API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Presentation at Gartner AADI 2011
Download as PPTX, PDF2 likes672 views
This document summarizes a talk about changes in API management and governance as technologies evolve. It notes that while basic problems remain the same, mobility, cloud computing, and interconnectivity are driving changes. SOA governance needs to adapt from older standards like WSDL, SAML and WS-Security to looser approaches like JSON, OAuth and wiki-based documentation. New governance leverages tools like forums and portals. The talk promotes a solution like Layer 7's API developer portal that integrates familiar tools to effectively manage APIs in this new environment.
![http://api.layer7.com/getPerson?Name=Scott
{
"firstName": ”Scott",
"lastName" : ”Morrison",
”title" : “CTO”,
"address" :
{
"streetAddress": ”405-1100 Melville",
"city" : ”Vancouver",
”prov" : ”BC",
"postalCode" : ”V6E 4A6"
},
"phoneNumber":
[
{
"type" : ”office",
"number": ”605 681-9377"
},
{
"type" : ”home",
"number": ”604 555-4567"
}
]
}](https://image.slidesharecdn.com/aadi2011lasvegasfinal-120109175158-phpapp01/85/API-Management-and-OAuth-for-Web-Mobile-and-the-Cloud-Scott-Morrison-s-Presentation-at-Gartner-AADI-2011-36-320.jpg)
![Not Convinced Yet?
Take a look at XML
<!DOCTYPE x [ <!ENTITY y "a]>b"> ]>
<x>
<a b="&y;>" />
<![CDATA[[a>b <a>b <a]]>
<?x <a> <!-- <b> ?> c --> d
</x>](https://image.slidesharecdn.com/aadi2011lasvegasfinal-120109175158-phpapp01/85/API-Management-and-OAuth-for-Web-Mobile-and-the-Cloud-Scott-Morrison-s-Presentation-at-Gartner-AADI-2011-40-320.jpg)
![JSON is simple
{
"firstName": ”Scott ",
"lastName" : ”Morrison",
”title" : “CTO”,
"address" :
{
"streetAddress": ”405-1100 Melville",
"city" : ”Vancouver",
”prov" : ”BC",
"postalCode" : ”V6E 4A6"
},
"phoneNumber":
[
{
"type" : ”office",
"number": ”605 681-9377"
},
{
"type" : ”home",
"number": ”604 555-4567"
}
]
}](https://image.slidesharecdn.com/aadi2011lasvegasfinal-120109175158-phpapp01/85/API-Management-and-OAuth-for-Web-Mobile-and-the-Cloud-Scott-Morrison-s-Presentation-at-Gartner-AADI-2011-42-320.jpg)
![http s
://api.layer7.com/getPerson?Name=Scott
{
"firstName": ”Scott",
"lastName" : ”Morrison",
”title" : “CTO”,
"address" :
{
"streetAddress": ”405-1100 Melville",
"city" : ”Vancouver",
”prov" : ”BC",
"postalCode" : ”V6E 4A6"
},
"phoneNumber":
[
{
"type" : ”office",
"number": ”605 681-9377"
},
{
"type" : ”home",
"number": ”604 555-4567"
}
]
}](https://image.slidesharecdn.com/aadi2011lasvegasfinal-120109175158-phpapp01/85/API-Management-and-OAuth-for-Web-Mobile-and-the-Cloud-Scott-Morrison-s-Presentation-at-Gartner-AADI-2011-54-320.jpg)
API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Presentation at Gartner AADI 2011
- 1. API Management and OAuth for Web, Mobile and the Cloud K Scott Morrison CTO & Chief Architect Nov 30, 2011
- 2. “Change has a considerable psychological impact on the human mind. To the fearful it is threatening because it means that things may get worse. To the hopeful it is encouraging because things may get better. To the confident it is inspiring because the challenge exists to make things better.” - King Whitney Jr.
- 3. This talk is about change
- 4. Our basic problem has not changed: Access to information
- 5. But things outside of our control that are changing
- 7. We are leveraging clouds
- 9. You already know the underpinnings
- 11. But SOA needs to change
- 12. And that is what this talk is about.
- 13. Let me tell you a secret…
- 14. (it’s a gold rush)
- 15. Quote App
- 16. Proposal Generator Product Model: No. Units: Next
- 17. Proposal Generator Product Model: API Portal No. Units: Next Networking Gateway API Portal XML Accelerator
- 18. Proposal Generator Product Model: API Portal No. Units: 2 1 Next 2 3
- 19. Proposal Generator Product Model: API Portal No. Units: 2 Next
- 20. Proposal Generator Discount Recipient Submit
- 21. Proposal Generator Discount 5% Recipient 0% Submit 5% 10%
- 22. Proposal Generator Discount 5% Recipient bobama@whitehouse.gov Submit
- 23. Proposal Generator Discount 5% Recipient @whitehouse.gov Submit
- 24. Proposal Generator Processing… Cancel
- 25. Proposal Generator …Done. Proposal submitted for review Reference no L7-ABC123
- 26. API
- 28. APIs transform the Web into an integration platform Cloud Servers Legacy Third party web apps Directory Mobile devices Applications Browsers Database
- 29. The API is the glue for the New Enterprise Web Enterprise Network
- 30. Why did the web work so well?
- 31. Very loose coupling… 5 Approximate number of global web pages
- 32. But haven’t we heard this story before?
- 33. Let’s consider the developer experience using SOAP Web Services Server WSDL
- 36. http://api.layer7.com/getPerson?Name=Scott { "firstName": ”Scott", "lastName" : ”Morrison", ”title" : “CTO”, "address" : { "streetAddress": ”405-1100 Melville", "city" : ”Vancouver", ”prov" : ”BC", "postalCode" : ”V6E 4A6" }, "phoneNumber": [ { "type" : ”office", "number": ”605 681-9377" }, { "type" : ”home", "number": ”604 555-4567" } ] }
- 37. Low Barrier to Entry
- 38. Frictionless
- 39. Agility
- 40. Not Convinced Yet? Take a look at XML <!DOCTYPE x [ <!ENTITY y "a]>b"> ]> <x> <a b="&y;>" /> <![CDATA[[a>b <a>b <a]]> <?x <a> <!-- <b> ?> c --> d </x>
- 41. The new alternative is JSON Structure Name/Value
- 42. JSON is simple { "firstName": ”Scott ", "lastName" : ”Morrison", ”title" : “CTO”, "address" : { "streetAddress": ”405-1100 Melville", "city" : ”Vancouver", ”prov" : ”BC", "postalCode" : ”V6E 4A6" }, "phoneNumber": [ { "type" : ”office", "number": ”605 681-9377" }, { "type" : ”home", "number": ”604 555-4567" } ] }
- 44. XML giving way to JSON illustrates the theme of the change • Complex • Simple • Highly standardized • Informal • Vendor driven • Grassroots • Barriers • Frictionless
- 46. Contracts
- 47. Old way: WSDL
- 48. New way: Just write a web page
- 49. Design time governance: the integrated reg/rep
- 50. The new design-time governance leverages successful communication tools • Portal • Wiki • Forum • Blog • Email workflow
- 51. What about run time governance?
- 52. Rules are only good with enforcement
- 53. Consider WS-Security <?xml version="1.0" encoding="utf-8" ?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <soap:Header/> <soap:Body xmlns:m=“http://www.example.org/stock”> <m:GetStockPrice> <m:StockName>ABC</m:StockName> </m:GetStockPrice> </soap:Body> </soap:Envelope>
- 54. http s ://api.layer7.com/getPerson?Name=Scott { "firstName": ”Scott", "lastName" : ”Morrison", ”title" : “CTO”, "address" : { "streetAddress": ”405-1100 Melville", "city" : ”Vancouver", ”prov" : ”BC", "postalCode" : ”V6E 4A6" }, "phoneNumber": [ { "type" : ”office", "number": ”605 681-9377" }, { "type" : ”home", "number": ”604 555-4567" } ] }
- 55. What about identity and access control?
- 56. SAML is complex
- 57. OAuth by example
- 58. So what was SOA governance again? Old Governance New Governance • People • People • Process • Process • Technology • I have lots of this already…
- 59. To Summarize: Old New Documentation WSDL Wiki/Blog Discovery Reg/Rep Search Approval G10 Platform Email Enforcement Gateway Gateway User Provisioning IAM Portal Community What’s that? Forum
- 60. The new way to manage The new people to manage
- 61. These are the new people to manage
- 62. “Technology is dominated by two types of people: those who understand what they do not manage, and those who manage what they do not understand.” - Archibald Putt
- 63. So how can you understand completely and manage effectively?
- 64. IT is sick of piecemeal solutions
- 65. That’s why we built the Layer 7 API Developer Portal App Firewall API Developer Gateway API Portal API Server Enterprise Network
- 67. Let’s Summarize: • Simple wins every time • SOA is changing • and so is SOA governance • The new enterprise web is about APIs • Driven by cloud and mobility • Solutions like Layer 7’s API Portal integrate all the familiar tools to effectively manage your APIs
- 68. For further information: K. Scott Morrison Chief Technology Officer & Chief Architect Layer 7 Technologies 1100 Melville St, Suite 405 Vancouver, B.C. V6E 4A6 Canada (800) 681-9377 smorrison@layer7tech.com http://www.layer7tech.com November 2011
- 69. Picture Credits Big Ben by meanone97 – stock.exchg Whiz Kids by Ron S. Gejman – ron.gejman.com World Puzzle by juancho17 – stock.exchg Rack Server by Pazado – stock.exchg Analogue Erosion Control Device, Fall & wheat by Kevin Hudkins - Flickr
Editor's Notes
- #4: Everyone here needs to choose.Ignore the middle groundAre you fearfulOr are you confident?
- #8: 2 Drivers. #1 is cloud, #2 is mobile
- #15: Let me tell you all a secret
- #30: The new enterprise web is about integration
- #32: 19.2B pages yahoo 2005346Mweb sites netcraft June 2011
- #40: Psych term, but look at examples
- #41: Psych term, but look at examples
- #42: Boil to its essence
- #44: Autobinding
- #46: Psych term, but look at examples
- #49: RUN TIME ESSENTIAL!
- #50: Developers hate these things
- #53: Run time governance is a first order problem now
- #57: What about identity?
- #62: But also internal users too
- #66: The new enterprise web is about integration
- #67: The new enterprise web is about integration
- #68: The new enterprise web is about integrationAsk yourself now, given the right tools, which side are you on?