Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Open API and API Management - Introduction and ...

Kai Waehner
October 22, 2014

Open API and API Management - Introduction and Comparison of Products: TIBCO API Exchange, IBM, Apigee, 3scale, WSO2, MuleSoft, Mashery, Layer 7, Vordel

In October 2014, I had a talk at Jazoon in Zurich, Switzerland: "A New Front for SOA: Open API and API Management as Game Changer"

Open API represent the leading edge of a new business model, providing innovative ways for companies to expand brand value and routes to market, and create new value chains for intellectual property. In the past, SOA strategies mostly targeted internal users. Open APIs target mostly external partners.

This session introduces the concepts of Open API, its challenges and opportunities. API Management will become important in many areas, no matter if business-to-business (B2B) or business-to-customer (B2C) communication. Several real world use cases will discuss how to gain leverage due to API Management. The end of the session shows and compares API management products from different vendors such as TIBCO API Exchange, IBM, Apigee, 3scale, WSO2, MuleSoft, Mashery, Layer 7, Vordel

Kai Waehner

October 22, 2014
Tweet

More Decks by Kai Waehner

Other Decks in Technology

Transcript

  1. A new Front for SOA: Open API and API Management

    Kai Wähner Technical Lead [email protected] @KaiWaehner www.kai-waehner.de LinkedIn / Xing à Please connect!
  2. © Copyright 2000-2014 TIBCO Software Inc. Consulting Developing Coaching Speaking

    Writing Selling Main Tasks Requirements Engineering Enterprise Architecture Management Business Process Management Architecture and Development of Applications Service-oriented Architecture Integration of Legacy Applications Cloud Computing Big Data Contact Email: [email protected] Blog: www.kai-waehner.de/blog Twitter: @KaiWaehner Social Networks: LinkedIn, Xing Kai Wähner
  3. Disclaimer ! These opinions are my own and do not

    necessarily represent my employer
  4. © Copyright 2000-2014 TIBCO Software Inc. Open API enables additional

    revenue and new business models! API Management targets external and internal users! API Management consists of three Parts: Gateway, Portal and Analytics! Key Messages
  5. © Copyright 2000-2014 TIBCO Software Inc. Agenda – Open  API  from

     a  Business  Perspec3ve   – Open  API  from  a  Technical  Perspec3ve   – Products  for  API  Management  
  6. © Copyright 2000-2014 TIBCO Software Inc. Agenda – Open  API  from

     a  Business  Perspec3ve   – Open  API  from  a  Technical  Perspec3ve   – Products  for  API  Management  
  7. The New API Economy" Open   APIs   Internet  

    Business   Models   Mobile   Device   Explosion   Service   Oriented   Agility   Innova3on   Revenue   Growth   Brand     Expansion   New     Channels   Drivers   Opportunity   © Copyright 2000-2014 TIBCO Software Inc."
  8. The Open API Business Model" •  Access to data or

    business functionality provided using public APIs " •  External developers embed your functionality in their applications" •  Focus is on leveraging existing APIs in new ways" " API Consumers Channel Partners In-House Developers External Developers Mobile App’s Enterprise App’s B2B App’s API Providers Internal Data & REST & SOAP Services Exposed As Consumed By Delivered To Pay Per Use Business Logic Innovate
  9. Open API Opportunities" Open API initiative are often driven by

    the line-of-business, not IT:! " Revenue Growth:! •  New revenue streams via repurposed APIs" •  Expand channel partners & customers" •  Extend brand value and market reach" Cost Reduction / Increased Efficiency:! •  Reduce costs through partner self service" •  Increase supply chain and B2B flexibility" •  Enhance R&D through crowd source innovation"
  10. © Copyright 2000-2014 TIBCO Software Inc." Real World Use Cases

    for Open API" •  Paypal (eCommerce consumer) è Pay everything with the same online payment service in a secure, but also very easy way" •  Amazon Web Services (IT infrastructure) è Use Amazon‘s gigantic data center in a flexible, elastic, but also very cheap way for your changing computation demands" •  Domino‘s Pizza (mobile enablement) è Order your next pizza from your smartphone app (includes choosing menu, using coupons, doing payment, etc.)"
  11. © Copyright 2000-2014 TIBCO Software Inc." “Charge to Bill” –

    Vodafone’s Open API for Developers" “As a partner of Vodafone, Charge to Bill gives you access to over 100 million subscribers in 8 countries through a single integration point, a single contract and a single rate card.” (http://developer.vodafone.com/uploads/public/2011/04/08/vodafone_charge_to_bill.pdf) “It’s like a built-in payment system that everyone can use! No pre-registration, no usernames or passwords to remember and no credit card or other payment information required. Just a very simple and convenient way to pay.”
  12. © Copyright 2000-2014 TIBCO Software Inc. Agenda – Open  API  from

     a  Business  Perspec3ve   – Open  API  from  a  Technical  Perspec3ve   – Products  for  API  Management  
  13. © Copyright 2000-2014 TIBCO Software Inc. Service-oriented Architecture (SOA) http://www.theserverside.de/einfuhrung-in-soa-serviceorientierte-architekturen/

    (several years old – created by Sun Microsystems) SOA Tools •  Enterprise Service Bus (ESB) •  Business Process Management (BPM) •  Complex Event Processing (CEP) •  Service Registry •  Service Repository •  Policy Management •  …
  14. What is an “Open API”?" Your   Enterprise   Closed

     APIs   EDI Web B2B SOA FTP Pre-­‐defined  integra3on  points   Limited,  trusted  partners   Strictly  constrained  interac3ons   Enterprise  friendly   Open  APIs   Opportunis3c  access  points     Many  partners,  untrusted   Encourage  new  ideas   Developer  friendly   Your   Enterprise   Partners Innovators Known Parties Consumers Unknown Parties Suppliers Coopetition Employees API API API API API API API API API API API API API API API API API API API API
  15. © Copyright 2000-2014 TIBCO Software Inc." Common Scenarios" •  Open

    API – Developer portal and API gateway" •  Partner Gateway – Access control for well known external parties" •  Mobile App Gateway – Access control for Apps deployed externally" •  Cloud Integration Gateway – Governance and Mediation control for SaaS" •  Internal Governance – Manage internal SOA" "
  16. Creating an Open API" 1.  Open enterprise services as APIs"

    2.  Make it easy for others to use them" 3.  Act on feedback" API  Manager   API  Gateway   API  Analy3cs   © Copyright 2000-2014 TIBCO Software Inc."
  17. API Management Architecture" API Gateway! Runtime routing and security enforcement"

    " Enterprise  Service  Bus   ERP   MDM   DB   WMS   SOA   API Consumers! Application Developers" API Providers! API Product Managers" API Analytics! Interactive visualization of usage and behavior! API Manager! Portal for API providers and consumers" " Composite Consumer Domain Target Service Domain Target Facade Consumer Target Provider Facade Target Target Endpoint Facade Operation Target Provider Facade Policies Target Policies Router Routing Policies Partner Policies Facade Endpoint Target Operation
  18. Open API and TIBCO API Exchange" Authorize   Validate  

    ThroOle   Route   Transform   Mediate   API Exchange Gateway API Requests Service Calls Enterprise  Service  Bus   ERP   MDM   DB   WMS   SOA   Event   Processing   BPM   Leverage existing services Gain access control Minimize security risks •  Authoriza3on  -­‐  whose  requests   •  Access  control  granularity  down  to  service  endpoint   •  Single-­‐edit  configura3on  changes  through  web  user  interface   •  Security  standards:  LDAP,  SAML,  OAuth,  WSPolicy,  etc.   •  Thro>ling  -­‐  when  requests  are  handled   •  Rate  &  High-­‐Water  Mark,  Quota,  Time-­‐of-­‐Day,  Error-­‐rate/Payload-­‐size,                                         Group  Logical,  Traffic  shaping   •  Policies  and  throOles  can  be  extended  with  declara3ve  rule  language                                                               in  Studio   •  Rou3ng  -­‐  where  requests  are  handled   •  Single-­‐edit  configura3on  through  web  user  interface   •  In-­‐line  transforma3on  through  configura3on   •  Orchestra3on  logic  can  be  hot-­‐deployed   •  By  opera3on,  version,  size,  3me  of  day,  etc.   •  Media3on  -­‐  how  requests  are  handled   •  ‘Flow’  logic   •  Transforma3on  and  Valida3on  logic   •  Caching  logic     Cache  
  19. Solution – Open API and TIBCO API Exchange" Browse, Subscribe,

    Monitor API  Exchange     Manager   API  Management  Portal   Publish Policies Audit Events Partners & Developers Product Managers & System Admin Authorize   Validate   ThroOle   Route   Transform   Mediate   API Exchange Gateway API Requests Service Calls Enterprise  Service  Bus   ERP   MDM   DB   WMS   SOA   Event   Processing   BPM   Leverage existing services Expand channels Build and distribute products with ease Gain access control Minimize security risks Easily manage the product LC
  20. API Portal" © Copyright 2000-2014 TIBCO Software Inc." •  Your

    “Web Storefront” for APIs! –  Browse and discover APIs" –  Try before you buy" –  Subscription management" –  Manage your API “product”"
  21. •  Engage new & returning users" –  Internal users" – 

    Development partners" –  General public" •  Customize Content" –  Branding" –  Change menu structure/terms" –  Mix dynamic and static pages" –  Manage support artifacts – sample programs, white papers" Landing Page" © Copyright 2000-2014 TIBCO Software Inc."
  22. •  Product Catalog" –  Commercial offerings of APIs" •  Browse"

    –  By Category" •  Search" –  By text" Browse Product Catalog" © Copyright 2000-2014 TIBCO Software Inc."
  23. •  Documentation" –  Product and API docs" •  Product Plans

    " –  Tiered offerings" –  Total requests per day" –  Maximum per second" View Product Detail" © Copyright 2000-2014 TIBCO Software Inc."
  24. •  View REST interface" –  methods, resources, error" •  Test

    from Browser" –  before purchase" –  or with credentials" •  Generated GUI" –  Uses API specification (Swagger JSON)" API Explorer" © Copyright 2000-2014 TIBCO Software Inc."
  25. © Copyright 2000-2014 TIBCO Software Inc." Live Demo" „TIBCO API

    Exchange Manager and Portal“ in Action...
  26. © Copyright 2000-2014 TIBCO Software Inc." API  Consumer   Understand

    usage and performance through interactive reporting for both API providers and consumers API  Provider                         Operational Monitoring" Auditing (SLAs)" Application Performance" Usage/Limit Monitoring" Debugging" Measure and improve application performance" Measure and improve on the success of API initiatives" API Analytics" API Performance (KPIs)"
  27. Solution – Open API and TIBCO API Exchange" API Usage

    Operational Analytics Browse, Subscribe, Monitor API  Exchange     Manager   API  Management  Portal   Publish Policies Audit Events Partners & Developers Product Managers & System Admin Authorize   Validate   ThroOle   Route   Transform   Mediate   API Exchange Gateway API Requests Service Calls Enterprise  Service  Bus   ERP   MDM   DB   WMS   SOA   Event   Processing   BPM   Leverage existing services Expand channels Support mobile strategy Build and distribute products with ease Optimize product usage Gain access control Minimize security risks Easily manage the product LC
  28. Interactive Analytics for API Provider" •  Analytics and visualization of

    APIs" –  Isolate problems through data discovery" –  Trend analysis for capacity planning" –  Identify new opportunities to monetize" © Copyright 2000-2014 TIBCO Software Inc."
  29. Interactive Analytics for API Consumer" •  Analytic view of transactional

    data" •  By Organizational Unit (business domain)" •  By Consumer (business partner)" •  By Usage Type (success, failure)" •  Can include OPIs as well as KPIs" © Copyright 2000-2014 TIBCO Software Inc."
  30. © Copyright 2000-2014 TIBCO Software Inc. Agenda – Open  API  from

     a  Business  Perspec3ve   – Open  API  from  a  Technical  Perspec3ve   – Products  for  API  Management  
  31. © Copyright 2000-2014 TIBCO Software Inc. API Management Products Gateway

    Analytics Portal What do you need? API Management Middleware Stack (Messaging, Integration, Master Data, etc.)
  32. © Copyright 2000-2014 TIBCO Software Inc. API Management Products How

    to categorize? -  Some focus just on an API Gateway, some focus just on a Portal, many focus on a complete solution. -  Some focus mostly on API Management, many offer a complete middleware stack. -  Some are open source, most are proprietary. -  Some are small and independent, most are built or acquired by big vendors. -  Some focus on complex enterprise scenarios, others care about “simple cases” (i.e. cheaper and easier to use, but way less powerful). -  Some overpromise.
  33. © Copyright 2000-2014 TIBCO Software Inc." Questions you should ask

    yourself before choosing" •  What API features do you need? Gateway, Portal, Analytics? •  How easy to install and use the product? Are the tools mature and powerful (more than just “hello world”)? •  How many API-specific features are available out-of-the-box (for implementation, integration, testing, deployment, logging, subscription, billing, dashboards, etc.)? Extensibility (connectors, security, reports, etc.)? •  Do you just want to build a directory for your existing service, or do you want a real infrastructure for building, governing, deploying, and managing your services? •  Do you just want to use REST services, or do you also want / have to use other service protocols such as SOAP or JMS? •  Do you need a flexible configuration, routing options and user management using different security standards (e.g. LDAP, SAML, Kerberos, OAuth, WS-*, XACML, etc.)? •  Do you need an elastic highly scalable architecture for millions of messages (based on event driven architecture instead of synchronous HTTP calls)? •  What kind of caching and throttling capabilities do you need? •  Do you need to extend the portal to your needs (regarding topics such as service management, developer portal, analytics)? •  Do you want to leverage other products of the same vendor (e.g. products for integration, mapping, transformation, routing, business processes, complex event processing, etc.)? •  Do you want to deploy your API Management solution on premise or in the cloud? If in the cloud, is virtualization through VMs fine for you, or do you want a real, i.e. elastic, cloud solution?Is it required to configure your API engine for running in your DMZ on existing servers?
  34. © Copyright 2000-2014 TIBCO Software Inc. Open API enables additional

    revenue and new business models! API Management targets external and internal users! API Management consists of three Parts: Gateway, Portal and Analytics! Key Messages