The Journey of an OpenAPI platform

The Journey of an OpenAPI platform

5538316cd7917cae8241cc4e6d481ad6?s=128

Alvaro Navarro

April 24, 2019
Tweet

Transcript

  1. 3.

    Why building an API platform? Main benefits for opening your

    APIs Promotes Innovation and Cocreation Open up new Business Opportunities Unlocks value of existing data
  2. 5.

    Defining the idea Platform characteristics Onboarding process: Self-Service, Manual validation

    Environments: Sandbox, Production Security: OAuth2 Support: from others APIs already delivered API Platform: Monitoring, Lifecycle, Usage
  3. 8.

    Open APIs proposal Drivers Market demands Innovation trends. Competitors’ offering

    Quick wins from others APIs already delivered Complement with Partner APIs
  4. 14.

    1 Proposal 3 BUs, Legal & Security Approval API Governance

    Board 2 Step-by-step expansion process Building the API Catalogue
  5. 15.

    API Design What is the API Governance? • Define the

    Use Case of the API • Flows (how to use the API) • Data Dictionary • URI • Examples • Swagger Specs API Designer Experts Owner of Rules & Guidelines Owner of Data Dictionary Owner of Processes
  6. 16.

    API Design Why API Governance is important? As a Designer

    Design guidelines and standardization: Errors Endpoints naming Improvements Data dictionaries Not only API Validation, support around APIs A place where designers can speak As a Consumer Better API integration
  7. 17.

    API Design Example of guidelines: API versioning Using URLs http://api.amadeus.com/v1/flight-search

    http://api.amadeus.com/2018/flight-search http://api.amadeus.com/2018/02/flight-search Using HTTP Header Accept: application/vnd.amadeus.v1 Accept-Version: 1 Using a Query parameter http://api.amadeus.com/flight-search?version=1
  8. 18.

    1 Proposal 3 BUs, Legal & Security Approval Development and

    Deployment 4 API Governance Board 2 Step-by-step expansion process Building the API Catalogue
  9. 20.

    1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 API Gateway Traditional API Deployment flow
  10. 21.

    1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 Set up routes on Amadeus premises 3 API Gateway Traditional API Deployment flow
  11. 22.

    1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 4 Setup security configuration 3 4 API Gateway Auth Traditional API Deployment flow 3 Set up routes on Amadeus premises
  12. 23.

    1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 4 Auth API Gateway 5 5 Deploy API implementation on backend API Traditional API Deployment flow 4 Setup security configuration 3 Set up routes on Amadeus premises
  13. 24.

    1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 4 Auth API Gateway 5 API Traditional API Deployment flow 5 Deploy API implementation on backend 4 Setup security configuration 3 Set up routes on Amadeus premises
  14. 25.

    1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 4 Auth API Gateway 5 API Traditional API Deployment flow 5 Deploy API implementation on backend 4 Setup security configuration 3 Set up routes on Amadeus premises ¯\_()_/¯
  15. 27.

    1 2 2 Run tests on every commit and start

    deployment Serverless API Deployment flow 1 Model commit and optionally tag
  16. 28.

    1 2 3 3 Serverless Environment and swagger generation Serverless

    API Deployment flow API Gateway 2 Run tests on every commit and start deployment 1 Model commit and optionally tag
  17. 29.

    1 2 3 4 Model deployment on public Cloud Serverless

    API Deployment flow 4 API Gateway 3 Serverless Environment and swagger generation 2 Run tests on every commit and start deployment 1 Model commit and optionally tag
  18. 30.

    1 2 3 Serverless API Deployment flow 4 < 1

    minute API Gateway 4 Model deployment on public Cloud 3 Serverless Environment and swagger generation 2 Run tests on every commit and start deployment 1 Model commit and optionally tag
  19. 31.

    Traditional vs Serverless Traditional Sensible data content Inherited implementation Serverless

    Speed to Market No infrastructure to maintain Continuous experimentation enabler Pay per Use
  20. 32.

    1 Proposal 3 BUs, Legal & Security Approval 5 Development

    and Deployment 4 API Governance Board 2 Testing Step-by-step expansion process Building the API Catalogue
  21. 33.

    Beta Tester program Engaging developers to test your APIs Tests

    and shape the new APIs Community (internal & external) Remote usability tests (~45 minutes) Beta Tester rewards
  22. 35.

    Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token
  23. 36.

    Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token 3 3 Fake backend with static JSON responses
  24. 37.

    Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token 3 3 Fake backend with static JSON responses 4 4 Private repository with automatic deployment
  25. 38.

    Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token 3 3 Fake backend with static JSON responses 4 4 Private repository with automatic deployment 5 5 APIs shootable from Postman (or code)
  26. 39.
  27. 40.
  28. 41.

    © Amadeus IT Group and its affiliates and subsidiaries •

    First time Amadeus attends Hackwars, hackathon organized annually by American Airlines • 24 hours long, 20th-21st April 2018 • 1200 developers, 120 teams • 37 tech providers, including: Google, Amazon, IBM, Red-Hat, Oracle, Salesforce, MongoDB, GitHub, Docker, Intel, Cisco... Hackathons American Airlines Hackathon Key Figures
  29. 42.

    © Amadeus IT Group and its affiliates and subsidiaries •

    Hack the Journey, Nice • HackWars V, Dallas • Hack the Journey, Madrid • #Hack4SD, Oviedo • Blockchained Mobility Hackathon, Munich • Futurize, Bangalore • Hack MIT, Boston • Turkish Airlines Hackathon, Istanbul • South Summit, Madrid Hackathons Several Hackathons - Different approaches
  30. 43.

    Before the event During the event After the event 1.

    Preliminary interviews / surveys 2. Direct observation 3. Support questions 4. Additional challenges 5. Teams’ interviews 6. Anonymous surveys 7. Monitor metrics 8. Follow up with participants Maximizing the value of the Hackathons How do we collect and measure feedback?
  31. 44.

    1 Proposal 3 BUs, Legal & Security Approval 5 Development

    and Deployment 4 API Governance Board 2 Testing Release Step-by-step expansion process Building the API Catalogue
  32. 48.

    • Open innovation programs bring always value • Test from

    early phases of the program • Be consistent with the APIs • Listen to your API consumers! Conclusions & key takeaways