SlideShare a Scribd company logo

Architecting an Enterprise API Management Strategy

WSO2, profile picture
WSO2

The document discusses strategies for architecting an enterprise API management strategy. It covers factors to consider like whether to treat APIs as a product or tactic. It also discusses API management components like the API publisher and store. The document outlines reference architectures like using API management within an orthogonal toolset. It provides examples of API management for use cases like within a telecommunications ecosystem.

Technology
Related topics:
API Management Trends
1 of 39
Downloaded 2,031 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
Most read
31
32
33
34
35
36
37
38
39
Architec(ng  an  enterprise   API  management  strategy   Mifan  Careem   Director,  Solu0ons  Architecture   WSO2   Mifan  AT  WSO2.com   APIdays    Sydney   February  2015  
Agenda   •  Introduc0on  and  case  studies   •  API  Economy  and  factors   •  API  Management  Overview   •  API  Management  within  a  plaJorm   •  API  Management  demo   •  Reference  Architectures   •  APIs  at  the  edge  and  IoT   •  APIs  Everywhere     •  Applica0on  Governance     Source:  XKCD.com  
WSO2 – Who we are
We help customers become a Connected Business with enterprise middleware
Architecting an Enterprise API Management Strategy
Source: http://www.content-loop.com/a-company-without-apis-is-like-a-computer-without-internet/
Managed APIs and Enterprises o  An  API is a business capability delivered over the Internet to internal or external consumers o  Network accessible function o  Available using standard web protocols o  With well-defined interfaces o  Designed for access by third-parties o  A  Managed  API is: o  Actively advertised and subscribe-able o  Available with SLAs o  Secured, authenticated, authorized and protected o  Monitored and monetized with analytics
Strategy factors •  API as a product vs API based products = API as a strategy vs API as a tactic •  External API management vs internal API management • Developer ecosytem – API ecosystem vs cloud-devops •  API management and the enterprise •  Business model – Pay as you go, revshare, freemium,..
Characteristics of Business APIs ●  Protocols  &  Styles   ●  API  as  the  main  product   ●  API  as  the  brand   ●  Business  Model  -­‐   Mone0za0on   ●  API  Sta0s0cs   ●  Authen0ca0on  &   Authoriza0on   ●  ThroTling   ●  Caching   ●  Deployment  Models  
Architectural factors •  Deployment model •  Distributed deployment, access token caching,… •  On-premise vs cloud vs hybrid, Cloud to enterprise access •  Federated architecture •  Large scale APIs •  Edge API management
Architecting an Enterprise API Management Strategy
API  Centric  SOA   BU-­‐1   BU-­‐2   BU-­‐3   Services   Services   Services   APIs   API  Façade    
API  Centric  Capabili0es  
WSO2  API  Manager  Components   o  Create  APIs   o  Find  and   subscribe/buy   APIs   o  API  Store  and   Governance   o  Manage,  secure   and  protect   APIs   o  API  Management  and   Gateway     o  Monitor  and   Mone0ze  APIs   o  API  Monitoring  and   Analy0cs  
    •  Publish  APIs  to  external  consumers   and  partners,  as  well  as  internal   users;  SOAP  and  REST  services  are   supported   •  Manage  API  versions  (several   versions  can  be  deployed  in   parallel)   •  Govern  the  API  lifecycle  (publish,   deprecate,  re0re)   •  ATach  documenta0on  (files,   external  URLs)  to  APIs   •  Apply  Security  policies  to  APIs   (authen0ca0on,  authoriza0on)   •  ATach  SLAs   •  Provision  and  Manage  API  keys   •  Track  consumers  per  API   •  Monitor  API  usage  and   performance,  SLA  compliance   •  Gather  consumers  requirements   WSO2  API  Manager  :  API  Publisher  
•  Find  useful  APIs  by  browsing  or   searching  through  the  API  Store:   view  top  rated,  top  used  and   featured  APIs   •  Explore  API  documenta0on  and   ask  ques0ons  to  publisher   •  Register  applica0ons  and  obtain   API  keys   •  Subscribe  to  API  changes  and   receive  news   •  Evaluate  APIs,  rate  APIs,  and  share   comments   •  Request  features  and   improvements  from  publishers   •  Par0cipate  in  online  forums   •  OAuth2  support  for  API  access   WSO2  API  Manager  :  API  Consumers  via  API  Store  
Personalized  Experience  
API  Gateway  Processing  Flow  
API  Access  Tokens   o  OAuth2  standard  compliant   o  Supports  mul0ple  grant  types     o  SAML,  IWA/NTLM   o  Client  creden0al,  Implicit,  Password   o  Pre-­‐generated  Access  Token:  can  be  used  from  an  applica0on,  to  iden0fy  the  applica0on   itself   o  On-­‐demand  Access  Token:  generated  via  API  call,  using  Consumer  Key  and  Consumer  Secret   -­‐  Iden0fies  the  end  user  of  an  applica0on  (web  applica0ons,  mobile  applica0ons)   19  
Architecting an Enterprise API Management Strategy
The  big  picture   Source:  hTps://www.flickr.com/photos/photosighJaces/13144863085  
The  Open  Enterprise  is  much  more    than  just  APIs   Credit:  KuppingerCole    
API Management within an orthogonal toolset
API  Manager  Product  and  PlaJorm   24  
Analy0cs  means  business  models   o  API  Manager  supports  out  of  the  box:   o  Google  Analy0cs   o  WSO2  Business  Ac0vity  Monitor  Analy0cs   2 •  Build  confidence  in   the  API  model   •  Understand  your   customer     •  Not  just  the   developer  but   also  the  end-­‐ user   •  Help  manage  services   and  versions   •  Understand   when   deprecated   services  can  be   re0red   •  Plan  beTer   •  Monitor  the   growth  of   aggregated  API   traffic   •  Monitor  the   growth  of   specific  apps  
Scalable  Deployment  
Distributed Deployment
From  edge  API  management  to  large   scale  distributed  API  management  
Reference     Architecture   •  API  as  a  strategic   product   •  Collabora0ve  business   model   •  Scalable  horizontal   deployment   •  Orthogonal  toolset  for   ver0cal  use  cases   •  Federated   architecture   Source:  flickr.com  
Developer  Eco-­‐system  for  Telco   API  Management   Payment   Messaging   Iden0ty   Loca0on  WebRTC   NFC   M2M,…   Enterprise   Developers   Applica0ons  Subscribers   •  U0lize  partners  to   sell  APIs   •  Newer  business   models  –  revenue   share  from  customer   •  Empower  eco-­‐ system  for  RAD   OTT  Customers  
Telco  API  Management   API  Gateway   API  Store   Operator  Portal   Transforma0on   Adapters   Backend   Systems   (CRM)   Backend   Systems   (Diameter)   Iden0ty   API  Publisher   Workflows   Audi0ng  and   Repor0ng   Developer     Ecosystem   Event  Processing  
Federated  Architecture  and  the  Telco  ecosystem   Telco  API    Mgmt   API  Gateway   API  Store   Developer  Portal   Iden0ty   API  Publisher   Workflows   Audi0ng  and   Repor0ng   Event  Processing  Discovery  and   Rou0ng    Standard  API   NFC                Payment      Messaging    Iden0ty     Telco  API  Mgmt   Enterpris e   Developer s   Applica0ons  Subscribers   OTT   Customers  
API Management at the Edge •  Raw devices can expose functionality as APIs •  Functional capabilities (actuators) – Function APIs •  Administration capabilities (management) – Management APIs •  Monitoring capabilities (sensor data) – Sensor APIs •  E.g: GET hTp://{ip}/{loca0onid}/sensors/temperature   •  Augment  device  capability   •  ThroTling   •  Caching   •  Request  rou0ng   •  Stats  collec0on  and  monitoring   •  Decision  making   •  Security   •  Authoriza0on  based  on  token  (Oauth)  
*  *   API   Management   and  IoT   Device  Queue   Media(on/   Rou(ng   Device   Gateway   App   End  User   Authoriza(on   Manager   Sta(s(cs   Processing   Devi ce   Device  Hub   Devi Devi ce   Devi ce   Device   Management   Iden(ty   Management  
*  *   WSO2-­‐  Reference  Architecture  for  IoT  
Application Services Governance and APIs Everywhere •  One click API capability •  Governance of API, Services, resources within an enterprise with Unified Governance •  Life cycle automation with WSO2 Appfactory
WSO2  Appfactory,  WSO2  Private  PaaS  and   WSO2    App  Manager   IdP     (WSO2  Iden(ty   Server)   (WSO2  Business   Ac(vity   Monitor)  
Summary   •  Introduc0on  and  case  studies   •  API  Economy  and  factors   •  API  Management  Overview   •  API  Management  within  a  plaJorm   •  API  Management  demo   •  Reference  Architectures   •  APIs  at  the  edge  and  IoT   •  APIs  Everywhere     •  Applica0on  Governance    
Contact  Us  

More Related Content

PPTX
Guide to an API-first Strategy
Kellton Tech Solutions Ltd
 
PPTX
API Governance in the Enterprise
Apigee | Google Cloud
 
PPTX
How to Execute a Successful API Strategy
Matt McLarty
 
PDF
Definitive Guide to API Management
Apigee | Google Cloud
 
PPTX
API Strategy Introduction
Doug Gregory
 
PPTX
API Management in Digital Transformation
Aditya Thatte
 
PDF
API Governance
Sunil Kuchipudi
 
PDF
API Management Solution Powerpoint Presentation Slides
SlideTeam
 
Guide to an API-first Strategy
Kellton Tech Solutions Ltd
 
API Governance in the Enterprise
Apigee | Google Cloud
 
How to Execute a Successful API Strategy
Matt McLarty
 
Definitive Guide to API Management
Apigee | Google Cloud
 
API Strategy Introduction
Doug Gregory
 
API Management in Digital Transformation
Aditya Thatte
 
API Governance
Sunil Kuchipudi
 
API Management Solution Powerpoint Presentation Slides
SlideTeam
 

What's hot (20)

PPTX
API Management Within a Microservices Architecture
Nadeesha Gamage
 
PDF
How Secure Are Your APIs?
Apigee | Google Cloud
 
PDF
API Business Models
John Musser
 
PDF
API Management - Why it matters!
Sven Bernhardt
 
PDF
Apigee Demo: API Platform Overview
Apigee | Google Cloud
 
PDF
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Kai Wähner
 
PPTX
Apigee Products Overview
Apigee | Google Cloud
 
PDF
API Monetization
Capgemini
 
PPT
API Strategy Presentation
Lawrence Coburn
 
PPTX
API Management Part 1 - An Introduction to Azure API Management
BizTalk360
 
PPTX
API Best Practices
Sai Koppala
 
PPTX
Monetization: Unlock More Value from Your APIs
Apigee | Google Cloud
 
PPTX
API Frenzy: API Strategy 101
Akana
 
PPTX
API as-a-Product with Azure API Management (APIM)
Bishoy Demian
 
PPTX
Apigee Edge Overview and Roadmap
Apigee | Google Cloud
 
PPTX
How to Execute a Successful API Strategy
Matt McLarty
 
PDF
Top Trends in Application Architecture That Enable.pdf
MantoshKumarSingh7
 
PDF
KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...
John Musser
 
PPT
API Management architect presentation
sflynn073
 
PPTX
Deep-Dive: Secure API Management
Apigee | Google Cloud
 
API Management Within a Microservices Architecture
Nadeesha Gamage
 
How Secure Are Your APIs?
Apigee | Google Cloud
 
API Business Models
John Musser
 
API Management - Why it matters!
Sven Bernhardt
 
Apigee Demo: API Platform Overview
Apigee | Google Cloud
 
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Kai Wähner
 
Apigee Products Overview
Apigee | Google Cloud
 
API Monetization
Capgemini
 
API Strategy Presentation
Lawrence Coburn
 
API Management Part 1 - An Introduction to Azure API Management
BizTalk360
 
API Best Practices
Sai Koppala
 
Monetization: Unlock More Value from Your APIs
Apigee | Google Cloud
 
API Frenzy: API Strategy 101
Akana
 
API as-a-Product with Azure API Management (APIM)
Bishoy Demian
 
Apigee Edge Overview and Roadmap
Apigee | Google Cloud
 
How to Execute a Successful API Strategy
Matt McLarty
 
Top Trends in Application Architecture That Enable.pdf
MantoshKumarSingh7
 
KPIs for APIs (and how API Calls are the new Web Hits, and you may be measuri...
John Musser
 
API Management architect presentation
sflynn073
 
Deep-Dive: Secure API Management
Apigee | Google Cloud
 
Ad

Similar to Architecting an Enterprise API Management Strategy (20)

PDF
API Management within a Microservice Architecture
WSO2
 
PDF
Application Development with API Manager
WSO2
 
PDF
[Workshop] Managing the API lifecycle with Open Source Technologies
WSO2
 
PDF
[WSO2 Summit EMEA 2020] APIs: The Products of the 21st Century
WSO2
 
PDF
WSO2 API Manager 2.0 - Overview
Edgar Silva
 
PDF
Api management best practices with wso2 api manager
Chanaka Fernando
 
PDF
Introducing WSO2 API Manager for Mobile Applications and Rapid Integration
WSO2
 
PPTX
Open api in enterprise
Guru Lakshmeekar B
 
PDF
[WSO2Con EU 2018] WSO2 API Manager - Why, What, How, and What's Next
WSO2
 
PDF
Presentation WSO2 workshop Brussels September 24th 2014 (APIs-Integration)
Yenlo
 
PDF
WSO2 API Manager - Product Overview
WSO2
 
PDF
[WSO2 Integration Summit Bern 2019] Transforming Your Business through APIs
WSO2
 
PPTX
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2
 
PPTX
API Management Platform Technical Evaluation Framework
WSO2
 
PDF
APIs - The Foundation of the Future Telco
WSO2
 
PPTX
WSO2 Workshop Sydney 2016 - APIs
Dassana Wijesekara
 
PDF
[Workshop] API-driven Integration
WSO2
 
PDF
Building an API Centric SOA
WSO2
 
PDF
Api centric enterprises
WSO2
 
PDF
WSO2 User Group Bangalore Meetup
WSO2
 
API Management within a Microservice Architecture
WSO2
 
Application Development with API Manager
WSO2
 
[Workshop] Managing the API lifecycle with Open Source Technologies
WSO2
 
[WSO2 Summit EMEA 2020] APIs: The Products of the 21st Century
WSO2
 
WSO2 API Manager 2.0 - Overview
Edgar Silva
 
Api management best practices with wso2 api manager
Chanaka Fernando
 
Introducing WSO2 API Manager for Mobile Applications and Rapid Integration
WSO2
 
Open api in enterprise
Guru Lakshmeekar B
 
[WSO2Con EU 2018] WSO2 API Manager - Why, What, How, and What's Next
WSO2
 
Presentation WSO2 workshop Brussels September 24th 2014 (APIs-Integration)
Yenlo
 
WSO2 API Manager - Product Overview
WSO2
 
[WSO2 Integration Summit Bern 2019] Transforming Your Business through APIs
WSO2
 
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2
 
API Management Platform Technical Evaluation Framework
WSO2
 
APIs - The Foundation of the Future Telco
WSO2
 
WSO2 Workshop Sydney 2016 - APIs
Dassana Wijesekara
 
[Workshop] API-driven Integration
WSO2
 
Building an API Centric SOA
WSO2
 
Api centric enterprises
WSO2
 
WSO2 User Group Bangalore Meetup
WSO2
 
Ad

More from WSO2 (20)

PDF
Demystifying CMS-0057-F - Compliance Made Seamless with WSO2
WSO2
 
PDF
Quantum Threats Are Closer Than You Think – Act Now to Stay Secure
WSO2
 
PDF
Modern Platform Engineering with Choreo - The AI-Native Internal Developer Pl...
WSO2
 
PDF
Application Modernization with Choreo - The AI-Native Internal Developer Plat...
WSO2
 
PDF
Build Smarter, Deliver Faster with Choreo - An AI Native Internal Developer P...
WSO2
 
PDF
Platformless Modernization with Choreo.pdf
WSO2
 
PDF
Application Modernization with Choreo for the BFSI Sector
WSO2
 
PDF
Choreo - The AI-Native Internal Developer Platform as a Service: Overview
WSO2
 
PDF
[Roundtable] Choreo - The AI-Native Internal Developer Platform as a Service
WSO2
 
PPTX
WSO2Con 2025 - Building AI Applications in the Enterprise (Part 1)
WSO2
 
PPTX
WSO2Con 2025 - Building Secure Business Customer and Partner Experience (B2B)...
WSO2
 
PPTX
WSO2Con 2025 - Building Secure Customer Experience Apps
WSO2
 
PPTX
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
PPTX
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
PPTX
WSO2Con 2025 - Unified Management of Ingress and Egress Across Multiple API G...
WSO2
 
PPTX
WSO2Con 2025 - How an Internal Developer Platform Lets Developers Focus on Code
WSO2
 
PPTX
WSO2Con 2025 - Architecting Cloud-Native Applications
WSO2
 
PDF
Mastering Intelligent Digital Experiences with Platformless Modernization
WSO2
 
PDF
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
PDF
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
Demystifying CMS-0057-F - Compliance Made Seamless with WSO2
WSO2
 
Quantum Threats Are Closer Than You Think – Act Now to Stay Secure
WSO2
 
Modern Platform Engineering with Choreo - The AI-Native Internal Developer Pl...
WSO2
 
Application Modernization with Choreo - The AI-Native Internal Developer Plat...
WSO2
 
Build Smarter, Deliver Faster with Choreo - An AI Native Internal Developer P...
WSO2
 
Platformless Modernization with Choreo.pdf
WSO2
 
Application Modernization with Choreo for the BFSI Sector
WSO2
 
Choreo - The AI-Native Internal Developer Platform as a Service: Overview
WSO2
 
[Roundtable] Choreo - The AI-Native Internal Developer Platform as a Service
WSO2
 
WSO2Con 2025 - Building AI Applications in the Enterprise (Part 1)
WSO2
 
WSO2Con 2025 - Building Secure Business Customer and Partner Experience (B2B)...
WSO2
 
WSO2Con 2025 - Building Secure Customer Experience Apps
WSO2
 
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
WSO2Con 2025 - AI-Driven API Design, Development, and Consumption with Enhanc...
WSO2
 
WSO2Con 2025 - Unified Management of Ingress and Egress Across Multiple API G...
WSO2
 
WSO2Con 2025 - How an Internal Developer Platform Lets Developers Focus on Code
WSO2
 
WSO2Con 2025 - Architecting Cloud-Native Applications
WSO2
 
Mastering Intelligent Digital Experiences with Platformless Modernization
WSO2
 
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 

Recently uploaded (20)

PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Advanced Soft Computing BINUS July 2025.pdf
University of Hertfordshire
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PPTX
breach-and-attack-simulation-cybersecurity-india-chennai-defenderrabbit-2025....
defencerabbit Team
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Cloud computing and distributed systems.
kkkkkhan
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Approach and Philosophy of On baking technology
30anthuong17
 
Advanced Soft Computing BINUS July 2025.pdf
University of Hertfordshire
 
KodekX | Application Modernization Development
KodekX
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
breach-and-attack-simulation-cybersecurity-india-chennai-defenderrabbit-2025....
defencerabbit Team
 

Architecting an Enterprise API Management Strategy

  • 1. Architec(ng  an  enterprise   API  management  strategy   Mifan  Careem   Director,  Solu0ons  Architecture   WSO2   Mifan  AT  WSO2.com   APIdays    Sydney   February  2015  
  • 2. Agenda   •  Introduc0on  and  case  studies   •  API  Economy  and  factors   •  API  Management  Overview   •  API  Management  within  a  plaJorm   •  API  Management  demo   •  Reference  Architectures   •  APIs  at  the  edge  and  IoT   •  APIs  Everywhere     •  Applica0on  Governance     Source:  XKCD.com  
  • 3. WSO2 – Who we are
  • 7. Managed APIs and Enterprises o  An  API is a business capability delivered over the Internet to internal or external consumers o  Network accessible function o  Available using standard web protocols o  With well-defined interfaces o  Designed for access by third-parties o  A  Managed  API is: o  Actively advertised and subscribe-able o  Available with SLAs o  Secured, authenticated, authorized and protected o  Monitored and monetized with analytics
  • 8. Strategy factors •  API as a product vs API based products = API as a strategy vs API as a tactic •  External API management vs internal API management • Developer ecosytem – API ecosystem vs cloud-devops •  API management and the enterprise •  Business model – Pay as you go, revshare, freemium,..
  • 9. Characteristics of Business APIs ●  Protocols  &  Styles   ●  API  as  the  main  product   ●  API  as  the  brand   ●  Business  Model  -­‐   Mone0za0on   ●  API  Sta0s0cs   ●  Authen0ca0on  &   Authoriza0on   ●  ThroTling   ●  Caching   ●  Deployment  Models  
  • 10. Architectural factors •  Deployment model •  Distributed deployment, access token caching,… •  On-premise vs cloud vs hybrid, Cloud to enterprise access •  Federated architecture •  Large scale APIs •  Edge API management
  • 12. API  Centric  SOA   BU-­‐1   BU-­‐2   BU-­‐3   Services   Services   Services   APIs   API  Façade    
  • 14. WSO2  API  Manager  Components   o  Create  APIs   o  Find  and   subscribe/buy   APIs   o  API  Store  and   Governance   o  Manage,  secure   and  protect   APIs   o  API  Management  and   Gateway     o  Monitor  and   Mone0ze  APIs   o  API  Monitoring  and   Analy0cs  
  • 15.     •  Publish  APIs  to  external  consumers   and  partners,  as  well  as  internal   users;  SOAP  and  REST  services  are   supported   •  Manage  API  versions  (several   versions  can  be  deployed  in   parallel)   •  Govern  the  API  lifecycle  (publish,   deprecate,  re0re)   •  ATach  documenta0on  (files,   external  URLs)  to  APIs   •  Apply  Security  policies  to  APIs   (authen0ca0on,  authoriza0on)   •  ATach  SLAs   •  Provision  and  Manage  API  keys   •  Track  consumers  per  API   •  Monitor  API  usage  and   performance,  SLA  compliance   •  Gather  consumers  requirements   WSO2  API  Manager  :  API  Publisher  
  • 16. •  Find  useful  APIs  by  browsing  or   searching  through  the  API  Store:   view  top  rated,  top  used  and   featured  APIs   •  Explore  API  documenta0on  and   ask  ques0ons  to  publisher   •  Register  applica0ons  and  obtain   API  keys   •  Subscribe  to  API  changes  and   receive  news   •  Evaluate  APIs,  rate  APIs,  and  share   comments   •  Request  features  and   improvements  from  publishers   •  Par0cipate  in  online  forums   •  OAuth2  support  for  API  access   WSO2  API  Manager  :  API  Consumers  via  API  Store  
  • 19. API  Access  Tokens   o  OAuth2  standard  compliant   o  Supports  mul0ple  grant  types     o  SAML,  IWA/NTLM   o  Client  creden0al,  Implicit,  Password   o  Pre-­‐generated  Access  Token:  can  be  used  from  an  applica0on,  to  iden0fy  the  applica0on   itself   o  On-­‐demand  Access  Token:  generated  via  API  call,  using  Consumer  Key  and  Consumer  Secret   -­‐  Iden0fies  the  end  user  of  an  applica0on  (web  applica0ons,  mobile  applica0ons)   19  
  • 21. The  big  picture   Source:  hTps://www.flickr.com/photos/photosighJaces/13144863085  
  • 22. The  Open  Enterprise  is  much  more    than  just  APIs   Credit:  KuppingerCole    
  • 23. API Management within an orthogonal toolset
  • 24. API  Manager  Product  and  PlaJorm   24  
  • 25. Analy0cs  means  business  models   o  API  Manager  supports  out  of  the  box:   o  Google  Analy0cs   o  WSO2  Business  Ac0vity  Monitor  Analy0cs   2 •  Build  confidence  in   the  API  model   •  Understand  your   customer     •  Not  just  the   developer  but   also  the  end-­‐ user   •  Help  manage  services   and  versions   •  Understand   when   deprecated   services  can  be   re0red   •  Plan  beTer   •  Monitor  the   growth  of   aggregated  API   traffic   •  Monitor  the   growth  of   specific  apps  
  • 28. From  edge  API  management  to  large   scale  distributed  API  management  
  • 29. Reference     Architecture   •  API  as  a  strategic   product   •  Collabora0ve  business   model   •  Scalable  horizontal   deployment   •  Orthogonal  toolset  for   ver0cal  use  cases   •  Federated   architecture   Source:  flickr.com  
  • 30. Developer  Eco-­‐system  for  Telco   API  Management   Payment   Messaging   Iden0ty   Loca0on  WebRTC   NFC   M2M,…   Enterprise   Developers   Applica0ons  Subscribers   •  U0lize  partners  to   sell  APIs   •  Newer  business   models  –  revenue   share  from  customer   •  Empower  eco-­‐ system  for  RAD   OTT  Customers  
  • 31. Telco  API  Management   API  Gateway   API  Store   Operator  Portal   Transforma0on   Adapters   Backend   Systems   (CRM)   Backend   Systems   (Diameter)   Iden0ty   API  Publisher   Workflows   Audi0ng  and   Repor0ng   Developer     Ecosystem   Event  Processing  
  • 32. Federated  Architecture  and  the  Telco  ecosystem   Telco  API    Mgmt   API  Gateway   API  Store   Developer  Portal   Iden0ty   API  Publisher   Workflows   Audi0ng  and   Repor0ng   Event  Processing  Discovery  and   Rou0ng    Standard  API   NFC                Payment      Messaging    Iden0ty     Telco  API  Mgmt   Enterpris e   Developer s   Applica0ons  Subscribers   OTT   Customers  
  • 33. API Management at the Edge •  Raw devices can expose functionality as APIs •  Functional capabilities (actuators) – Function APIs •  Administration capabilities (management) – Management APIs •  Monitoring capabilities (sensor data) – Sensor APIs •  E.g: GET hTp://{ip}/{loca0onid}/sensors/temperature   •  Augment  device  capability   •  ThroTling   •  Caching   •  Request  rou0ng   •  Stats  collec0on  and  monitoring   •  Decision  making   •  Security   •  Authoriza0on  based  on  token  (Oauth)  
  • 34. *  *   API   Management   and  IoT   Device  Queue   Media(on/   Rou(ng   Device   Gateway   App   End  User   Authoriza(on   Manager   Sta(s(cs   Processing   Devi ce   Device  Hub   Devi Devi ce   Devi ce   Device   Management   Iden(ty   Management  
  • 35. *  *   WSO2-­‐  Reference  Architecture  for  IoT  
  • 36. Application Services Governance and APIs Everywhere •  One click API capability •  Governance of API, Services, resources within an enterprise with Unified Governance •  Life cycle automation with WSO2 Appfactory
  • 37. WSO2  Appfactory,  WSO2  Private  PaaS  and   WSO2    App  Manager   IdP     (WSO2  Iden(ty   Server)   (WSO2  Business   Ac(vity   Monitor)  
  • 38. Summary   •  Introduc0on  and  case  studies   •  API  Economy  and  factors   •  API  Management  Overview   •  API  Management  within  a  plaJorm   •  API  Management  demo   •  Reference  Architectures   •  APIs  at  the  edge  and  IoT   •  APIs  Everywhere     •  Applica0on  Governance