m meijer api management - tech-days 2015
TRANSCRIPT
API managementEnabling a new ECO-system
Marcel Meijer
API (Application Programming Interface)
• A language and message format used by an application program to communicate with the operating system or some other control program such as a database management system (DBMS) or communications protocol.
Personal computer
Application Operating SystemUI API
Web API
• When used in the context of web development, an API is typically defined as a set of Hypertext Transfer Protocol (HTTP) request messages.
• Response messages, which is usually in an Extensible Markup Language (XML) or JavaScript Object Notation (JSON) format.
• While "Web API" is virtually a synonym for web service (SOAP vs REST)
Source: Wikipedia
Personal computer
Application Discovery SystemWeb
browserAPI
App
Backend
API
API management
• API management is the process of publishing, promoting and overseeing application programming interfaces (APIs) in a secure, scalable environment. It also includes the creation of end user support resources that define and document the API.
DEMOWebApi / API app
.NET WebAPI default
Default documentation
Adding Swagger or Swashbuckle
Even try out is added
New to Azure APIApp;Website with default WebApi and Swagger added.Swagger is partly used in portal
Swagger UI
Example of try out
Why API Management
• Establish a single API “front door”
• Build an API façade for existing backend services
• Add new capabilities to the APIs, such as response caching
• Reliably protect published APIs from misuse and abuse
• Package and publish APIs to developers and partners
• On-board developers via a self-service portal
• Ramp-up developers with docs, samples, and API console
• Gain insights into API usage and health from analytics reports
API != SOA
SOA
Strict contracts
Basic Connectivity
Few, known developers, Strictly managed
Slow, unreliable, segmented networks
APIs
Loose contracts
Minimal “stack”
Self-service
1000s of developers
O(10^4) users, external
Always connected apps
APIs are the engines of growth
Monetize data or services
Open new channels
Innovate faster
Make product into a
platform
API First – Platform as a Strategy
• Business Reasons:– Market Penetration: Netflix– Defensive Stratgey: PayPal– Drive usage: Twitter / FaceBook
• Technical Reasons:– Email abstraction: Sendgrid– Storage metered usage: DropBox– Inboxes simplification: Context.io
• Twillio - All of the aboveabstraction, metered usage, simplification
Common scenarios
• Modernize legacy backends
• Package APIs into tiers
• Enforce usage limits
• Provide support and receive feedback
• Optimize and secure backend
• Authorize and throttle requests
• Get visibility into usage and health
• Drive developer adoption
• Normalize legacy backends
• Build the catalog of APIs
• Accept organizational ID
• Respect org structure
Mobile enablement Partner ecosystem Business agility
The API Portal
• The API Catalog approaches the problem from a completely different direction based on its origins– Consumer-facing– Mobile/Web App consumer
• APIs continue the trend of human to human, rather than machine to machine, interaction
• The developer is now the customer, rather than a participant– A lack of enthusiasm for standards has forced a document-centric
approach, which is better for humans anyway– The need for channel marketing has driven a portal design– The need for developer engagement has improved utility
Challenges consuming APIs
• Difficult for professional developers; impossible for business users
• Inconsistent metadata and authentication story
• Lack of organizationally-scoped galleries
• Inconsistent (or lack) of API documentation
AZURE API MANAGEMENT
Publisher portal
Proxy
Developer PortalAPP DEVELOPERS
APPS
API PUBLISHERS
Hosted anywhere.
Developed using anytechnology.
BACKENDSERVICES
DEMOAzure Management Portal
Azure Portal site
The Publisher portal
The Developer portal
Azure API Management
• Management API
• Static VIP
• OAuth 2.0
• Backup & restore
• Mutual certificate authentication
• "Root" APIs
• Subscription-less products
• HTTP support
• Subscription per app
• Performance improvements
• Multi-region deployment
• Developer portal delegation
• Custom subscription keys
• Azure VPN support
• Azure Active Directory support
• API import from Swagger 2.0
• Improved response caching
• Improved API import
• Improved console and documentation
• Check Header policy
• Validate JWT policy
• Set backend policy
• Set body policy
• Control flow policy
• Set context variable policy
• Policy expressions
• and more...
http://projectoxford.ai
API AND DEVELOPER SUCCESS
• API Design– User Experience - What do you want people to do with your API?– System constraints - How do you want them to do it?
• Marketing your API – Clearly communicate API goals and usage– Lower barrier to entry for developers
• Supporting your Developers– Clear, consistent communication– Fantastic documentation, tutorials, libraries– Forums, participation– Provide excellent exploration and development tools– In short, respect your developers’ time and reduce confusion
Your feedback is important!
Scan the QR Code and let us know via the TechDays App.
Laat ons weten wat u van de sessie vindt via de TechDays
App! Scan de QR Code.
Bent u al lid van de Microsot Virtual Academy?! Op MVA kunt u altijd iets nieuws leren over de laatste technologie van Microsoft. Meld u vandaag aan op de MVA Stand. MVA biedt 7/24 gratis online training on-demand voor IT-Professionals en Ontwikkelaars.