Open API in EnterpriseVersion 1.0

ContentsOverviewKey Business DriversFeatures Reference ArchitectureAPI ManagementAPI Management – ComponentsAPI GatewayAPI Life CycleAPI User rolesKey Service ProvidersReferences

OverviewEnterprises need to expose their information assets without any boundaries

in a secure and standard way in their digital innovation and transformation strategy.

API Management Solutions have the capability of opening up APIs in a standard way that can be used across the web, digital, IOTs, Social, Service Oriented Architecture (SOA) and the cloud.

API management is the process of publishing, documenting and overseeing application programming interfaces (APIs) in a secure, scalable environment. 

API management monitoring helps in increasing the availability of the interfaces. 

Private APIs for Internal usage with in the enterprise applications thru ESB, Protected APIs can be used for Partners thru API Management and Open APIs can be used by External API Developer and create Apps.

Key Business DriversFaster relationships thru

developer communities with the feasibility of access control mechanism.

Reduce the risk of exposure to the open Enterprise with out compromising on security.

Improve Business Agility

Inspiring towards Innovation

Increase revenue

Easing Integration

Features Proxying and securing backend service with API Gateway helps to secure the core

systems from direct access by taking care of the standard security considerations.

Rate limiting/throttling of API calls helps in prioritization aspect.

Consumer identification helps in monetization aspects.

API Analytics help in understanding API consumer behavior.

Self service for the API developers helps in reducing the integration complexities.

Documentation Portals help by reducing dependency on external documents.

Different types of built-in transformations reduce development effort( ex: SOAP <-> REST, XML <-> JSON).

Minimizing programming effort thru configurations helps save time and improve quality.

Caching can help in achieving the better performance.

Reference Architecture

API Management

API Management – Components

API Management – ComponentsAPI Gateway : provides functionality that enables security,

protection, and scaling of API calls

API Manager : is a web interface that enables business or operational users (API owners) to easily register APIs and apply standard policies to virtualizes the APIs. It enables organizations and API consumers to consume APIs, browse the API Catalogue, and monitor their API use. It also enables business or operational users (API administrators) to manage API clients and their consumption of APIs.

Analytics: This has a dashboard to display the usage and behaviour of all the APIs in the dimensions like time taken, no of calls etc.

Developer Portal: is a self-service portal that enables API consumers to consume APIs which are exposed in a standard and secured way for external consumption using API Manager. API consumers can register and manage their user profile, register applications, manage application credentials, browse front-end APIs and supporting documentation, monitor application API usage, and access blogs, forums, and so on.

API Gateway

DMZ

Provides a mechanism to externalize specific APIs using a standard pattern

Authentication & Authorization thru OAuth, LDAP, SSO etc.

Message Security thru SSL, TLS, XML-Encryption, PKI Cryptography

Threat Protection from DDOS attacks, SQL/Script Injections etc.

Throttling thru Rate Limits, traffic prioritization, limit based on user, ip, region

Route based on message content, headers, identity and other factors.

Transform requests from one form to other like SOAP to REST

API Life Cycle

API User rolesAPI Owner: is typically a person in a managerial role and overlooks a

set of APIs across the enterprise or a business unit, and controls the API lifecycle and monetization aspects. He also analyzes usage patterns for APIs and has access to all API statistics.

API developer (Internal): is a technical programmer who understands the technical aspects of the API (coding, interfaces, documentation, versions, how it is exposed by API gateway) and implement the APIs.

Admin : Admin is the API management provider, who hosts and manages the API Gateway. S/he is responsible for creating user roles in the system, assign users to roles, managing databases, security etc.

Consumer / APP Developer (External) : A consumer is typically an application developer who is external to the enterprise and create applications and searches the API store from internet to discover APIs and use them. He/she reads the documentation,  forums, rates/comments on APIs.

API Management Solutions

Referenceshttps://www.ca.comhttp://searchsoa.techtarget.com/definition/API

-managementhttp://www.apiacademy.co/resources/api-strat

egy-lesson-102-the-business-value-of-apis/https://docs.wso2.com/display/AM160/User+R

oles+in+the+API+Managerhttp://www.slideshare.net/KaiWaehner/a-new-f

ront-for-soa-open-api-and-api-management-as-game-changer

http://swagger.io/

Thank You - Guru Lakshmeekar Boggula