Crafting an API Strategy with an API Marketplace

Download Crafting an API Strategy with an API Marketplace

Post on 18-Mar-2018




6 download


  • Crafting an API Strategy with anAPI Marketplace

    Shiroshica Kulatilake

  • What we will discuss API management and why it is a mandatory API marketplaces and its benefits Components of building an API marketplace Promoting the use of API marketplaces Some real world scenarios Beyond API marketplaces

  • Revisit API Management

  • Benefits of API Management Expose legacy services and data in a

    standard, reusable format

    Leverage API usage statistics and

    patterns to gain business insight

    Provide ease of consuming business

    functionality in a secure manner

    Rapid creation of old and new digital


    Drive digital transformation Source: Forrester Research

  • API Marketplace

  • A Platform is a Central, Single Level Space which

    can be accessed by many to satisfy needs.

  • Emergence of Platforms

    Platforms have become proven business models E.g. Amazon, Uber, Youtube, etc.

    Value creation is at a flatter structure Platform users create and consume

    The platform itself is a technology creation Focused on providing value for the stakeholders

    Stakeholders can be external as well as internal Employees, partners, customers, and even competitors

    New revenue models are discovered

  • A Marketplace is a Specialized Platform which

    connects Producers and Consumers

  • An enterprise API Marketplace is a Platform to effectively connect API Producers with API Consumers and create Value through available Tools on that platform which areTechnology and Activities

  • Benefits of an API Marketplace Discovery of APIs by API consumers

    Encourage reuse of APIs

    Social features encourage

    participation and feedback loop

    Evangelism to encourage app dev and

    API dev

    Promote participation via incentives

    Encourage governance and standards

    Cross division usage and monetization

  • Strategy - Step 1:Define Your API Strategy

  • Defining Your API Strategy API first vs usage or service first

    What is the priority? Accessibility

    Who is going to use the APIs and what for? Internal reuse, external collaboration/monetization

    Deployment Where will this run? On the cloud, on-premise or hybrid Scaling factors Self managed or hosted

  • Components of Building a Marketplace

  • Strategy - Step 2:Identify Your API Technology Strategy

  • Identifying Your API Technology Strategy Which components are most important?

    Developer portal, security What type of security is needed based on accessibility?

    Ability to federate into multiple security providers What type of extensibility is needed?

    Is there any complex pre-processing needed? Who is the best technology provider?

  • Producers - Publisher: Creating APIs Start with an existing endpoint/contract or design and prototype a new API

    Exposing SOAP services (convert to REST or as a passthrough)

    Exposing streaming APIs (websocket endpoints)

  • Producers - Publisher: Creating APIs API design - Over the wizard and with swagger

  • Producers - Publisher: Creating APIs Point to a production backend or prototype at the gateway

  • Producers - Publisher: Governance

    Ensure that the correct lifecycle

    stages exist and proper audit


    Manage API visibility

    Versioning of APIs based on


    Support for custom lifecycles

    Ability to modify governance

    aspects based on analytics

  • Consumers - Developer Portal Searchable (with context): by name, tag,

    description, author, etc.

    Social features: tagging, commenting, rating

    Minimalistic forum

    Themeable: change color, logo, view

    Configure alerts for application developers

    Application based API analytics

    OAuth2 application management

    API monetization

  • Security: API Protection Protecting for applications and users

    Controlling access and entitlement with scope

    Multi-tier subscription model

  • Consumers: Client Tips and Testing

    Encapsulate the client application

    Associates OAuth2 keys

    Support different integration

    patterns for application security

    through OAuth grant types

    Pre-generated access tokens for


  • Access Control: Traffic Management Tier based simple model

    Application developer selects the tier at

    app registration which has a policy to

    specify quota

    Tiers can be applied at the application, API

    or at the API resource level

    Advance rule-based models Policies containing IP conditions, message

    attribute based conditions, transport header based conditions

    Complex real-time pattern based conditions

  • Strategy - Step 3:Identify Activities to Promote Usage

  • Engage and Evangelize Stakeholders are the key Ensure API developers publish more APIs

    Enable producers to create APIs and group them as needed

    Provide social ratings and tools for documenting usage Ensure application developers consume more APIs

    Organize hackathons, workshops and tutorials Provide code snippets for consumption Lunch n Learn sessions, webinars

  • Promote Use Through Incentives Financial incentives and gamifications Leaderboards showcasing top consumers, most

    consumed APIs, highest throughput APIs, highlighted developer and more

    Identify KPIs for incentives

  • Strategy - Step 4:Analyze Data Collected

  • Analyze API Usage Analytics dashboard on API stats

    API usage / response times

    / backend latency /

    geo-location, etc.

    Stats on applications for

    application owners (subscribers)

    Stats on subscriptions

    Alerts on emergencies or

    doubtful situations

    Pattern detection

  • Strategy - Step 5:Identify Monetization and Cross Business Revenue Opportunities

  • Monetization: Actual or Virtual External APIs can be sold to third party application

    developers Partner APIs will encourage new business users

    from a wider base Internal APIs used across business units

    encourages enterprise contribution Analytics collected can in turn be used for new

    revenue models provided as APIs

  • Strategy - Step 6:Govern, Manage, and Evolve

  • Govern and Manage Make use of analytics information to detect

    patterns Identify improvements on overall governance

    patterns Identify security improvements Evolve

  • Real World Scenarios

  • Requirement Dialog Axiata needed to unify the multiple development

    teams and internal app and service development and reuse

    Needed a digital strategy to compete with new over the air providers and launch new digital products

    Provide the basis of the telco wide digital transformation

    Solution Built an internal and external enterprise API

    marketplace using WSO2 API Manager and related technologies

    A number of evangelism events and incentives that promote application development are organized around the APIs: hackathons, workshops, seminars, prizes, and leaderboards

    The API marketplace is coupled with full ecosystem management for end to end API and app development


  • 38

  • Enterprise API Marketplace

  • Beyond API Marketplaces

  • Application Marketplaces A successful API marketplace implies the need for an

    application marketplace Connect application producers and consumers over an

    application store Provide typical marketplace capabilities such as

    Discovery Social rating Try-it trials

  • Ecosystem Management

    An application marketplace requires an ecosystem

    Security provisioning for application users Single sign-on (SSO) across multiple applications Analytics and governance over usage Application proxies

  • In Summary

  • Steps in Crafting a Marketplace Driven API Strategy1. Define the organizations desired API strategy2. Identify the API technology strategy to use3. Work on activities to promote usage4. Analyze API usage to draw insight5. Use monetization channels identified through the

    marketplace to improve6. Govern, manage and evolve