Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The Journey of an OpenAPI platform

The Journey of an OpenAPI platform

5538316cd7917cae8241cc4e6d481ad6?s=128

Alvaro Navarro

April 24, 2019
Tweet

Transcript

  1. The Journey of an API Platform

  2. Alvaro Navarro Developer Advocate

  3. Why building an API platform? Main benefits for opening your

    APIs Promotes Innovation and Cocreation Open up new Business Opportunities Unlocks value of existing data
  4. Defining the idea Photo by AbsolutVision on Unsplash

  5. Defining the idea Platform characteristics Onboarding process: Self-Service, Manual validation

    Environments: Sandbox, Production Security: OAuth2 Support: from others APIs already delivered API Platform: Monitoring, Lifecycle, Usage
  6. Building the Catalogue Photo by Markus Spiske on Unsplash

  7. 1 Proposal Step-by-step expansion process Building the API Catalogue

  8. Open APIs proposal Drivers Market demands Innovation trends. Competitors’ offering

    Quick wins from others APIs already delivered Complement with Partner APIs
  9. 1 Proposal BUs, Legal & Security Approval 2 Step-by-step expansion

    process Building the API Catalogue
  10. Building the catalogue Getting the approval

  11. Building the catalogue Getting the approval

  12. Building the catalogue Getting the approval

  13. Building the catalogue Getting the approval

  14. 1 Proposal 3 BUs, Legal & Security Approval API Governance

    Board 2 Step-by-step expansion process Building the API Catalogue
  15. API Design What is the API Governance? • Define the

    Use Case of the API • Flows (how to use the API) • Data Dictionary • URI • Examples • Swagger Specs API Designer Experts Owner of Rules & Guidelines Owner of Data Dictionary Owner of Processes
  16. API Design Why API Governance is important? As a Designer

    Design guidelines and standardization: Errors Endpoints naming Improvements Data dictionaries Not only API Validation, support around APIs A place where designers can speak As a Consumer Better API integration
  17. API Design Example of guidelines: API versioning Using URLs http://api.amadeus.com/v1/flight-search

    http://api.amadeus.com/2018/flight-search http://api.amadeus.com/2018/02/flight-search Using HTTP Header Accept: application/vnd.amadeus.v1 Accept-Version: 1 Using a Query parameter http://api.amadeus.com/flight-search?version=1
  18. 1 Proposal 3 BUs, Legal & Security Approval Development and

    Deployment 4 API Governance Board 2 Step-by-step expansion process Building the API Catalogue
  19. 1 1 API and Swagger locally created Traditional API Deployment

    flow
  20. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 API Gateway Traditional API Deployment flow
  21. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 Set up routes on Amadeus premises 3 API Gateway Traditional API Deployment flow
  22. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 4 Setup security configuration 3 4 API Gateway Auth Traditional API Deployment flow 3 Set up routes on Amadeus premises
  23. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 4 Auth API Gateway 5 5 Deploy API implementation on backend API Traditional API Deployment flow 4 Setup security configuration 3 Set up routes on Amadeus premises
  24. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 4 Auth API Gateway 5 API Traditional API Deployment flow 5 Deploy API implementation on backend 4 Setup security configuration 3 Set up routes on Amadeus premises
  25. 1 1 API and Swagger locally created 2 New routes

    on the API Gateway 2 3 4 Auth API Gateway 5 API Traditional API Deployment flow 5 Deploy API implementation on backend 4 Setup security configuration 3 Set up routes on Amadeus premises ¯\_()_/¯
  26. 1 Serverless API Deployment flow 1 Model commit and optionally

    tag
  27. 1 2 2 Run tests on every commit and start

    deployment Serverless API Deployment flow 1 Model commit and optionally tag
  28. 1 2 3 3 Serverless Environment and swagger generation Serverless

    API Deployment flow API Gateway 2 Run tests on every commit and start deployment 1 Model commit and optionally tag
  29. 1 2 3 4 Model deployment on public Cloud Serverless

    API Deployment flow 4 API Gateway 3 Serverless Environment and swagger generation 2 Run tests on every commit and start deployment 1 Model commit and optionally tag
  30. 1 2 3 Serverless API Deployment flow 4 < 1

    minute API Gateway 4 Model deployment on public Cloud 3 Serverless Environment and swagger generation 2 Run tests on every commit and start deployment 1 Model commit and optionally tag
  31. Traditional vs Serverless Traditional Sensible data content Inherited implementation Serverless

    Speed to Market No infrastructure to maintain Continuous experimentation enabler Pay per Use
  32. 1 Proposal 3 BUs, Legal & Security Approval 5 Development

    and Deployment 4 API Governance Board 2 Testing Step-by-step expansion process Building the API Catalogue
  33. Beta Tester program Engaging developers to test your APIs Tests

    and shape the new APIs Community (internal & external) Remote usability tests (~45 minutes) Beta Tester rewards
  34. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1
  35. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token
  36. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token 3 3 Fake backend with static JSON responses
  37. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token 3 3 Fake backend with static JSON responses 4 4 Private repository with automatic deployment
  38. Beta Tester program Safe and controlled environment 1 Beta Tester

    access privately to Swagger 1 2 2 Swagger shooter with auth Token 3 3 Fake backend with static JSON responses 4 4 Private repository with automatic deployment 5 5 APIs shootable from Postman (or code)
  39. None
  40. None
  41. © Amadeus IT Group and its affiliates and subsidiaries •

    First time Amadeus attends Hackwars, hackathon organized annually by American Airlines • 24 hours long, 20th-21st April 2018 • 1200 developers, 120 teams • 37 tech providers, including: Google, Amazon, IBM, Red-Hat, Oracle, Salesforce, MongoDB, GitHub, Docker, Intel, Cisco... Hackathons American Airlines Hackathon Key Figures
  42. © Amadeus IT Group and its affiliates and subsidiaries •

    Hack the Journey, Nice • HackWars V, Dallas • Hack the Journey, Madrid • #Hack4SD, Oviedo • Blockchained Mobility Hackathon, Munich • Futurize, Bangalore • Hack MIT, Boston • Turkish Airlines Hackathon, Istanbul • South Summit, Madrid Hackathons Several Hackathons - Different approaches
  43. Before the event During the event After the event 1.

    Preliminary interviews / surveys 2. Direct observation 3. Support questions 4. Additional challenges 5. Teams’ interviews 6. Anonymous surveys 7. Monitor metrics 8. Follow up with participants Maximizing the value of the Hackathons How do we collect and measure feedback?
  44. 1 Proposal 3 BUs, Legal & Security Approval 5 Development

    and Deployment 4 API Governance Board 2 Testing Release Step-by-step expansion process Building the API Catalogue
  45. Developer Experience

  46. Developer Experience Platform characteristics Documentation: Static, Dynamic Tutorials and Sample

    code SDK: How many languages?
  47. Photo by Yvette de Wit on Unsplash

  48. • Open innovation programs bring always value • Test from

    early phases of the program • Be consistent with the APIs • Listen to your API consumers! Conclusions & key takeaways
  49. Thank you! Thank you! developers.amadeus.com @amadeus4dev amadeus4dev developers@amadeus.com