SlideShare a Scribd company logo

Who is Accessing My API?

Chris Haddad, profile picture
Chris Haddad

The document discusses strategies for understanding and enhancing API consumer interactions, emphasizing the importance of identifying users, applications, devices, and locations. It suggests externalizing identity as an API and monetizing APIs through understanding consumer intent and context. The ultimate goal is to create a compelling user experience by blending identity awareness with API functionalities.

Internet
Related topics:
Identity ManagementAPI Management Trends
1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Who is Accessing My API?
Who is Accessing My API? Chris Haddad
Who is accessing my API? Not this guy again! Copyright © 2015 Cloud Identity Summit. All rights reserved. 3
For a Session: Focus Less On Building an API Fortress
Copyright © 2015 Cloud Identity Summit . All rights reserved. 5 Think About Identity Driving The API Economy!
http://wso2.com/landing/enabling-the-connected-business Increase Revenue Opportunities © Mathias Rosenthal - Fotolia.com
Copyright © 2015 Cloud Identity Summit . All rights reserved. 7 Enhance Customer Intimacy
Copyright © 2015 Cloud Identity Summit . All rights reserved. 8 Extend Your Business Reach
Step One: Know Your API Consumer • User • Application • Device • Location Copyright © 2015 Cloud Identity Summit. All rights reserved. 9
Identifying the User • SAML Grant Type for Oauth Copyright © 2015 Cloud Identity Summit. All rights reserved. 10
Identifying the Application • Oauth 2.0 Bearer Token Copyright © 2015 Cloud Identity Summit. All rights reserved. 11
Identifying the Device • What you know? • Universal device identifier • What you have? • Certificate Copyright © 2015 Cloud Identity Summit. All rights reserved. 12
Identifying the Location • Mobile Connect Discovery API • GSMA OneAPI Copyright © 2015 Cloud Identity Summit. All rights reserved. 13
Action Item: Externalize Identity (as an API) Copyright © 2015 Cloud Identity Summit. All rights reserved. 14
Step Two: Know what your API Consumer Wants! http://www.amazon.com/The-Intention-Economy-Customers-Charge/dp/1422158527
Step 3: Understand Context • Your Brand • Social Context • Customer, Location • Environment
Step 4: Blend Context with Intent {incidents: [ {impacting: false, eventCode: 0, iconURL: "http://...", lat: 38.743999, shortDesc: "Exit ramp closed on I 95...", type: 1, severity: 0, fullDesc: "In NEWINGTON exit ramp closed on I-95 ...", startTime: "2010-02-21T00:14: 07", lng: -77.188004, id: "368598263", endTime: "2010-02-27T05:04:19" }, Image source: http://www.directoryofnewyorkcity.com/blog/2009/05/how-to-find-parking-in-new-york-city/ Real-time traffic map: http://www.mapquestapi.com/traffic/
Action Item: Make API Analytics Identity Aware http://wso2.com/landing/enabling-the-connected-business © adam121 - Fotolia.com
Copyright © 2015 Cloud Identity Summit . All rights reserved. 19 Step 5: Monetize APIs • Membership service levels • Monetization rates and discounts • Business processes and rules for stores and ecosystem
With Identity, Your API can • Responsively interact in the serendipitous, contextual moment • Virally connect ecosystem participants • Drive helpful and relevant decisions • Deliver a compelling end-to-end user experience Copyright © 2015 Cloud Identity Summit. All rights reserved. 20

More Related Content

PPTX
Kondo-ing API Authorization
Nordic APIs
 
PDF
apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...
apidays
 
PDF
Is Your API Being Abused – And Would You Even Notice If It Was?
Nordic APIs
 
PPTX
API Management: Rise of the Planet of the Apps (2016 09-26 - Porto.Data)
Sandro Pereira
 
PPTX
Test and Protect Your API
SmartBear
 
PPTX
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
CA API Management
 
PDF
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CloudIDSummit
 
PDF
apidays LIVE Hong Kong - API Abuse - Comprehension and Prevention by David St...
apidays
 
Kondo-ing API Authorization
Nordic APIs
 
apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...
apidays
 
Is Your API Being Abused – And Would You Even Notice If It Was?
Nordic APIs
 
API Management: Rise of the Planet of the Apps (2016 09-26 - Porto.Data)
Sandro Pereira
 
Test and Protect Your API
SmartBear
 
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
CA API Management
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CloudIDSummit
 
apidays LIVE Hong Kong - API Abuse - Comprehension and Prevention by David St...
apidays
 

What's hot (11)

PPTX
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
ForgeRock
 
PPTX
Confronting API Security in the Brave New Open Banking Era
Akana
 
PPTX
Securing Insecure
Prabath Siriwardena
 
PDF
APIs of Enterprise mBaaS Platforms
kidozen
 
PPTX
Deconstructing API Security
Akana
 
PDF
CIS 2015 Extreme OAuth - Paul Meyer
CloudIDSummit
 
PPTX
apidays LIVE Hong Kong - Art and Science of Rate Limits for APIs by Shahnawaz...
apidays
 
PPTX
Deep-Dive: API Security in the Digital Age
Apigee | Google Cloud
 
PPTX
apidays LIVE India - 10 steps to secure your API by Pabitra Kumar Sahoo, Qual...
apidays
 
PPTX
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
ForgeRock
 
PPTX
apidays LIVE Paris - Microservices, up and running by Irakli Nadareishvili
apidays
 
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
ForgeRock
 
Confronting API Security in the Brave New Open Banking Era
Akana
 
Securing Insecure
Prabath Siriwardena
 
APIs of Enterprise mBaaS Platforms
kidozen
 
Deconstructing API Security
Akana
 
CIS 2015 Extreme OAuth - Paul Meyer
CloudIDSummit
 
apidays LIVE Hong Kong - Art and Science of Rate Limits for APIs by Shahnawaz...
apidays
 
Deep-Dive: API Security in the Digital Age
Apigee | Google Cloud
 
apidays LIVE India - 10 steps to secure your API by Pabitra Kumar Sahoo, Qual...
apidays
 
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
ForgeRock
 
apidays LIVE Paris - Microservices, up and running by Irakli Nadareishvili
apidays
 
Ad

Viewers also liked (20)

PPTX
High Productivity Platform
Chris Haddad
 
PPTX
Bring N-Tier Apps to containers 2015 ContainerCon
Chris Haddad
 
PPTX
Lightweight ESB Alternatives
Chris Haddad
 
PPTX
Spreadsheets To API
Chris Haddad
 
PPTX
Steampunk App Servers in
Chris Haddad
 
PPT
Cloaking Devices, CyberPersonas, and Neutral Zones
Chris Haddad
 
PDF
Overcome DevOps Adoption Barriers to Accelerate Software Delivery
Chris Haddad
 
PPTX
Eight Miles High: Build Cloud-native and Cloud-aware Systems
Chris Haddad
 
PDF
Enabling cloud-native, complex enterprise development and deployment in the C...
Chris Haddad
 
PPTX
Siddhi CEP 1st presentation
Sriskandarajah Suhothayan
 
PPT
Mule connectors
Vamsi Krishna
 
PPT
Debug Program in Mule
Vamsi Krishna
 
PPTX
Developer’s viewpoint on swift programming language
Azilen Technologies Pvt. Ltd.
 
PPT
Siddhi CEP 2nd sideshow presentation
Sriskandarajah Suhothayan
 
PDF
Administration and Management with UltraESB
AdroitLogic
 
PPT
Wso2 esb
Kevin Jeremy Valdez Navarrete
 
PPTX
ESB 4.9.0 extension points, Connectors and Inbound Endpoints
WSO2
 
PDF
Enterprise Integration made easy with WSO2 ESB
WSO2
 
PDF
WSO2 ESB and SOA
WSO2
 
PDF
Magento 2.0 - eCommerce Web Portal Solutions | Case Study
Azilen Technologies Pvt. Ltd.
 
High Productivity Platform
Chris Haddad
 
Bring N-Tier Apps to containers 2015 ContainerCon
Chris Haddad
 
Lightweight ESB Alternatives
Chris Haddad
 
Spreadsheets To API
Chris Haddad
 
Steampunk App Servers in
Chris Haddad
 
Cloaking Devices, CyberPersonas, and Neutral Zones
Chris Haddad
 
Overcome DevOps Adoption Barriers to Accelerate Software Delivery
Chris Haddad
 
Eight Miles High: Build Cloud-native and Cloud-aware Systems
Chris Haddad
 
Enabling cloud-native, complex enterprise development and deployment in the C...
Chris Haddad
 
Siddhi CEP 1st presentation
Sriskandarajah Suhothayan
 
Mule connectors
Vamsi Krishna
 
Debug Program in Mule
Vamsi Krishna
 
Developer’s viewpoint on swift programming language
Azilen Technologies Pvt. Ltd.
 
Siddhi CEP 2nd sideshow presentation
Sriskandarajah Suhothayan
 
Administration and Management with UltraESB
AdroitLogic
 
Wso2 esb
Kevin Jeremy Valdez Navarrete
 
ESB 4.9.0 extension points, Connectors and Inbound Endpoints
WSO2
 
Enterprise Integration made easy with WSO2 ESB
WSO2
 
WSO2 ESB and SOA
WSO2
 
Magento 2.0 - eCommerce Web Portal Solutions | Case Study
Azilen Technologies Pvt. Ltd.
 
Ad

Similar to Who is Accessing My API? (20)

PDF
Delivering on Personalization with the Power of APIs
Akana
 
PDF
The API Opportunity: Crossing the Digital Divide
CA Technologies
 
PPTX
API Management Platform Technical Evaluation Framework
WSO2
 
PPTX
API Strategy Introduction
Doug Gregory
 
PPT
Six Steps To Build A Successful API
Chris Haddad
 
PPT
Six Steps to Build Successful APIs
WSO2
 
PDF
Api security-present
Security Bootcamp
 
PPT
Iag api management architect presentation
sflynn073
 
PPTX
Digital transformation
Anoop Goyal
 
PDF
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2
 
PDF
CA API Management: A DevOps Enabler
Rajat Vijayvargiya
 
PDF
2022 APIsecure_Harnessing the Speed of Innovation
APIsecure_ Official
 
PDF
Creating a Successful API Program to Drive Digital Transformation
Perficient, Inc.
 
PPTX
Platform for Secure Digital Business
Akana
 
PDF
[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...
WSO2
 
PDF
WSO2 API Platform: Vision and Roadmap
WSO2
 
PPTX
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2
 
PPTX
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
CA API Management
 
PDF
Gluecon2014 - Building an API strategy at Enterprise Scale
Sid Bhatia
 
PDF
IBM API management Philip Little
Valeri Illescas
 
Delivering on Personalization with the Power of APIs
Akana
 
The API Opportunity: Crossing the Digital Divide
CA Technologies
 
API Management Platform Technical Evaluation Framework
WSO2
 
API Strategy Introduction
Doug Gregory
 
Six Steps To Build A Successful API
Chris Haddad
 
Six Steps to Build Successful APIs
WSO2
 
Api security-present
Security Bootcamp
 
Iag api management architect presentation
sflynn073
 
Digital transformation
Anoop Goyal
 
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2
 
CA API Management: A DevOps Enabler
Rajat Vijayvargiya
 
2022 APIsecure_Harnessing the Speed of Innovation
APIsecure_ Official
 
Creating a Successful API Program to Drive Digital Transformation
Perficient, Inc.
 
Platform for Secure Digital Business
Akana
 
[WSO2 Summit Sydney 2019] Building a Successful API Strategy from Scratch and...
WSO2
 
WSO2 API Platform: Vision and Roadmap
WSO2
 
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
CA API Management
 
Gluecon2014 - Building an API strategy at Enterprise Scale
Sid Bhatia
 
IBM API management Philip Little
Valeri Illescas
 

More from Chris Haddad (20)

PPTX
Deploy at scale with CoreOS Kubernetes and Apache Stratos
Chris Haddad
 
PPT
Merging microservices architecture with SOA practices
Chris Haddad
 
PPT
Connected Architecture Fabric Creating a Connected World
Chris Haddad
 
PPTX
Establishing SOA Focused Enterprise Architecture
Chris Haddad
 
PPTX
Java PaaS Apache Stratos
Chris Haddad
 
PPTX
Shadow IT Risk and Reward
Chris Haddad
 
PPTX
Gaining Startup Speed with DevOps PaaS
Chris Haddad
 
PPT
Business driven IT design
Chris Haddad
 
PPT
SOA and API Convergence Strategy and Tactics
Chris Haddad
 
PPT
Responsive IT and Connected Business
Chris Haddad
 
PPT
Big data streams, Internet of Things, and Complex Event Processing Improve So...
Chris Haddad
 
PPT
Why Reshape Reference Architecture
Chris Haddad
 
PPT
What reference architecture models to adopt
Chris Haddad
 
PPT
How to reshape reference architecture
Chris Haddad
 
PPTX
Promote Your API Brand and Extend Your API Reach
Chris Haddad
 
PPTX
Stratos AppFactory in the Cloud tampa meetup-2013-09
Chris Haddad
 
PPTX
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...
Chris Haddad
 
PDF
Achieve business agility with Cloud APIs, Cloud-aware Apps, and Cloud DevOps ...
Chris Haddad
 
PPT
Bridging IaaS With PaaS To Deliver The Service-Oriented Data Center
Chris Haddad
 
PPTX
New IT Plan
Chris Haddad
 
Deploy at scale with CoreOS Kubernetes and Apache Stratos
Chris Haddad
 
Merging microservices architecture with SOA practices
Chris Haddad
 
Connected Architecture Fabric Creating a Connected World
Chris Haddad
 
Establishing SOA Focused Enterprise Architecture
Chris Haddad
 
Java PaaS Apache Stratos
Chris Haddad
 
Shadow IT Risk and Reward
Chris Haddad
 
Gaining Startup Speed with DevOps PaaS
Chris Haddad
 
Business driven IT design
Chris Haddad
 
SOA and API Convergence Strategy and Tactics
Chris Haddad
 
Responsive IT and Connected Business
Chris Haddad
 
Big data streams, Internet of Things, and Complex Event Processing Improve So...
Chris Haddad
 
Why Reshape Reference Architecture
Chris Haddad
 
What reference architecture models to adopt
Chris Haddad
 
How to reshape reference architecture
Chris Haddad
 
Promote Your API Brand and Extend Your API Reach
Chris Haddad
 
Stratos AppFactory in the Cloud tampa meetup-2013-09
Chris Haddad
 
Driving Enterprise Architecture Redesign: Cloud-Native Platforms, APIs, and D...
Chris Haddad
 
Achieve business agility with Cloud APIs, Cloud-aware Apps, and Cloud DevOps ...
Chris Haddad
 
Bridging IaaS With PaaS To Deliver The Service-Oriented Data Center
Chris Haddad
 
New IT Plan
Chris Haddad
 

Recently uploaded (20)

PPTX
QR Codes Qr codecodecodecodecocodedecodecode
SRMediaZone
 
PDF
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
PPT
tcp ip networks nd ip layering assotred slides
pakadamfdp
 
PPTX
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
PPTX
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
 
PDF
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
PDF
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
 
PDF
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
 
PPTX
innovation process that make everything different.pptx
SoumyadipPaul18
 
PPTX
artificial intelligence overview of it and more
yafotin445
 
PDF
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
PPTX
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
PPTX
Introduction to Information and Communication Technology
AkmadArzieAyao1
 
PPTX
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
PPTX
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
PPTX
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
 
PDF
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
 
PDF
Triggering QUIC, presented by Geoff Huston at IETF 123
APNIC
 
PPTX
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
PPTX
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 
QR Codes Qr codecodecodecodecocodedecodecode
SRMediaZone
 
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
tcp ip networks nd ip layering assotred slides
pakadamfdp
 
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
introduction about ICD -10 & ICD-11 ppt.pptx
naveenithkrishnan
 
Paper PDF World Game (s) Great Redesign.pdf
Steven McGee
 
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
 
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
 
innovation process that make everything different.pptx
SoumyadipPaul18
 
artificial intelligence overview of it and more
yafotin445
 
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
Introduction to Information and Communication Technology
AkmadArzieAyao1
 
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
 
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
 
Triggering QUIC, presented by Geoff Huston at IETF 123
APNIC
 
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 

Who is Accessing My API?

  • 2. Who is Accessing My API? Chris Haddad
  • 3. Who is accessing my API? Not this guy again! Copyright © 2015 Cloud Identity Summit. All rights reserved. 3
  • 4. For a Session: Focus Less On Building an API Fortress
  • 5. Copyright © 2015 Cloud Identity Summit . All rights reserved. 5 Think About Identity Driving The API Economy!
  • 7. Copyright © 2015 Cloud Identity Summit . All rights reserved. 7 Enhance Customer Intimacy
  • 8. Copyright © 2015 Cloud Identity Summit . All rights reserved. 8 Extend Your Business Reach
  • 9. Step One: Know Your API Consumer • User • Application • Device • Location Copyright © 2015 Cloud Identity Summit. All rights reserved. 9
  • 10. Identifying the User • SAML Grant Type for Oauth Copyright © 2015 Cloud Identity Summit. All rights reserved. 10
  • 11. Identifying the Application • Oauth 2.0 Bearer Token Copyright © 2015 Cloud Identity Summit. All rights reserved. 11
  • 12. Identifying the Device • What you know? • Universal device identifier • What you have? • Certificate Copyright © 2015 Cloud Identity Summit. All rights reserved. 12
  • 13. Identifying the Location • Mobile Connect Discovery API • GSMA OneAPI Copyright © 2015 Cloud Identity Summit. All rights reserved. 13
  • 14. Action Item: Externalize Identity (as an API) Copyright © 2015 Cloud Identity Summit. All rights reserved. 14
  • 15. Step Two: Know what your API Consumer Wants! http://www.amazon.com/The-Intention-Economy-Customers-Charge/dp/1422158527
  • 16. Step 3: Understand Context • Your Brand • Social Context • Customer, Location • Environment
  • 17. Step 4: Blend Context with Intent {incidents: [ {impacting: false, eventCode: 0, iconURL: "http://...", lat: 38.743999, shortDesc: "Exit ramp closed on I 95...", type: 1, severity: 0, fullDesc: "In NEWINGTON exit ramp closed on I-95 ...", startTime: "2010-02-21T00:14: 07", lng: -77.188004, id: "368598263", endTime: "2010-02-27T05:04:19" }, Image source: http://www.directoryofnewyorkcity.com/blog/2009/05/how-to-find-parking-in-new-york-city/ Real-time traffic map: http://www.mapquestapi.com/traffic/
  • 18. Action Item: Make API Analytics Identity Aware http://wso2.com/landing/enabling-the-connected-business © adam121 - Fotolia.com
  • 19. Copyright © 2015 Cloud Identity Summit . All rights reserved. 19 Step 5: Monetize APIs • Membership service levels • Monetization rates and discounts • Business processes and rules for stores and ecosystem
  • 20. With Identity, Your API can • Responsively interact in the serendipitous, contextual moment • Virally connect ecosystem participants • Drive helpful and relevant decisions • Deliver a compelling end-to-end user experience Copyright © 2015 Cloud Identity Summit. All rights reserved. 20