Post on 23-Jan-2017
Last Updated: August. 2015
WSO2 API ManagementVision and Roadmap
Vice President, Platform Evangelism, WSO2Chris Haddad
Solutions Architect, WSO2Shiroshica Kulatilake
Agenda
o Key goals and challenges driving API platform adoption
o WSO2 API Platform capabilities and advantages
o Visionary platform use cases
o Innovative customer success stories
Applications Platform
Business Process, Rules & Workflows
Platform-as-a-Service
Identity Admin Services
Monitoring
Business APIs
Device Cloud
Realtime Events Processing
Devices OEMs Enterprises
Integration
Common Business Architecture
REST Easy with API 101
An API is a business capability delivered over the Internet to internal or external consumers
• Network accessible function
• Available using standard web protocols
• With well-defined interfaces
• Designed for access by third-parties
http://wso2.com/whitepapers/rest-easy-api-design-evolution-and-connection/
API Adoption Barriers
Inability to configure service per consumer
Limited Scale
Difficult to manage requirements and coordinate schedules
Difficult On-Ramp
Invisible business capabilities
Poor documentation
Lengthy access process
Delivery concerns
trust in stability, reliability, availability, performance
Security Risks
To Solve Adoption Barriers:Evolve beyond Naked APIs
A Managed API is:✓ Actively advertised and subscribe-able
✓ Exhibits high Quality of Service (QoS)
✓ Available with Service Level Agreements (SLAs)
✓ Secured, authenticated, authorized and protected
✓ Monitored and monetized with analytics
http://wso2.com/whitepapers/wso2-whitepaper-soa-and-api-convergence-strategy-and-tactics/
Why use an API Management Platform
o Easily build and deploy a managed API
o Rapidly re-factor legacy services as consumable RESTful APIs
o Increase API adoption
o Solve difficult Quality of Service, lifecycle, and governance challenges
o Demonstrate API business value
http://wso2.com/whitepapers/api-management-platform-technical-evaluation-framework/
What API Management Platform Offers
o Increase API adoptiono Enhance API visibility by offering developer portal
o Offer self-service access
o Engage the community
o Easily build and deploy a managed APIo Apply RESTful API design notations
o Assign service level tiers and access controls
o One button publication into production
What API Management Platform Offers
o Rapidly re-factor legacy services as consumable RESTful APIso Mediation primitives
o Align developer experience with RESTful design
What API Management Platform Offers
o Solve difficult Quality of Service, lifecycle, and governance challengeso Service level tiers, monitoring
o Approval workflow
o API versioning and lifecycle states
o Demonstrate API business valueo Subscription, usage, performance, monetization
API PlatformEvaluation Vectors
oSolutions Architecture
oDesign and Implement
oSecure
oPublish and Engage
oMonitor and Manage
oAnalyze API Interactions
http://wso2.com/whitepapers/api-management-platform-technical-evaluation-framework/
Solutions Architecture
Category Score
Intuitive Development Experience
DevOps Friendly
Delivers High Quality of Service and Performance
Easily Deployed in Your Run-time Environment
Pluggable, Extensible, and Themable
Platform APIs
Platform multi-tenancy support
Efficient Pricing and Excellent Support
http://wso2.com/whitepapers/api-management-platform-technical-evaluation-framework/
Solution Topology
Enterprise SOA and API Integration Platform: API-centric View
Design and Implement
API Design and Implementation
Category Score
API Design
API Documentation
API Façade Development
API Mediation and Orchestration
Service Level Definition
API Test
http://wso2.com/whitepapers/api-management-platform-technical-evaluation-framework/
o ???
Safely and securely deliver mission critical APIs
SecureCategory Score
Access Control, Authentication, and Key ManagementGovernance and ComplianceAttack PreventionConfidentiality, integrity, and privacyIdentity and Credential ManagementInfrastructure Integration and Deployment Topology
Trust and Policy
User Management
http://wso2.com/whitepapers/api-management-platform-technical-evaluation-framework/
Passing Auth Information to back-end services
o Using JSON Web Tokens (JWT) o Lightweight
o Can be signed
o Easy to parse and consume
o Standard
Foster API Team Collaboration
Image: © Rawpixel - Fotolia.com
Publish and Engage
Category Score
API Consumption
API Economy
API Publication
Community Management
http://wso2.com/whitepapers/api-management-platform-technical-evaluation-framework/
Boost the API Economyo Fully customizable look and feel
o Multiple Storefronts for diverse communities
o Multiple publisher groups
o Flexible Service Level Tiers
o Flexible monetization engine
Monitor and Manage
Category Score
Configuration Management
Release Management
Patch Management
Policy Management
Service Level Management
High Availability and Reliability
Performance
Disaster Recovery
Monitoring and Alerts
Compliance Reporting and Governancehttp://wso2.com/whitepapers/api-management-platform-technical-evaluation-
framework/
Operate at the Speed of BusinessGovern the API
Govern the API
Category Score
DashboardLifecycle ManagementMeta-data ManagementPortfolio ManagementService Level ManagementUsage ManagementVersion Management
http://wso2.com/whitepapers/api-management-platform-technical-evaluation-framework/
API Product Governance
o Manage Dependencies
o Track adoption o Usage and Subscription Tracking
o Manage Compatibilityo Backwards or Forwards
o Versioning
o Communicate Migration Strategieso Deprecation, Retirement
End to End Governance
o An API can pass through multiple states
o CREATED
o PUBLISHED
o DEPRECATED
o RETIRED
o BLOCKED
o Service Alignment
Compass and Gearing
You can’t manage what you can’t measure.
Analyze API Interactions
Category Score
API EconomyArchitectureComplianceDeveloper ExperienceMonitoring and ManagementPortfolio ManagementSecurityUsage
http://wso2.com/whitepapers/api-management-platform-technical-evaluation-framework/
30
Why Analytics and API Management are important together?
o Build confidence in the API model
o Understand your customer
o Not just the developer but also the end-user
o Help manage services and versions
o Understand when deprecated services can be retired
o Plan better
o Monitor the growth of aggregated API traffic
o Monitor the growth of specific apps
o Even if you’re not going to put analytics in place, make sure you capture all events right from beginning of project.
Service Re-use Dashboard
WSO2 API Management Roadmap
WSO2 API Management 1.9
• Sharing capabilities for Applications (subscriptions)
• Pluggable Versioning Pattern
• Support for OAuth 2.0 back-ends.
• Support for third party Identity Systems for Key
Management.
WSO2 API Management Roadmap
• Improved Developer Experience
• Data Model support for response (JSON Schema)
• API Explorer
• Web based test execution
• Enhanced Community Collaboration
• Notification Support
WSO2 API Management Roadmap
• Security and Scalability
• Security Access Control Tool
• Social Media Login
• Complex Throttling Rules
• DevOps Advantage
• Improved Import/Export capabilities
• DevOps Configuration Screens
• API Monitoring dashboard
• Provisioning Improvement
Future Gate
http://wso2.com/api-management/try-it/
http://wso2.com/cloud/api-cloud/
Access the WSO2 API Platform
WSO2 API Management Case Studies
Case Study: StubHub – Managing high volumes of data for viral businesses
StubHub needed an API centric architecture to become the
worldwide destination for an end-to-end experience for fans
ProductProduct
Challenge• StubHub was missing out on potential channel of new business
revenue with a looming competitive threat from industry peers and newcomers
• The solution demanded the development of an API economy strategy, and re-architecting a running business
• There was a need for a scalable system, which while handling high volumes of data, also has the ability to constantly evolve as an agile system
• It had to not only be a product, but a platform that can leverage broad third-party developers and businesses to thrive
Solution• A high performance and scalable API management solutions system
that can handle high volumes of traffic• A simple lifecycle model that can be customized and extended to align
with the company’s API strategies• WSO2’s integration suite not only exposes existing capabilities, but
helps to deploy new systems to maximize value, analyze, results, etc.
Case Study: Axiata-MIFE– A Platform for Telcos to expose Services
Axiata needed a horizontal platform to integrate with rapidly
evolving OTT providers
Products
Challenge• Create a collaborative web-centric layer to which plugging in partner
services is seamless and easily accepted• The solution had to be scalable, flexible in deployment, interoperable,
robust and most importantly low on cost• The ability to constantly evolve as an agile system was a must since
service consumers had to be provided with fast time to market and service providers had to be able to churn out the needed services and integrate these rapidly
• Reusable components had to be introduced which would take care of the main integration aspects
Solution• A Platform which provided API and Identity federation in an easily
pluggable and extendable manner• Created “Gateway” and “Hub” reusable components for integration
points• A deployment which is hybrid with a suite of products which are both
cloud and on-premise friendly• Linked to GSMA hub, Axiata hub and many Mobile Network Operators
as pure “Gateways”
Case Study: State of Arizona- PaaS based API centric solution
A Private PaaS solution to onboard all state agencies to a single platform.
Challenge• Build an API centric DevOps PaaS with on demand scaling of
middleware• Create APIs which could be used across different state departments
with different policy levels being applied when consumed through a state department application
• Provide federated identity with a Statewide unified security architecture enabling internal and external login with Policy based Authentication & Authorization
• A Statewide governance model spanning across design, development through production
Solution• A platform that facilitates onboarding of State Agencies, DevOps,
Citizen and Employee profiles• A solution based on Open architecture and modular design• Reusable app services and a platform to leverage analytics to improve
operations• Highly extensible, Scalable architecture capable of driving processes
Products
Case Study: Fidelity- An Enterprise Solution which spans multiple
environments
An API Management platform with artefacts catalogued and governed across multiple environments
Challenge• Need to support Artefacts (Services and API’s) through an elaborate
lifecycle process• Maintain a separate set of environments for Development, Testing and
Productions which had to be integrated with each of the products dealing with those artifacts
• Govern the lifecycle of Artefacts across all environments to thrive
Solution• An API Solution that provides a re-usable service catalogue that can
be utilized by developers• A Governance solution that governs artefacts across multiple
environments from development and testing through production using the extension points in the middleware products
• High Availability setup through Active/Active Deployments plus data center replication and cross site failover setup
Products
WSO2 API Management Effective Usage
43
Flexible Deployment
44
API-M - Distributed Deployment
45
API-M - Multi Datacenter Deployment
Integrating within the Platform
Integrating outside the Platform
User Experience
• Design
- API console, Documentation, Import swagger definitions
• Testing
- Console, ReadyAPI integration
• Subscription
- Search, try it, community features
• Automation
- Import/export, Mulitple gateways, REST APIs
Connect the WorldConnect the World