2. API Economy
⢠Treat your APIS as one of your value added products
⢠Added value service for your customers
⢠Monetization of new services through business models
⢠Flexibility for future transitions
⢠Additional revenue streams
⢠What are businesses core assets?
⢠Customer data
⢠Processes
⢠Functionality
⢠Content
⢠Future Business Opportunities
⢠Leverage core assets + External Services
2
Business
Value
Added
value
services
Core Assets
Core Assets
+ External
Services
3. How To Monetize an API?
⢠Analytics expose metrics
⢠Access Control
⢠API call to exposed analytics and reporting services
⢠Every component of APIM is exposed as a REST API
3
4. Monetization: Transactional
⢠Transactional Processing
⢠Micropayment solutions
⢠Revenue based on volume
⢠Fee per transaction
⢠API (fee per call)
⢠Global Cash Card
⢠Experian
⢠Paypal
⢠Google Maps API
4
9. Manual
⢠Build your own
⢠Multiple methods
⢠API Key
⢠Oauth2
⢠Basic
⢠Be a security expert
⢠Ensure update schedule
⢠Manually manage edits
Managed
⢠Choose method
⢠API Key | Oauth2 | Basic
⢠Publish your API
⢠Global configuration settings
⢠Easily updated
⢠Managed software
⢠Regular update schedule
Access Control
10. Manual
⢠Build a manual approach
⢠Stick with it
⢠Manually update connected
consumers of changes
⢠Create a notification system
for URI changes
Managed
⢠Specify the version number
in publish workflow
⢠Choose Lifecycle
⢠Draft
⢠Published
⢠Deprecated
⢠Retired
⢠Notifications happen
automatically
Versioning & Lifecycle
11. Manual
⢠Potentially leverage an
analytics API
⢠Build your own
⢠Complex
⢠High effort level
Managed
⢠Auto-generated
⢠Customized Views/Reports
⢠Drag and drop
⢠Detailed statistics
⢠Drill-down click through
Analytics
12. Manual
⢠Manually Implement
documentation framework
⢠Swagger
⢠RAML
Managed
⢠Integrated Swagger
⢠Subscribers can view
formatted details of APIs
⢠Lifecycle of API
⢠Version/Description
⢠Security Level
⢠Resources
Documentation
13. Manual
⢠Create a cache layer
⢠How to cache?
⢠Where to store cache?
⢠What to cache?
Managed
⢠Click the box and specify
timeouts
⢠Cache response (GET)
⢠Method level caching
Caching
14. Manual
⢠Build test platform for user
roles
⢠Creating API
⢠Consuming API
Managed
⢠Available Interface for testing
based on role
⢠Publisher testing at creation
⢠Subscriber testing via portal
⢠View
⢠Inputs & Request details
⢠Returned JSON/XML
details
⢠Status codes
Testing
15. Manual
⢠Build a new site for
developers to view APIs
⢠Complex project
⢠Resourcing
⢠High effort level
Managed
⢠Roles based portal available
⢠Publisher Role
⢠Create APIs
⢠Manage subscribers
⢠Metrics Dashboard
⢠Subscriber Role
⢠Explore APIs
⢠Register Applications
⢠Subscribe to API
Portals
16. API Management Platform 2016
6
ď§ Throughput: single node â More than a
billion requests per day!
ď§ Negligible latency for thousands of
concurrent users < 30ms
ď§ Throughput: 1.8x per additional node
ď§ Users: 2x more per additional node
ď§ Latency: continues to be < 30ms
ď§ Simplified API workflows
ď§ Intuitive user interface
ď§ Easy analytics interface
Speedy SimpleScalable
17. Request Flow of an API Manager7
</>
APIGateway
API
Portal
REST
REST
REST
SOAP
Partner
IoT
People
Adobe ColdFusion
Intranet App Server
Cloud Network
19. Future Updates and Plans
⢠Update release target mid-November 2016
⢠Primary Focus on Threat Protection
⢠Track a range of vulnerabilities
⢠Maximum request size associated with an API
⢠Restrict access to the API based on a range of IP address
⢠Validation of XML/JSON data based on the number of nested levels of data
⢠configurable by the publisher
⢠DOS, can have many nested levels to break API
⢠specify the schema of what is acceptable
⢠Prevention of XSS by encoding the input to an API
⢠Protection against CSRF
⢠Ability to enforce HTTPS for the API request to the gateway
⢠2 way SSL (between API Manager and End point)
9
20. Future Updates and Plans
⢠Basic and Oauth added to Test Workflow
⢠Multiple test end points: support for Oauth
⢠Error response in JSON/XML format rather than HTML
⢠Unbundled Installer
⢠User Management:
⢠SAML Integration for Portals
⢠role-driven
⢠Multitenancy â Sandboxed Partners
⢠different portals and different administrators
⢠organization level concept with own policies
⢠JSON to XML and XML to JSON choice
0
21. Proof of Concept Opportunity
1
21
API
Manager
POC
Direct
Engineering
Resources
No License
Required
Hot Fix
Support
Step by
Step
Guidance
Contact:
elishia@adobe.com
22. More API Focused Sessions
⢠Powering Adobe PhoneGap Applications with ColdFusion APIs
⢠Monday 2:45-3:45pm
⢠Build your own secure and real-time Dashboard for mobile and web
⢠Monday 4-5pm
⢠Customer Showcase: Bringing the API manager into your existing stack
⢠Monday 4-5pm
⢠Deep Dive into new API Manager : Hands on Approach (BYOL â VM install prerequisite)
⢠Tuesday10:15 -12:30 (Walkthrough)
⢠Security and Access Control for APIs using ColdFusion API Manager
⢠Tuesday4 -5pm
2