models are discovered A Marketplace is a Specialized Platform which connects Producers and Consumers An enterprise API Marketplace is a Platform to effectively connect API Producers with API Consumers and create Value through available Tools on that platform which areTechnology and ActivitiesBenefits of an API Marketplace Discovery of APIs by API consumers Encourage reuse of APIs Social features encourage participation and feedback loop Evangelism to encourage app dev and API dev Promote participation via incentives Encourage governance and standards Cross division usage and monetizationStrategy - Step 1:Define Your API StrategyDefining Your API Strategy API first vs usage or service first What is the priority? Accessibility Who is going to use the APIs and what for? Internal reuse, external collaboration/monetization Deployment Where will this run? On the cloud, on-premise or hybrid Scaling factors Self managed or hostedComponents of Building a MarketplaceStrategy - Step 2:Identify Your API Technology StrategyIdentifying Your API Technology Strategy Which components are most important? Developer portal, security What type of security is needed based on accessibility? Ability to federate into multiple security providers What type of extensibility is needed? Is there any complex pre-processing needed? Who is the best technology provider?Producers - Publisher: Creating APIs Start with an existing endpoint/contract or design and prototype a new API Exposing SOAP services (convert to REST or as a passthrough) Exposing streaming APIs (websocket endpoints)Producers - Publisher: Creating APIs API design - Over the wizard and with swaggerProducers - Publisher: Creating APIs Point to a production backend or prototype at the gatewayProducers - Publisher: Governance Ensure that the correct lifecycle stages exist and proper audit prevails Manage API visibility Versioning of APIs based on need Support for custom lifecycles Ability to modify governance aspects based on analyticsConsumers - Developer Portal Searchable (with context): by name, tag, description, author, etc. Social features: tagging, commenting, rating Minimalistic forum Themeable: change color, logo, view Configure alerts for application developers Application based API analytics OAuth2 application management API monetizationSecurity: API Protection Protecting for applications and users Controlling access and entitlement with scope Multi-tier subscription modelConsumers: Client Tips and Testing Encapsulate the client application Associates OAuth2 keys Support different integration patterns for application security through OAuth grant types Pre-generated access tokens for testingAccess Control: Traffic Management Tier based simple model Application developer selects the tier at app registration which has a policy to specify quota Tiers can be applied at the application, API or at the API resource level Advance rule-based models Policies containing IP conditions, message attribute based conditions, transport header based conditions Complex real-time pattern based conditionsStrategy - Step 3:Identify Activities to Promote UsageEngage and Evangelize Stakeholders are the key Ensure API developers publish more APIs Enable producers to create APIs and group them as needed Provide social ratings and tools for documenting usage Ensure application developers consume more APIs Organize hackathons, workshops and tutorials Provide code snippets for consumption Lunch n Learn sessions, webinarsPromote Use Through Incentives Financial incentives and gamifications Leaderboards showcasing top consumers, most consumed APIs, highest throughput APIs, highlighted developer and more Identify KPIs for incentivesStrategy - Step 4:Analyze Data CollectedAnalyze API Usage Analytics dashboard on API stats API usage / response times / backend latency / geo-location, etc. Stats on applications for application owners (subscribers) Stats on subscriptions Alerts on emergencies or doubtful situations Pattern detectionStrategy - Step 5:Identify Monetization and Cross Business Revenue OpportunitiesMonetization: Actual or Virtual External APIs can be sold to third party application developers Partner APIs will encourage new business users from a wider base Internal APIs used across business units encourages enterprise contribution Analytics collected can in turn be used for new revenue models provided as APIsStrategy - Step 6:Govern, Manage, and EvolveGovern and Manage Make use of analytics information to detect patterns Identify improvements on overall governance patterns Identify security improvements EvolveReal World ScenariosRequirement Dialog Axiata needed to unify the multiple development teams and internal app and service development and reuse Needed a digital strategy to compete with new over the air providers and launch new digital products Provide the basis of the telco wide digital transformationSolution Built an internal and external enterprise API marketplace using WSO2 API Manager and related technologies A number of evangelism events and incentives that promote application development are organized around the APIs: hackathons, workshops, seminars, prizes, and leaderboards The API marketplace is coupled with full ecosystem management for end to end API and app development API MarketplaceBeyond API MarketplacesApplication Marketplaces A successful API marketplace implies the need for an application marketplace Connect application producers and consumers over an application store Provide typical marketplace capabilities such as Discovery Social rating Try-it trials Ecosystem Management An application marketplace requires an ecosystem Security provisioning for application users Single sign-on (SSO) across multiple applications Analytics and governance over usage Application proxies In SummarySteps in Crafting a Marketplace Driven API Strategy1. Define the organizations desired API strategy2. Identify the API technology strategy to use3. Work on activities to promote usage4. Analyze API usage to draw insight5. Use monetization channels identified through the marketplace to improve6. Govern, manage and evolveTHANK YOUwso2.com