The Journey of an OpenAPI platform

Transcript

1. The Journey of an API Platform

2. Alvaro Navarro Developer Advocate

3. Why building an API platform? Main benefits for opening your

   APIs Promotes Innovation and Cocreation Open up new Business Opportunities Unlocks value of existing data

4. Defining the idea Photo by AbsolutVision on Unsplash

5. Defining the idea Platform characteristics Onboarding process: Self-Service, Manual validation

   Environments: Sandbox, Production Security: OAuth2 Support: from others APIs already delivered API Platform: Monitoring, Lifecycle, Usage

6. Building the Catalogue Photo by Markus Spiske on Unsplash

7. 1 Proposal Step-by-step expansion process Building the API Catalogue

8. Open APIs proposal Drivers Market demands Innovation trends. Competitors’ offering

   Quick wins from others APIs already delivered Complement with Partner APIs

9. 1 Proposal BUs, Legal & Security Approval 2 Step-by-step expansion

   process Building the API Catalogue

10. Building the catalogue Getting the approval

11. Building the catalogue Getting the approval

12. Building the catalogue Getting the approval

13. Building the catalogue Getting the approval

14. 1 Proposal 3 BUs, Legal & Security Approval API Governance

    Board 2 Step-by-step expansion process Building the API Catalogue

15. API Design What is the API Governance? • Define the

    Use Case of the API • Flows (how to use the API) • Data Dictionary • URI • Examples • Swagger Specs API Designer Experts Owner of Rules & Guidelines Owner of Data Dictionary Owner of Processes

16. API Design Why API Governance is important? As a Designer

    Design guidelines and standardization: Errors Endpoints naming Improvements Data dictionaries Not only API Validation, support around APIs A place where designers can speak As a Consumer Better API integration

17. API Design Example of guidelines: API versioning Using URLs http://api.amadeus.com/v1/flight-search

    http://api.amadeus.com/2018/flight-search http://api.amadeus.com/2018/02/flight-search Using HTTP Header Accept: application/vnd.amadeus.v1 Accept-Version: 1 Using a Query parameter http://api.amadeus.com/flight-search?version=1

18. 1 Proposal 3 BUs, Legal & Security Approval Development and

    Deployment 4 API Governance Board 2 Step-by-step expansion process Building the API Catalogue

19. 1 1 API and Swagger locally created Traditional API Deployment

    flow

20. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 API Gateway Traditional API Deployment flow

21. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 Set up routes on Amadeus premises 3 API Gateway Traditional API Deployment flow

22. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 4 Setup security configuration 3 4 API Gateway Auth Traditional API Deployment flow 3 Set up routes on Amadeus premises

23. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 4 Auth API Gateway 5 5 Deploy API implementation on backend API Traditional API Deployment flow 4 Setup security configuration 3 Set up routes on Amadeus premises

24. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 4 Auth API Gateway 5 API Traditional API Deployment flow 5 Deploy API implementation on backend 4 Setup security configuration 3 Set up routes on Amadeus premises

25. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 4 Auth API Gateway 5 API Traditional API Deployment flow 5 Deploy API implementation on backend 4 Setup security configuration 3 Set up routes on Amadeus premises ¯\_(
    )_/¯

26. 1 Serverless API Deployment flow 1 Model commit and optionally

    tag

27. 1 2 2 Run tests on every commit and start

    deployment Serverless API Deployment flow 1 Model commit and optionally tag

28. 1 2 3 3 Serverless Environment and swagger generation Serverless

    API Deployment flow API Gateway 2 Run tests on every commit and start deployment 1 Model commit and optionally tag

29. 1 2 3 4 Model deployment on public Cloud Serverless

    API Deployment flow 4 API Gateway 3 Serverless Environment and swagger generation 2 Run tests on every commit and start deployment 1 Model commit and optionally tag

30. 1 2 3 Serverless API Deployment flow 4 < 1

    minute API Gateway 4 Model deployment on public Cloud 3 Serverless Environment and swagger generation 2 Run tests on every commit and start deployment 1 Model commit and optionally tag

31. Traditional vs Serverless Traditional Sensible data content Inherited implementation Serverless

    Speed to Market No infrastructure to maintain Continuous experimentation enabler Pay per Use

32. 1 Proposal 3 BUs, Legal & Security Approval 5 Development

    and Deployment 4 API Governance Board 2 Testing Step-by-step expansion process Building the API Catalogue

33. Beta Tester program Engaging developers to test your APIs Tests

    and shape the new APIs Community (internal & external) Remote usability tests (~45 minutes) Beta Tester rewards

34. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1

35. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token

36. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token 3 3 Fake backend with static JSON responses

37. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token 3 3 Fake backend with static JSON responses 4 4 Private repository with automatic deployment

38. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token 3 3 Fake backend with static JSON responses 4 4 Private repository with automatic deployment 5 5 APIs shootable from Postman (or code)
39. None
40. None

41. © Amadeus IT Group and its affiliates and subsidiaries •

    First time Amadeus attends Hackwars, hackathon organized annually by American Airlines • 24 hours long, 20th-21st April 2018 • 1200 developers, 120 teams • 37 tech providers, including: Google, Amazon, IBM, Red-Hat, Oracle, Salesforce, MongoDB, GitHub, Docker, Intel, Cisco... Hackathons American Airlines Hackathon Key Figures

42. © Amadeus IT Group and its affiliates and subsidiaries •

    Hack the Journey, Nice • HackWars V, Dallas • Hack the Journey, Madrid • #Hack4SD, Oviedo • Blockchained Mobility Hackathon, Munich • Futurize, Bangalore • Hack MIT, Boston • Turkish Airlines Hackathon, Istanbul • South Summit, Madrid Hackathons Several Hackathons - Different approaches

43. Before the event During the event After the event 1.

    Preliminary interviews / surveys 2. Direct observation 3. Support questions 4. Additional challenges 5. Teams’ interviews 6. Anonymous surveys 7. Monitor metrics 8. Follow up with participants Maximizing the value of the Hackathons How do we collect and measure feedback?

44. 1 Proposal 3 BUs, Legal & Security Approval 5 Development

    and Deployment 4 API Governance Board 2 Testing Release Step-by-step expansion process Building the API Catalogue

45. Developer Experience

46. Developer Experience Platform characteristics Documentation: Static, Dynamic Tutorials and Sample

    code SDK: How many languages?

47. Photo by Yvette de Wit on Unsplash

48. • Open innovation programs bring always value • Test from

    early phases of the program • Be consistent with the APIs • Listen to your API consumers! Conclusions & key takeaways

49. Thank you! Thank you! developers.amadeus.com @amadeus4dev amadeus4dev [email protected]